[SECURITY] Fedora 43 Update: gst-devtools-1.26.11-1.fc43

Development and debugging tools for GStreamer...

[SECURITY] Fedora 44 Update: gst-devtools-1.28.1-1.fc44

Development and debugging tools for GStreamer...

pwntools

This is a CTF Capture The Flag framework and exploit development library. It is written in Python and provides a set of tools for developing and executing exploits. The library is designed to be extensible and customizable, allowing users to easily add new functionality and plugins. The library i...

pwntools

This is a CTF Capture The Flag framework and exploit development library. It is a Python library that provides a set of tools for developing exploits and performing penetration testing. The library is designed to be extensible and customizable, allowing users to easily add new features and plugin...

CVE-2025-48414

There are several scripts in the web interface that are accessible via undocumented hard-coded credentials. The scripts provide access to additional administrative/debug functionality and are likely intended for debugging during development and provides an additional attack surface...

Do Not Install Debugging Tools

Debugging scripts and tools in the service environment may be exploited by attackers to launch attacks. Therefore, do not install any debugging tools or files in the production environment. Such tools or files include but not limited to: code debugging tool privilege escalation commands, scripts,...

How to Capture a Memory Dump from a Provisioned Target in a Hyper-V Environment

This article describes how to generate a memory dump file from a provisioned target in a Hyper-V environment.This process requires no modification to the virtual machine. Requirements Download and install the Debugging Tools for Windows package from Microsoft's web site: Debugging Tools for Windo...

Unauthorized Access

SilverStripe is vulnerable to Unauthorized Access. The vulnerability is due to failure to restrict access via the URL parameters isDev and isTest with debugging tools intended only for development "dev mode", which allows unauthenticated users to expose sensitive debugging information typically...

GHSA-55QG-6C4M-MW6G silverstripe/framework's URL parameters `isDev` and `isTest` unguarded

The URL parameters isDev and isTest are accessible to unauthenticated users who access a SilverStripe website or application. This allows unauthorised users to expose information that is usually hidden on production environments such as verbose errors including backtraces and other debugging tool...

PT-2024-40090 · Silverstripe · Silverstripe

Name of the Vulnerable Software and Affected Versions: SilverStripe versions prior to 4.x Description: The issue allows unauthorized users to expose information typically hidden in production environments, such as verbose errors and debugging tools, by accessing certain URL parameters. This is...

SUSE CVE-2009-0368

OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a 1 low level APDU command or 2 debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program...

What is fuzz testing? What is it used to test for?

Fuzz testing, regularly known as fuzzing, is a product testing procedure that incorporates embedding flawed or arbitrary information FUZZ into a product framework to recognize coding issues and security issues. Fuzz testing involves infusing information into a framework utilizing robotized or...

Citrix Diagnostics Toolkit - 32bit Edition

Where to download ? Certain legacy Citrix tools are now available on request only. Please submit the request here - https://forms.gle/obA39PEz5qpDiSPq8 Once we verify your request, we will provide access to the download location. Citrix Diagnostic Toolkit x86 – C.D.T Citrix Diagnostic Toolkit x86...

pwntools

This repository is an offensive tool for binary exploitation. It is a collection of common binary exploitation tools, including pwntools, a Python library for binary exploitation. The repository includes a variety of tools and scripts for exploiting vulnerabilities in binaries, including exploit...

AndroidSecNotes

It is an offensive tool for Android. The repository contains learning notes about Android Security, specifically about the Android Runtime ART and its debugging tools. The notes cover the format of Dex files, the ART runtime, and the Hook framework. The notes mention the use of the "oatdump" tool...

VirtualBox 6.0.4 r128413 - COM RPC Interface Code Injection Host Privilege Escalation Exploit

Exploit for windows platform in category local exploits VirtualBox: COM RPC Interface Code Injection Host EoP Platform: VirtualBox 6.0.4 r128413 x64 on Windows 10 1809 Class: Elevation of Privilege Summary: The hardened VirtualBox process on a Windows host doesn’t secure its COM interface leading...

VirtualBox 6.0.4 r128413 - COM RPC Interface Code Injection Host Privilege Escalation

VirtualBox: COM RPC Interface Code Injection Host EoP Platform: VirtualBox 6.0.4 r128413 x64 on Windows 10 1809 Class: Elevation of Privilege Summary: The hardened VirtualBox process on a Windows host doesn’t secure its COM interface leading to arbitrary code injection and EoP. Description: This...

SUSE-SU-2018:4023-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2018-18544: Fixed memory leak in the function WriteMSLImage bsc1113064. Non-security issues fixed: - Improve import documentation bsc1057246. - Allow override system security policy bsc1117463. - asanbuild: build...

Time Travel Debugging: finding Windows GDI flaws

Introduction Microsoft Patches for October 2018 included a total of 49 security patches. There were many interesting ones including kernel privilege escalation as well as critical ones which could lead to remote code execution such as the MSXML one. In this post we will be analysing a case of a W...

EhTrace - Tool for Tracing Execution of Binaries on Windows

Eh'Trace pronounced ATrace is a binary tracing tool for Windows. Implemented in C but has some interesting properties that may make it suitable for tracing binaries when other methods are not sufficient, in particular EhTrace does not require changes to a binary to enable traces, despite being ab...