Raven - Advanced Cyber Threat Map (Simplified, Customizable, Responsive)

Raven - Advanced Cyber Threat Map Simplified, customizable and responsive. It uses D3.js with TOPO JSON, has 247 countries, 100,000 cities, and can be used in an isolated environment without external lookups!. Live - Demo https://qeeqbox.github.io/raven/ Offline - Demo Features Uses D3.js Not...

Subdomain Enumeration Tool: Amass

Amass is the subdomain enumeration tool with the greatest number of disparate data sources that performs analysis of the resolved names in order to deliver the largest number of quality results. Amass performs scraping of data sources, recursive brute forcing, crawling of web archives, permuting...

GHSA-QMJG-G86H-6RC9 d3.js is malware

The d3.js package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security concern i...

maltodextrin (=1.0.0), sk-stand (=0.2.12) +2 more potentially affected by CVE-2017-16044 via d3.js (=0.0.2-security)

d3.js NPM version =0.0.2-security is affected by a known vulnerability. The following packages have a transitive dependency on d3.js and may be impacted: - maltodextrin =1.0.0 - sk-stand =0.2.12 - smart-cloud-platform =1.0.0, =0.0.25, =0.0.27 Source cves: CVE-2017-16044 Source advisory:...

Malicious JavaScript Package Detection

Detection and reporting of known malicious JavaScript packages or package versions. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

Malicious Typo-Squatting

D3.js was a malicious module as it is developed to hijack environment variables and send it to attacker’s controlled location...

CVE-2017-16044

d3.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...

Code injection

d3.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...

CVE-2017-16044

CVE-2017-16044 corresponds to the npm package d3.js , reported as a malware module that hijacks environment variables and exfiltrates them to attacker-controlled endpoints. The community advisories (GHSA, npm advisory) state that all versions have been unpublished from the npm registry. The root ...

CVE-2017-16044

d3.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...

Hijacked Environment Variables

Overview The d3.js package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...

OSINT Gathering Tool: Inquisitor

OSINT Gathering Tool Inquisitor is a simple for gathering information on companies and organizations through the use of Open Source Intelligence OSINT sources. The key features of Inquisitor include: 1. The ability to cascade the ownership label of an asset e.g. if a Registrant Name is known to...

Python Network Recon Framework: ivre

IVRE Instrument de veille sur les réseaux extérieurs or DRUNK Dynamic Recon of UNKnown networks is a network recon framework, including two modules for passive recon one p0f -based and one Bro -based and one module for active recon mostly Nmap -based, with a bit of ZMap . External programs /...