Multi-Juicer - Run Capture The Flags And Security Trainings With OWASP Juice Shop

Running CTFs and Security Trainings with OWASP Juice Shop is usually quite tricky, Juice Shop just isn't intended to be used by multiple users at a time. Instructing everybody how to start Juice Shop on their own machine works ok, but takes away too much valuable time. MultiJuicer gives you the...

Faraday presents the latest version of their Security Platform for Vulnerability Management Automation

Miami, February 19, 2020 - Faraday is opening 2020 by strengthening their releases using the featured cybersecurity worldwide events calendar, starting next week with BSides and RSAC in San Francisco. As a Blackhat Global Partner, the company will also participate as a sponsor in all BH’s global...

When Launching Published Applications via Citrix Storefront Receiving Error "Cannot connect to server, Please check your network and try again."

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. After Storefront branding customization, users that are accessing applications from the receiver are...

XSS Vulnerability in Ridewind's Multi-User PHP Statistics System

Ride the wind multi-user PHP statistics system can be statistics PV and IP traffic , can be used for online store statistics , can change the skin , you can choose the number , icon , text , message , statistics can be any search engine keywords . Ride the wind multi-user PHP statistics system...

CVE-2019-18244

In OSIsoft PI System multiple products and versions, a local attacker could view sensitive information in log files when service accounts are customized during installation or upgrade of PI Vision. The update fixes a previously reported issue...

heschatt.org Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1040873 Security Researcher metamorfosec Helped patch 1980 vulnerabilities Received 9 Coordinated Disclosure badges Received 32 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting heschatt.org website...

shoefax.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1028757 Security Researcher geeknik Helped patch 8958 vulnerabilities Received 8 Coordinated Disclosure badges Received 21 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting shoefax.com website and it...

Custom Header - Automatic Add New Header To Entire BurpSuite HTTP Requests

This Burp Suite extension allows you to customize header with put a new header into HTTP REQUEST BurpSuite Scanner, Intruder, Repeater, Proxy History and also you can choose whatever HTTP VERB what do you want to customize. Usage Easy to use ! : Don't forget to click save button ! Changelog 24...

Persistence – PowerShell Profile

PowerShell profile is a PowerShell script which enables system administrators and users to customize their environment and to execute specific commands when a PowerShell session initiates. It is similar to logon scripts that are used heavily by Administrators to map network drives and printers fo...

How To Customize The Window Title Of Native Citrix Receiver Authentication Dialogs

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. All native Citrix Receiver authentication dialogs have title “Citrix Receiver” thus: This article...

Choose the right ingress controller for your Kubernetes environment

Choosing the right ingress controller can help you ensure the right infrastructure, direction, and level of customization. Get the information about ingress controllers you need. The post Choose the right ingress controller for your Kubernetes environment appeared first on Wallarm Blog...

Choose the right ingress controller for your Kubernetes environment

Choosing the right ingress controller can help you ensure the right infrastructure, direction, and level of customization. Get the information about ingress controllers you need. The post Choose the right ingress controller for your Kubernetes environment appeared first on Wallarm Blog...

DumpsterFire - "Security Incidents In A Box!" A Modular, Menu-Driven, Cross-Platform Tool For Building Customized, Time-Delayed, Distributed Security Events

DumpsterFire Toolset - "Security Incidents In A Box!" The DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create...

Commando VM 2.0: Customization, Containers, and Kali, Oh My!

The Complete Mandiant Offensive Virtual Machine “Commando VM” swept the penetration testing community by storm when it debuted in early 2019 at Black Hat Asia Arsenal. Our 1.0 release made headway featuring more than 140 tools. Well now we are back again for another spectacular release, this time...

Customize NetScaler Gateway authentication page to match the modern appearance

This article provides information on customizing the on-premises Citrix Gateway authentication page to use a modern experience. This is recommended when the on-premises Citrix Gateway is used as the identity provider for Citrix Workspace, or when using StoreFront with the modern experience...

Metatag - Moderately critical - Information disclosure - SA-CONTRIB-2019-058

This module enables you to customize meta tags to help with a site's search engine ranking and improve the display of page summaries when shared on social networks. The module doesn't sufficiently check for a site being in maintenance mode. This vulnerability is mitigated by the fact that the sit...

Qualys Cloud Platform (VM, PC) 8.20 New Features

This new release of the Qualys Cloud Platform VM, PC, version 8.20, includes several new features in Qualys Cloud Platform and additional support for multiple technologies in Qualys Policy Compliance. Feature Highlights Qualys Cloud Platform Configure Password Expiration Notification – Now users...

Liferay Portal 7.1 CE GA=3 / SimpleCaptcha API - Cross-Site Scripting

Exploit Title: Liferay Portal ” / or ” /. A customized Liferay portlet which directly calls the Simple Captcha API without sanitizing the input could be susceptible to this vulnerability. Poc In a sample scenario of custom code calling the ” / JSP taglib, appending a payload like the following to...

Trigmap - A Wrapper For Nmap To Automate The Pentest

Trigmap is a wrapper for Nmap. You can use it to easily start Nmap scan and especially to collect informations into a well organized directory hierarchy. The use of Nmap makes the script portable easy to run not only on Kali Linux and very efficient thanks to the optimized Nmap algorithms. Detail...

Netartmedia PHP Car Dealer SQL Injection

Exploit Title: Netartmedia PHP Car Dealer- SQL Injection Date: 19.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.netartmedia.net/autodealer/ Demo Site: https://www.phpscriptdemos.com/autodealer/ Version: Lastest Tested on: Kali Linux CVE: N/A Description:The PHP Car Dealer...