Onion Decoy Server

A platform to run private unannounced Honeypots as Tor Hidden Services aka Onion Decoys inside the Tor Network. The Onion Decoys are implemented with Docker containers as honeypots. The reason to choose Docker is that it is good at process and filesystem isolation, which ultimately gives the...

WPScan v2.9.4 - Black Box WordPress Vulnerability Scanner

WPScan is a black box WordPress vulnerability scanner. INSTALL WPScan comes pre-installed on the following Linux distributions: BackBox Linux Kali Linux Pentoo SamuraiWTF BlackArch On macOS WPScan is packaged by Homebrew as wpscan. Windows is not supported We suggest you use the official Docker...

mitm-router - Man-in-the-middle Wireless Access Point Inside a Docker Container

Turn any linux computer into a public Wi-Fi network that silently mitms all http traffic. Runs inside a Docker container using hostapd, dnsmasq, and mitmproxy to create a open honeypot wireless network named "Public". For added fun, change the network name to "xfinitywifi" to autoconnect anyone w...

CoMisSion: Open Source WhiteBox CMS Analysis Tool

PenTestIT RSS Feed Less than a week ago, an open source white-box CMS analysis tool was released - CoMisSion. I had covered a similar local web application vulnerability scanner - pyfiscan. This new tool tends to automate a lot of tasks that help you analyze a CMS setup and tend to be long, tedio...

dockerscan - Docker Security Analysis and Hacking Tools

What's dockerscan A Docker analysis tools Very quick install python3.5 -m pip install -U pip python3.5 -m pip install dockerscan Show options: dockerscan -h Available actions Currently Docker Scan support these actions: Scan: Scan a network trying to locate Docker Registries Registry Delete: Dele...

Plecost v1.1.1 - Wordpress Finger Printer Tool

What's Plecost? Plecost is a vulnerability fingerprinting and vulnerability finder for Wordpress blog engine. Why? There are a huge number of Wordpress around the world. Most of them are exposed to be attacked and be converted into a virus, malware or illegal porn provider, without the knowledge ...

LinEnum v0.6 - Scripted Local Linux Enumeration and Privilege Escalation Checks

LinEnum will automate many of the checks that I’ve documented in the Local Linux Enumeration & Privilege Escalation Cheatsheet. It’s a very basic shell script that performs over 65 checks, getting anything from kernel information to locating possible escalation points such as potentially useful...

Qualys Cloud Suite 8.10.2 New Features

This new patch release of the Qualys Cloud Suite, version 8.10.2, includes updates to shared platform features, a new role for user management, and expanded Policy Compliance platform support. Feature Highlights Qualys Cloud Platform Limit number of external scanners – You can now limit the numbe...

Man-in-the-middle Router

Turn any linux computer into a public Wi-Fi network that silently mitms all http traffic. Runs inside a Docker container using hostapd , dnsmasq , and mitmproxy to create a open honeypot wireless network named “Public”. For added fun, change the network name to “xfinitywifi” to autoconnect anyone...

Linux Gather Container Detection

This module attempts to determine whether the system is running inside of a container and if so, which one. This module supports detection of Docker, WSL, LXC, Podman and systemd nspawn. This module requires Metasploit: https://metasploit.com/download Current source:...

Mercure - A Tool For Security Managers Who Want To Train Their Colleague To Phishing

Mercure is a tool for security managers who want to teach their colleagues about phishing. What Mercure can do: Create email templates Create target lists Create landing pages Handle attachments Let you keep track in the Campaign dashboard Track email reads, landing page visits and attachment...

kernel: Memory leaks in xfs_attr_list.c error paths

A flaw was found in the Linux kernel's implementation of XFS file attributes. Two memory leaks were detected in xfsattrshortformlist and xfsattr3leaflistint when running a docker container backed by xfs/overlay2. A dedicated attacker could possible exhaust all memory and create a denial of servic...

kernel: Memory leaks in xfs_attr_list.c error paths

A flaw was found in the Linux kernel's implementation of XFS file attributes. Two memory leaks were detected in xfsattrshortformlist and xfsattr3leaflistint when running a docker container backed by xfs/overlay2. A dedicated attacker could possible exhaust all memory and create a denial of servic...

Sn1per - Automated PenTest Recon Scanner

Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. DEMO VIDEO: FEATURES: Automatically collects basic recon ie. whois, ping, DNS, etc. Automatically launches Google hacking queries against a target domain Automatically enumerates...

Rancher Server - Docker Exploit

Utilizing Rancher Server, an attacker can create a docker container with the '/' path mounted with read/write permissions on the host server that is running the docker container. As the docker container executes command as uid 0 it is honored by the host operating system allowing the attacker to...

Attack Uses Docker Containers To Hide, Persist and Plant Malware

LAS VEGAS—A novel attack vector allows for adversaries to abuse the Docker API to hide malware on targeted systems, and even execute remote code. The proof of concept attack was developed by researchers at Aqua Security, and the technique was first demonstrated today at Black Hat by Sagie Dulce,...

Multi Gather Docker Credentials Collection

This module will collect the contents of all users' .docker directories on the targeted machine. If the user has already push to docker hub, chances are that the password was saved in base64 default behavior. This module requires Metasploit: https://metasploit.com/download Current source:...

Docker Daemon - Unprotected TCP Socket Exploit

Utilizing Docker via unprotected tcp socket 2375/tcp, maybe 2376/tcp with tls but without tls-auth, an attacker can create a Docker container with the '/' path mounted with read/write permissions on the host server that is running the Docker container. As the Docker container executes command as...

CVE-2017-11468

It was found that docker-distribution did not properly restrict memory allocation size for a registry instance through the manifest endpoint. An attacker could send a specially crafted request that would exhaust the memory of the docker-distribution service...

Unbounded Memory Allocation

github.com/docker/distribution is vulnerable to unbounded memory allocation attacks. The vulnerability exists through the use of StorageDriver.GetContent which allows an attacker to cause an application crash...