Jackhammer - One Security Vulnerability Assessment/Management Tool To Solve All The Security Team Problems

One Security vulnerability assessment/management tool to solve all the security team problems. What is Jackhammer? Jackhammer is a collaboration tool built with an aim of bridging the gap between Security team vs dev team, QA team and being a facilitator for TPM to understand and track the qualit...

DevAudit - Open-source, Cross-Platform, Multi-Purpose Security Auditing Tool

DevAudit is an open-source, cross-platform, multi-purpose security auditing tool targeted at developers and teams adopting DevOps and DevSecOps that detects security vulnerabilities at multiple levels of the solution stack. DevAudit provides a wide array of auditing capabilities that automate...

Cameradar v2.1.0 - Hacks Its Way Into RTSP Videosurveillance Cameras

An RTSP stream access tool that comes with its library Cameradar allows you to Detect open RTSP hosts on any accessible target host Detect which device model is streaming Launch automated dictionary attacks to get their stream route e.g.: /live.sdp Launch automated dictionary attacks to get the...

Evilginx2 v2.2.0 - Standalone Man-In-The-Middle Attack Framework Used For Phishing Login Credentials Along With Session Cookies, Allowing For The Bypass Of 2-Factor Authentication

evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection. This tool is a successor to Evilginx, released in 2017, which used a custom version of nginx HTTP server to provide...

RCE in PHP or how to bypass disable_functions in PHP installations

Today we will explore an exciting method to remotely execute code even if an administrator set disablefunctions in the PHP configuration file. It works at most popular UNIX-like systems. CVE-2018–19518 was assigned to the vulnerability was found by a man with the @crlf nickname. Let’s see details...

RHEL 7 : Red Hat OpenShift Enterprise 3.2 (RHSA-2016:1094)

"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:1094 advisory. OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private clo...

Securing Containers in The AWS Cloud with Trend Micro

Rapid adoption of containers is changing the way that businesses build their applications. Services like Amazon ECS, Amazon EKS, and AWS Fargate let builders focus on solving business problems instead of managing infrastructure. But the move to containers also requires a shift in how you approach...

WPScan v3.4.0 - Black Box WordPress Vulnerability Scanner

WPScan is a free, for non-commercial use, black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their sites. INSTALL Prerequisites: Ruby = 2.2.2 - Recommended: 2.3.3 Curl = 7.21 - Recommended: latest - FYI the 7.29 has a segfault...

NodeJsScan - A Static Security Code Scanner For Node.js Applications

Static security code scanner SAST for Node.js applications. Configure & Run NodeJsScan Install Postgres and configure SQLALCHEMYDATABASEURI in core/settings.py pip3 install -r requirements.txt python3 migrate.py Run once to create database entries required python3 app.py Testing Environment...

CMS Scanner - Scan Wordpress, Drupal, Joomla, vBulletin Websites For Security Issues

Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues. CMSScan provides a centralized Security Dashboard for CMS Security scans. It is powered by wpscan, droopescan, vbscan and joomscan. It supports both on demand and scheduled scans and has the ability to sent email reports...

Nmap Web Dashboard and Reporting: WebMap

Features Import and parse Nmap XML files Statistics and Charts on discovered services, ports, OS, etc… Inspect a single host by clicking on its IP address Attach labels on a host Insert notes for a specific host Create a PDF Report with charts, details, labels and notes Copy to clipboard as Nikto...

ACHE - A Web Crawler For Domain-Specific Search

ACHE is a focused web crawler. It collects web pages that satisfy some specific criteria, e.g., pages that belong to a given domain or that contain a user-specified pattern. ACHE differs from generic crawlers in sense that it uses page classifiers to distinguish between relevant and irrelevant...

Privilege Escalation

hadoop-yarn-server-nodemanager is vulnerable to a privilege escalation. The library does not properly sanitize input from the LinuxContainerExecutor when running in a docker container, allowing authenticated user to run commands in the container as a root user...

Security Bulletin: A Security Vulnerability could affect IBM® Cloud Private (CVE-2018-10892)

Summary Users of IBM Cloud Private and the IBM Cloud Automation Manager component could be affected by a vulnerability in Docker Vulnerability Details CVEID: CVE-2018-10892 DESCRIPTION: Docker could allow a local attacker to bypass security restrictions, caused by the failure to block /proc/acpi...

VB-Trend 2018 Splunk Conference

Today I attended VB-Trend 2018 Splunk conference organized by system integrator VolgaBlob. Video fragments from the event: Comparing to "Splunk Discovery Day", the conference was much smaller less than 100 people, focused on technical aspects, Information Security and informal communication. And...

Security Bulletin: Hard-coded credentials used in IBM dashDB Local (CVE-2016-8954)

Summary Hard-code credentials in IBM dashDB Local might be exploited by an attacker. Vulnerability Details CVEID: CVE-2016-8954 DESCRIPTION: IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database. CVSS Base Score: 9.8 CVS...

vulhub

It is an offensive tool for Web Application. The repository contains a collection of pre-built vulnerable docker environments, including a web application vulnerable to various attacks. The tool is designed to help developers and security researchers test and demonstrate the effectiveness of web...

Evince 3.24.0 Command Injection

Exploit Title: evince command line injection Date: 2017-09-05 Exploit Author: Matlink Vendor Homepage: https://wiki.gnome.org/Apps/Evince Software Link: https://wiki.gnome.org/Apps/Evince Version: 3.24.0 Tested on: Debian sid CVE : CVE-2017-1000083 Can be tested on docker with...

Evince 3.24.0 - Command Injection Exploit

Exploit for linux platform in category dos / poc Exploit Title: evince command line injection Exploit Author: Matlink Vendor Homepage: https://wiki.gnome.org/Apps/Evince Software Link: https://wiki.gnome.org/Apps/Evince Version: 3.24.0 Tested on: Debian sid CVE : CVE-2017-1000083 Can be tested on...

Evince 3.24.0 - Command Injection

Evince 3.24.0 - Command Injection Exploit Title: evince command line injection Date: 2017-09-05 Exploit Author: Matlink Vendor Homepage: https://wiki.gnome.org/Apps/Evince Software Link: https://wiki.gnome.org/Apps/Evince Version: 3.24.0 Tested on: Debian sid CVE : CVE-2017-1000083 Can be tested ...