CVE-2026-33992

pyLoad is a free and open-source download manager written in Python. Prior to version 0.5.0b3.dev97, PyLoad's download engine accepts arbitrary URLs without validation, enabling Server-Side Request Forgery SSRF attacks. An authenticated attacker can exploit this to access internal network service...

pyLoad: Server-Side Request Forgery via Download Link Submission Enables Cloud Metadata Exfiltration

Summary PyLoad's download engine accepts arbitrary URLs without validation, enabling Server-Side Request Forgery SSRF attacks. An authenticated attacker can exploit this to access internal network services and exfiltrate cloud provider metadata. On DigitalOcean droplets, this exposes sensitive...

Droplet Agent 安全漏洞

Droplet Agent is an open-source tool developed by DigitalOcean for managing and monitoring DigitalOcean Droplets. Versions of Droplet Agent prior to 1.3.2 contain security vulnerabilities. These vulnerabilities stem from the fault diagnosis executor component failing to properly validate inputs...

WordPress DigitalOcean Spaces Sync plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin DigitalOcean Spaces Sync versions = 2.2.1...

CVE-2023-0391: MGT-COMMERCE CloudPanel Shared Certificate Vulnerability and Weak Installation Procedures

While using the popular self-hosted web administration solution, CloudPanel from MGT-COMMERCE, Rapid7 researcher Tod Beardsley discovered three security concerns. The first, an issue involving the trustworthiness of the installation script provided by the vendor, was an instance of CWE-494:...

Breaking the Zeppelin Ransomware Encryption Scheme

Brian Krebs writes about how the Zeppelin ransomware encryption scheme was broken: The researchers said their break came when they understood that while Zeppelin used three different types of encryption keys to encrypt files, they could undo the whole scheme by factoring or computing just one of...

Overlord - Red Teaming Infrastructure Automation

Overlord provides a python-based console CLI which is used to build Red Teaming infrastructure in an automated way. The user has to provide inputs by using the tool’s modules e.g. C2, Email Server, HTTP web delivery server, Phishing server etc. and the full infra / modules and scripts will be...

VPS-Docker-For-Pentest - Create A VPS On Google Cloud Platform Or Digital Ocean Easily With The Docker For Pentest

Create a VPS on Google Cloud Platform or Digital Ocean easily with the docker for pentest included to launch the assessment to the target. Requirements Terraform installed Ansible installed SSH private and public keys Google Cloud Platform or Digital Ocean account. Usage 1.- Clone the repository...

Dropcontact: No Valid SPF Records

Hiii, There is any issue No valid SPF Records Desciprition : There is a email spoofing vulnerability.Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is a tactic used in phishing...

DigitalOcean: Blind XSS via Digital Ocean Partner account creation form.

Summary: Blind Cross-Site Scripting XSS was discovered at Digital Ocean Partners admin panel/dashboard where an attacker can run arbitrary Javascript Code at victims' end. Due to the absence of an HTTPonly cookie, an attacker can successfully steal the cookies of the user and use them to login to...

Pwndrop - Self-Deployable File Hosting Service For Red Teamers, Allowing To Easily Upload And Share Payloads Over HTTP And WebDAV

pwndrop is a self-deployable file hosting service for sending out red teaming payloads or securely sharing your private files over HTTP and WebDAV. If you've ever needed to quickly set up an nginx/apache web server to host your files and you were never happy with the limitations of python -m...

Acunetix Vulnerability Scanner Version For Linux

Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix for Linux. Known to be reliable, cost-effective and secure, Linux is the server operating system of choice for many large organizations including Facebook, Twitter, and Google. Acunetix is...

Evilginx v2.0 - Standalone Man-In-The-Middle Attack Framework Used For Phishing Login Credentials Along With Session Cookies, Allowing For The Bypass Of 2-Factor Authentication

evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection. This tool is a successor to Evilginx, released in 2017, which used a custom version of nginx HTTP server to provide...

hideNsneak - A CLI For Ephemeral Penetration Testing

This application assists in managing attack infrastructure for penetration testers by providing an interface to rapidly deploy, manage, and take down various cloud services. These include VMs, domain fronting, Cobalt Strike servers, API gateways, and firewalls. Black Hat Arsenal Video Demo Video ...

CLI for Ephemeral Penetration Testing: hideNsneak

This application assists in managing attack infrastructure for penetration testers by providing an interface to rapidly deploy, manage, and take down various cloud services. These include VMs, domain fronting, Cobalt Strike servers, API gateways, and firewalls. hideNsneak provides a simple...

PwnAdventure3 - Game Open-World MMORPG Intentionally Vulnerable To Hacks

Pwnie Island is a limited-release, first-person, true open-world MMORPG set on a beautiful island where anything could happen. That's because this game is intentionally vulnerable to all kinds of silly hacks! Flying, endless cash, and more are all one client change or network proxy away. Are you...

DevOps: Vagrant with AWS EC2 & Digital Ocean

The Benefits of Vagrant Plugins Following on from my recent DevOps blog posts, The DevOps Tools We Use & How We Use Them and Vagrant with Chef-Server, we will take another step forward and look into provisioning our servers in the cloud. There are many cloud providers out there, most who provide...

Through AWS, Google Cloud and Digital Ocean DNS vulnerability take over nearly 12 million domain names-bug warning-the black bar safety net

Shortly before, I was at cloud hosting provider Digital Ocean domain into the system found a security vulnerability, an attacker or may exploit this vulnerability to take over two million of the plurality of domain names in the report of the transfer gate on. If you have not read this report whil...

The Orphaned Internet – Taking Over 120K Domains via a DNS Vulnerability in AWS, Google Cloud, Rackspace and Digital Ocean

Recently, I found that Digital Ocean suffered from a security vulnerability in their domain import system which allowed for the takeover of 20K domain names. If you haven't given that post a read I recommend doing so before going through this write up. Originally I had assumed that this issue was...

Apache Libcloud Digital Ocean API本地信息泄露漏洞

BUGTRAQ ID: 64617 CVECAN ID: CVE-2013-6480 libcloud 是用Python开发的访问云计算服务的统一接口。 Apache Libcloud 0.12.3-0.13.2版本销毁DigitalOcean节点时，没有发送scrubdata query参数，这可使本地攻击者利用此漏洞获取敏感信息。 0 Apache Group Libcloud 0.12.3 - 0.13.3 厂商补丁： Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...