66 matches found
Empire - PowerShell Post-Exploitation Agent
Empire is a pure PowerShell post-exploitation agent built on cryptologically-secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz,...
Lack of CSPRNG Threatens WordPress Sites
WordPress has become a huge target for attackers and vulnerability researchers, and with good reason. The software runs a large fraction of the sites on the Internet and serious vulnerabilities in the platform have not been hard to come by lately. But there’s now a new bug that’s been disclosed i...
PWGen - Generator of cryptographically-strong passwords
PWGen is a professional password generator capable of creating large amounts of cryptographically-secure passwords or passphrases consisting of words from a word list. It uses a “random pool ” technique to generate random data based on user inputs keystrokes, mouse handling and volatile system...
Debian DSA-1935-1 : gnutls13 gnutls26 - several vulnerabilities
Dan Kaminsky and Moxie Marlinspike discovered that gnutls, an implementation of the TLS/SSL protocol, does not properly handle a '\0' character in a domain name in the subject's Common Name or Subject Alternative Name SAN field of an X.509 certificate, which allows man-in-the-middle attackers to...
Debian Security Advisory DSA 1935-1 (gnutls13 gnutls26)
The remote host is missing an update to gnutls13 gnutls26 announced via advisory DSA 1935-1. OpenVAS Vulnerability Test $Id: deb19351.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1935-1 gnutls13 gnutls26 Authors: Thomas Reinke Copyright: Copyright c 2009...
PPTP Service Detection
The remote host seems to be running a PPTP VPN service, this service allows remote users to connect to the internal network and play a trusted rule in it. This service should be protect with encrypted username & password combinations, and should be accessible only to trusted individuals. By defau...