Remote Services Using Post-Quantum Ciphers

This plugin reports network services that offer post-quantum ciphers and enumerates the post-quantum ciphers that they offer. Tenable makes no attempt to determine whether the remote service is actually hardened against a post-quantum attack. TRUSTED...

Allowed HTTP Methods Enumeration

Enumerates which HTTP methods are allowed. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Windows Network Config Enumeration

Enumerates Windows network configuration details. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid176477; scriptversion"1.1"; scriptsetattributeattribute:"pluginmodificationdate", value:"2024/07/29"; scriptnameenglish:"Windows Network Config Enumeration";...

Stonesoft VPN Client 6.2.0 / 6.8.0 - Local Privilege Escalation Exploit

Exploit Title: Stonesoft VPN Client 6.2.0 / 6.8.0 - Local Privilege Escalation Exploit Author : TOUHAMI KASBAOUI Vendor Homepage : https://www.forcepoint.com/ Software: Stonesoft VPN Windows Version : 6.2.0 / 6.8.0 Tested on : Windows 10 CVE : N/A Description local privilege escalation vertical...

Reconky - A Great Content Discovery Bash Script For Bug Bounty Hunters Which Automate Lot Of Task And Organized It

Reconky is a script written in bash to automate the task of recon and information gathering.This Bash Script allows you to collect some information that will help you identify what to do next and where to look for the required target. Usage ./reconky.sh Main-Features It will Gathers Subdomains wi...

Malicious Package in pm-controls

Version 1.1.8 of pm-controls contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment and evaluate yo...

AWSBucketDump - Security Tool to Look For Interesting Files in S3 Buckets

AWSBucketDump is a tool to quickly enumerate AWS S3 buckets to look for loot. It's similar to a subdomain bruteforcer but is made specifically for S3 buckets and also has some extra features that allow you to grep for delicious files as well as download interesting files if you're not afraid to...

sip-methods NSE Script

Enumerates a SIP Server's allowed methods INVITE, OPTIONS, SUBSCRIBE, etc. The script works by sending an OPTION request to the server and checking for the value of the Allow header in the response. Script Arguments sip.timeout See the documentation for the sip library. Example Usage nmap...

SMB Use Host SID to Enumerate Local Users Without Credentials

Using the host security identifier SID, Nessus was able to enumerate local users on the remote Windows system, without credentials. C Tenable Network Security, Inc. @PREFERENCES@ include'compat.inc'; if description scriptid56211; scriptversion"1.12";...

Enumerates List of Windows Hotfixes

This script is enumerating the list of all installed Windows hotfixes on the remote host and saves the enumerated info into the internal Knowledge Base for later use. Copyright C 2008 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C ...