WiFi-Pumpkin v0.7.5 - Framework for Rogue Wi-Fi Access Point Attack

WiFi-Pumpkin is a security tool that provides the Rogue access point to Man-In-The-Middle and network attacks. Installation Kali 2.0/WifiSlax 4.11.1/Parrot 2.0.5 Python 2.7 git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git cd WiFi-Pumpkin chmod +x installer.sh ./installer.sh --install refer t...

Backdoor Android APK: backdoor-apk

backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool, the Android SDK, smali, etc. This shell script is provided as-is without warranty of any kind and ...

DET - Data Exfiltration Toolkit

DET is provided AS IS, is a proof of concept to perform Data Exfiltration using either single or multiple channels at the same time. The idea was to create a generic toolkit to plug any kind of protocol/service. Slides DET has been presented at BSides Ljubljana on the 9th of March 2016 and the...

Windows File Shares Reconnaissance: SMBCrunch

One of the most time consuming tasks during a security auditing process is diving into file-systems and shares, attempting to identify any potentially sensitive information. SMBCrunch helps penetration testers to quickly identify Windows File Shares on a network, perform a recursive directory...

MPAndroidChart Example - External URLs, Native code usage, SD-card access vulnerabilities

HackApp vulnerability scanner discovered that application MPAndroidChart Example published at the 'play' market has multiple vulnerabilities...

shodan-api NSE Script

Queries Shodan API for given targets and produces similar output to a -sV nmap scan. The ShodanAPI key can be set with the 'apikey' script argument, or hardcoded in the .nse file itself. You can get a free key from N.B if you want this script to run completely passively make sure to include the -...

rusers NSE Script

Connects to rusersd RPC service and retrieves a list of logged-in users. Script Arguments mount.version, nfs.version, rpc.protocol See the documentation for the rpc library. Example Usage nmap -sV --script=rusers Script Output | USER ON FROM SINCE IDLE | LOGIN console 2015-11-08T12:03:50 8h55m58s...

Fedora 23 : qemu-2.4.1-6.fc23 (2016-42778e8c82)

CVE-2015-8745: vmxnet3: don't assert reading registers in bar0 bz 1295442 CVE-2015-8567: net: vmxnet3: host memory leakage bz 1289818 CVE-2016-1922: i386: avoid NULL pointer dereference bz 1292766 CVE-2015-8613: buffer overflow in megasasctrlgetinfo bz 1284008 CVE-2015-8701: Buffer overflow in...

Pemcracker - Tool To Crack Encrypted PEM Files

This tool is inspired by pemcrack by Robert Graham. The purpose is to attempt to recover the password for encrypted PEM files while utilizing all the CPU cores. It still uses high level OpenSSL calls in order to guess the password. As an optimization, instead of continually checking against the P...

Beurk - Experimental Unix Rootkit

BEURK is an userland preload rootkit for GNU/Linux, heavily focused around anti-debugging and anti-detection. NOTE: BEURK is a recursive acronym for B EURK E xperimental U nix R oot K it Features Hide attacker files and directories Realtime log cleanup on utmp/wtmp Anti process and login detectio...

Typo3 4.2 / 4.5 Information Disclosure

INFORMAÇÕES: ---------------------------------------------------------- + Name: 0day Typo3 - Full Info Disclosure + Type: Full Info Disclosure + Vendor: https://typo3.org/typo3-cms/ + VULNERABLE VERSIONS: 4.2, 4.5 ---------------------------------------------------------- + AUTOR: Cleiton Pinheir...

Threat Outbreak Alert RuleID18452: Email Messages Distributing Malicious Software on October 3, 2015

Medium Alert ID: 41384 First Published: 2015 October 5 13:41 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID18452 may contain the following files: Name |...

Avast Antivirus X.509 Error Rendering Command Execution Exploit

Exploit for windows platform in category remote exploits Source: https://code.google.com/p/google-security-research/issues/detail?id=546 Avast will render the commonName of X.509 certificates into an HTMLLayout frame when your MITM proxy detects a bad signature. Unbelievably, this means...

Bash: How to open TCP/UDP sockets

How to open TCP/UDP sockets using a built-in feature in Bash ? Bash shell has a built-in feature that allows to open TCP/UDP sockets using a simple syntax. This is very useful when tools like netcat are not installed or we don’t have the permission to use it. The syntax is $ exec...

Shadow Infosystem Arbitrary File Download

|||||||||||||||||||||||||||||||||||||||||| |--------------------------------------------------------------| |+ Exploit Title: Shadow Infosystem Arbitrary File Download |+ |+ Exploit Author: Ashiyane Digital Security Team |+ |+ Vendor Homepage: http://shadowinfosystem.com |+ |+ Google Dork:...

PEframe - Tool to perform static analysis on Portable Executable malware

PEframe is a open source tool to perform static analysis on Portable Executable malware. Usage $ peframe malware.exe $ peframe --option malware.exe Options --json Output in json --import Imported function and dll --export Exported function and dll --dir-import Import directory --dir-export Export...

WordPress ACF Frontend Display Shell Upload

+---------------------------------------------------------------------------+ + Author: TUNISIAN CYBER + Title: WP Plugin Free ACF Frontend Display File Upload Vulnerability + Date: 3-07-2015 + Type: WebAPP + Tested on: KaliLinux + Friendly Sites: sec4ever.com + Twitter: @TCYB3R...

PT-2015-6098 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.1.2 Description: The issue is related to a race condition in the Linux kernel, specifically in the net/sctp/socket.c file. This condition allows local users to cause a denial of service, resulting in list...

UBUNTU-CVE-2015-1266

content/browser/webui/contentwebuicontrollerfactory.cc in Google Chrome before 43.0.2357.130 does not properly consider the scheme in determining whether a URL is associated with a WebUI SiteInstance, which allows remote attackers to bypass intended access restrictions via a similar URL, as...

UBUNTU-CVE-2015-3429

Cross-site scripting XSS vulnerability in example.html in Genericons before 3.3.1, as used in WordPress before 4.2.2, allows remote attackers to inject arbitrary web script or HTML via a fragment identifier...