Evil Clippy - A Cross-Platform Assistant For Creating Malicious MS Office Documents

A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code via P-Code and confuse macro analysis tools. Runs on Linux, OSX and Windows. Current features Hide VBA macros from the GUI editor VBA stomping P-code abuse Fool analyst tools Serve VBA stomp...

GodOfWar - Malicious Java WAR Builder With Built-In Payloads

A command-line tool to generate war payloads for penetration testing / red teaming purposes, written in ruby. Features Preexisting payloads. try -l/--list cmdget filebrowser bindshell reverseshell reverseshellui Configurable backdoor. try --host/-port Control over payload name. To avoid malicious...

ai.h2o:sparkling-water-core_2.11 (>=2.1.0 <=2.1.24), ai.h2o:sparkling-water-examples_2.11 (>=2.1.0 <=2.1.31) +296 more potentially affected by CVE-2018-8024 via org.apache.spark:spark-core_2.11 (>=2.1.0 <=2.1.2)

org.apache.spark:spark-core2.11 MAVEN version =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.17, =2.1.0, =1.0.0, =2.11-2.1.1-2.2.0, =4.2.0, =4.2.0, =4.2.0, =4.2.0, =4.2.0, =1.0.0, =1.1.2 and more Source cves: CVE-2018-8024 Source advisory: OSV:GHSA-8CW6-5QVP-Q3WJ...

com.hindog.grid:grid-executor-examples_2.11 (>=1.1.0 <=2.0.1) potentially affected by CVE-2017-12625 via org.apache.hive:hive (=2.1.1)

org.apache.hive:hive MAVEN version =2.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.hive:hive and may be impacted: - com.hindog.grid:grid-executor-examples2.11 =1.1.0, =2.0.1 Source cves: CVE-2017-12625 Source advisory:...

[SECURITY] Fedora 29 Update: botan2-2.9.0-1.fc29

Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...

CVE-2019-6719

An issue has been found in libIEC61850 v1.3.1. There is a use-after-free in the getState function in mms/isoserver/isoserver.c, as demonstrated by examples/serverexamplegoose/serverexamplegoose.c and examples/serverexample6140025/serverexample6140025.c...

CVE-2019-6719

An issue has been found in libIEC61850 v1.3.1. There is a use-after-free in the getState function in mms/isoserver/isoserver.c, as demonstrated by examples/serverexamplegoose/serverexamplegoose.c and examples/serverexample6140025/serverexample6140025.c...

Jok3R - Network And Web Pentest Framework

Jok3r is a Python3 CLI application which is aimed at helping penetration testers for network infrastructure and web black-box security tests. Its main goal is to save time on everything that can be automated during network/web pentest in order to enjoy more time on more interesting and challengin...

com.hindog.grid:grid-executor-examples_2.11 (>=1.1.0 <=2.0.1) potentially affected by CVE-2018-1284 via org.apache.hive:hive (=2.1.1)

org.apache.hive:hive MAVEN version =2.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.hive:hive and may be impacted: - com.hindog.grid:grid-executor-examples2.11 =1.1.0, =2.0.1 Source cves: CVE-2018-1284 Source advisory:...

com.hindog.grid:grid-executor-examples_2.11 (>=1.1.0 <=2.0.1) potentially affected by CVE-2018-1315 via org.apache.hive:hive (=2.1.1)

org.apache.hive:hive MAVEN version =2.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.hive:hive and may be impacted: - com.hindog.grid:grid-executor-examples2.11 =1.1.0, =2.0.1 Source cves: CVE-2018-1315 Source advisory:...

org.apache.activemq:apache-activemq (>=5.0.0 <=5.15.16), org.apache.axis2:axis2-integration (=1.4) +3 more potentially affected by CVE-2018-8006 via org.apache.activemq:activemq-web-console (>=5.0.0 <=5.15.5)

org.apache.activemq:activemq-web-console MAVEN version =5.0.0, =5.0.0, =5.15.16 - org.apache.axis2:axis2-integration =1.4 - org.apache.camel:camel-example-cxf =1.3.0 - org.apache.camel:camel-example-jms-file =1.3.0 - org.apache.camel:camel-example-spring-xquery =1.3.0 Source cves: CVE-2018-8006...

BetterCap v2.10 - The Swiss Army Knife For 802.11, BLE And Ethernet Networks Reconnaissance And MITM Attacks

bettercap is the Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and attacks. How to Install A precompiled version is available for each release, alternatively you can use the latest version of the source code from this repository in order to build your own binary. Make sure...

com.github.CCweixiao:hbase-sdk-thrift (=3.0.0), com.hydraql:hydraql-thrift (>=1.0.1 <=1.0.4) +2 more potentially affected by CVE-2018-8025 via org.apache.hbase:hbase-thrift (>=0.96.0-hadoop1 <=1.2.0)

org.apache.hbase:hbase-thrift MAVEN version =0.96.0-hadoop1, =1.0.1, =0.96.0-hadoop1, =0.98.24-hadoop1 Source cves: CVE-2018-8025 Source advisory: OSV:GHSA-R86J-2GC6-2CQ9...

org.apache.hbase:hbase-assembly (=2.0.0), org.apache.hbase:hbase-examples (=2.0.0) potentially affected by CVE-2018-8025 via org.apache.hbase:hbase-thrift (=2.0.0)

org.apache.hbase:hbase-thrift MAVEN version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.hbase:hbase-thrift and may be impacted: - org.apache.hbase:hbase-assembly =2.0.0 - org.apache.hbase:hbase-examples =2.0.0 Source cves:...

com.github.CCweixiao:hbase-sdk-thrift-core_1.x (>=2.0.7 <=2.0.8), org.apache.hbase:hbase-assembly (>=1.4.0 <=1.4.13) +1 more potentially affected by CVE-2018-8025 via org.apache.hbase:hbase-thrift (>=1.4.0 <=1.4.4)

org.apache.hbase:hbase-thrift MAVEN version =1.4.0, =2.0.7, =1.4.0, =1.4.0, =1.4.13 Source cves: CVE-2018-8025 Source advisory: OSV:GHSA-R86J-2GC6-2CQ9...

org.apache.cxf.fediz.examples:spring2Webapp (>=1.1.0 <=1.3.2), org.apache.cxf.fediz.systests.webapps:fediz-systests-webapps-spring2 (>=1.2.0 <=1.3.2) +2 more potentially affected by CVE-2017-12631 via org.apache.cxf.fediz:fediz-spring2 (>=1.1.0 <=1.3.2)

org.apache.cxf.fediz:fediz-spring2 MAVEN version =1.1.0, =1.1.0, =1.2.0, =1.1.0, =1.1.0, =1.3.2 Source cves: CVE-2017-12631 Source advisory: OSV:GHSA-FV7X-4HPC-HF9F...

org.apache.storm:flux-core (>=1.2.0 <=1.2.1), org.apache.storm:storm-elasticsearch-examples (>=1.2.0 <=1.2.1) +14 more potentially affected by CVE-2018-1332 via org.apache.storm:storm-core (>=1.2.0 <=1.2.1)

org.apache.storm:storm-core MAVEN version =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.1 and more Source cves: CVE-2018-1332 Source advisory: OSV:GHSA-Q35P-CHC6-7X57...

org.apache.storm:flux-core (=1.1.0), org.apache.storm:storm-elasticsearch-examples (=1.1.0) +14 more potentially affected by CVE-2017-9799 via org.apache.storm:storm-core (=1.1.0)

org.apache.storm:storm-core MAVEN version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.storm:storm-core and may be impacted: - org.apache.storm:flux-core =1.1.0 - org.apache.storm:storm-elasticsearch-examples =1.1.0 -...

org.apache.storm:flux-core (>=1.2.0 <=1.2.1), org.apache.storm:storm-elasticsearch-examples (>=1.2.0 <=1.2.1) +14 more potentially affected by CVE-2018-8008 via org.apache.storm:storm-core (>=1.2.0 <=1.2.1)

org.apache.storm:storm-core MAVEN version =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.1 and more Source cves: CVE-2018-8008 Source advisory: OSV:GHSA-898J-5CC8-CMF5...

Atlas - Quick SQLMap Tamper Suggester

Atlas is an open source tool that can suggest sqlmap tampers to bypass WAF/IDS/IPS, the tool is based on returned status code. Screen Installation $ git clone https://github.com/m4ll0k/Atlas.git atlas $ cd atlas $ python atlas.py Usage $ python atlas.py --url http://site.com/index.php?id=PriceASC...