Lucene search
K

299 matches found

Kitploit
Kitploit
added 2022/06/16 12:30 p.m.28 views

Admin-Panel_Finder - A Burp Suite Extension That Enumerates Infrastructure And Application Admin Interfaces (OTG-CONFIG-005)

A burp suite extension that enumerates infrastructure and application Admin Interfaces. OWASP References: Classification : Web Application Security Testing 02-Configuration and Deployment Management Testing OTG v4 : OWASP OTG-CONFIG-005 WSTG : WSTG-CONF-05 Why should I use this extension?...

6.9AI score
Exploits0References1
Fedora
Fedora
added 2022/06/01 1:27 a.m.18 views

[SECURITY] Fedora 35 Update: weechat-3.5-2.fc35

WeeChat Wee Enhanced Environment for Chat is a portable, fast, light and extensible IRC client. Everything can be done with a keyboard. It is customizable and extensible with scripts...

1.4AI score
Exploits0
OpenVAS
OpenVAS
added 2022/06/01 12:0 a.m.7 views

Fedora: Security Advisory for weechat (FEDORA-2022-d165104234)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Code423n4
Code423n4
added 2022/05/15 12:0 a.m.13 views

YieldManager: Uniswap token swaps through fixed path may break yield distribution

Lines of code Vulnerability details Details & Impact All harvested yield tokens are swapped through the Uniswap adapter to USDC. While out of scope, the Uniswap adapter code is relevant here, as I note that the path taken for the swap would be assetFrom - WETH - assetTo unless assetFrom is alread...

7AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/05/11 4:0 p.m.22 views

Center for Threat-Informed Defense, Microsoft, and industry partners streamline MITRE ATT&CK® matrix evaluation for defenders

The MITRE Center for Threat-Informed Defense, Microsoft, and other industry partners collaborated on a project that created a repeatable methodology for developing a top MITRE ATT&CK® techniques list. The method aims to facilitate navigation of the ATT&CK framework, which could help new defenders...

Exploits0
Microsoft Secure
Microsoft Secure
added 2022/05/11 4:0 p.m.18 views

Center for Threat-Informed Defense, Microsoft, and industry partners streamline MITRE ATT&CK® matrix evaluation for defenders

The MITRE Center for Threat-Informed Defense, Microsoft, and other industry partners collaborated on a project that created a repeatable methodology for developing a top MITRE ATT&CK® techniques list. The method aims to facilitate navigation of the ATT&CK framework, which could help new defenders...

Exploits0
ThreatPost
ThreatPost
added 2022/05/10 12:24 a.m.26 views

Low-rent RAT Worries Researchers

For about the price of a cup of Starbucks latte, a hacker is renting out a remote access trojan designed to backdoor targeted networks. Dubbed as Dark Crystal RAT or DCRat, the malware is being peddled online to hackers in Russian by a lone rookie malware writer with a penchant for cut-rate...

7.7AI score
Exploits0References1
Kitploit
Kitploit
added 2022/01/14 11:30 a.m.35 views

Raven - Advanced Cyber Threat Map (Simplified, Customizable, Responsive)

Raven - Advanced Cyber Threat Map Simplified, customizable and responsive. It uses D3.js with TOPO JSON, has 247 countries, 100,000 cities, and can be used in an isolated environment without external lookups!. Live - Demo https://qeeqbox.github.io/raven/ Offline - Demo Features Uses D3.js Not...

7.1AI score
Exploits0References2
Fedora
Fedora
added 2021/12/05 1:39 a.m.20 views

[SECURITY] Fedora 34 Update: vdr-skinnopacity-1.1.8-1.fc34.1

The VDR plugin "nOpacity" is a highly customizable native true color skin for the Video Disc Recorder...

1.3AI score0.0071EPSS
Exploits1
Fedora
Fedora
added 2021/11/12 12:38 a.m.9 views

[SECURITY] Fedora 35 Update: vdr-skinnopacity-1.1.8-3.fc35

The VDR plugin "nOpacity" is a highly customizable native true color skin for the Video Disc Recorder...

7AI score
Exploits0
HackRead
HackRead
added 2021/11/01 2:36 p.m.18 views

All About Ring’s New Virtual Security Guard

By Owais Sultan Ring’s Virtual Security Guard is a live, customizable motion event monitoring service by Rapid Response that works with the external Ring cameras at home or business. This is a post from HackRead.com Read the original post: All About Rings New Virtual Security Guard...

2AI score
Exploits0
Kitploit
Kitploit
added 2021/10/31 11:30 a.m.33 views

PeTeReport - An Open-Source Application Vulnerability Reporting Tool

PeTeReport Pe nTe st Report is an open-source application vulnerability reporting tool designed to assist pentesting/redteaming efforts, by simplifying the task of writting and generation of reports. Focused in product security, the tool help security researchers and pentesters to provide detaile...

7.2AI score
Exploits0References8
OpenVAS
OpenVAS
added 2021/10/07 12:0 a.m.14 views

Fedora: Security Advisory for rust-wast (FEDORA-2021-1805eacb48)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.3CVSS6.4AI score0.00297EPSS
Exploits0References2
Kitploit
Kitploit
added 2021/09/11 8:30 p.m.45 views

Pollenisator - Collaborative Pentest Tool With Highly Customizable Tools

Pollenisator is a tool aiming to assist pentesters and auditor automating the use of some tools/scripts and keep track of them. Written in python 3 Provides a modelisation of "pentest objects" : Scope, Hosts, Ports, Commands, Tools etc. Tools/scripts are separated into 4 categories : wave,...

7.3AI score
Exploits0References3
CNNVD
CNNVD
added 2021/08/10 12:0 a.m.5 views

IBM Security Guardium 安全漏洞

IBM Security Guardium is a suite of platforms from IBM in the United States that provide data protection capabilities. The platform includes features such as customizable UI, report management and streamlined audit process building. IBM Security Guardium suffers from a security vulnerability that...

9.8CVSS6AI score0.00962EPSS
Exploits0References4
Kitploit
Kitploit
added 2021/08/05 12:30 p.m.237 views

Elpscrk - An Intelligent Common User-Password Profiler Based On Permutations And Statistics

An Intelligent common user-password profiler that's named after the same tool in Mr.Robot series S01E01 In simple words, elpscrk will ask you about all info you know about your target then will try to generate every possible password the target could think of, it all depends on the information yo...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2021/07/01 9:30 p.m.41 views

Invoke-DNSteal - Simple And Customizable DNS Data Exfiltrator

Invoke-DNSteal is a Simple & Customizable DNS Data Exfiltrator. This tool helps you to exfiltrate data through DNS protocol over UDP and TCP, and lets you control the size of queries using random delay. Also, allows you to avoid detections by using random domains in each of your queries and you c...

6.9AI score
Exploits0References1
Drupal
Drupal
added 2021/05/12 12:0 a.m.14 views

Facets - Moderately critical - Cross site scripting - SA-CONTRIB-2021-008

This module enables you to add customizable facets on search pages, from core search or searches provided by Search API. The module doesn't sufficiently filter all output in certain circumstances. This vulnerability is mitigated by the fact that an attacker must have a role with the permission...

6.4AI score
Exploits0References6
Kitploit
Kitploit
added 2021/03/29 8:30 p.m.14 views

KICS - Find Security Vulnerabilities, Compliance Issues, And Infrastructure Misconfigurations Early In The Development Cycle Of Your Infrastructure-As-Code

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx. KICS stands for K eeping I nfrastructure as C ode S ecure, it is open source and is a must-have for any cloud native project...

7.4AI score
Exploits0References8
Malwarebytes
Malwarebytes
added 2021/03/25 6:37 p.m.40 views

Slack hurries to fix direct message flaw that allowed harassment

The enormous work messaging platform Slack quickly reversed course yesterday, promising to revise a brand-new direct message feature that could have been misused for harassment. Added to the company’s “Slack Connect” product—which lets enterprise users share messages with contract workers and...

6.9AI score
Exploits0
Rows per page
Query Builder