Pybelt - The Hackers Tool Belt

Pybelt is an open source hackers tool belt complete with: A port scanner SQL injection scanner Dork checker Hash cracker Hash type verification tool Proxy finding tool XSS scanner It is capable of cracking hashes without prior knowledge of the algorithm, scanning ports on a given host, searching...

CVE-2017-0261

Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka “Office Remote Code Execution Vulnerability”. This CVE ID is unique from CVE-2017-0262 and CVE-2017-0281. Recent assessments:...

How to Find dom-id or Domain ID of Virtual Machines Running On XenServer

Note : Domain ID or domid is only for Running VMs or Booting VMs. A VM which is powered off will not have a domid of its own Run the following command to obtain the domain ID of a particular VM running on XenServer. xllist | grep -i "VMNAME" OR listdomains | grep -i VMUUID In the above case , the...

SimplE RePort wrIting and COllaboration tool: Serpico

Serpico is at its core a report generation tool but targeted at creating information security reports. When building a report the user adds “findings” from the template database to the report. When there are enough findings, click ‘Generate Report’ to create the docx with your findings. The docx...

Finding Ojipockle! - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Finding Ojipockle! published at the 'play' market has multiple vulnerabilities...

Mosca - Static Analysis Tool To Find Bugs

Just another Simple static analysis tool to find bugs like a grep unix command, at mosca have a modules, that was call egg, each egg is a simple config to find bug at especific language like PHP,Ruby,ASP etc... Example of egg config at directory "egg", If Mosca read a line with vunerability of eg...

Medicomp Systems MEDCIN Engine Denial of Service Vulnerability

Medicomp Systems MEDCIN Engine is an electronic medical record system from French company Medicomp Systems. The system provides content and tools for physician and nurse documentation, clinical decision support and patient management. A security vulnerability exists in the 'AddUserFinding...

Merethis Centreon 2.5.4 SQL Injection / Remote Command Execution

Merethis Centreon - Unauthenticated blind SQLi and Authenticated Remote Command Execution CVEs: CVE-2015-1560, CVE-2015-1561 Vendor: Merethis - www.centreon.com Product: Centreon Version affected: 2.5.4 and prior Product description: Centreon is the choice of some of the world's largest companies...

BackdoorFactory - Patch PE (x86/x64) and ELF (x86/x64 and ARM LE x32) binaries with shellcode

Patch win86/64 PE and linux86/64 binaries with shellcode. The goal of The Backdoor Factory is to patch executable binaries with user desired shellcode and continue normal execution of the binary prepatched state. Under a BSD 3 Clause License. This is done by either appending a code cave or using...

Memberkit 1.0 - Remote PHP File Upload Vulnerability

No description provided by source. ================================================================= =================Memberkit 1.0 Remote File Upload================ ================================================================= Vendor: http://www.memberkit.com/ Discovered: 12-30-08 Discovere...

Xitami Web Server 2.5c2 - LRWP Processing Format String PoC

No description provided by source. / PoC exploit for Xitami Web Server v2.5c2 LRWP processing format string bug Advisory is available at: http://www.bratax.be/advisories/b013.html multiple vulnerabilities! check it out! @author: bratax @url: http://www.bratax.be/ @email: [email protected] Thanks t...

netvolution cms 1.0 (xss/sql) Multiple Vulnerabilities

No description provided by source. Found By : Ellinas aka Greek Email: [email protected] Vulnerable Product: CMS netvolution v1.0 website : www.netvolution.net , www.atcom.gr SQL Injection Version Finding:...

[SECURITY] Fedora 18 Update: php-symfony2-Finder-2.2.10-1.fc18

The Finder Component finds files and directories via an intuitive fluent interface...

Hanso Converter 2.4.0 - ogg Buffer Overflow (Denial of Service)

Hanso Converter 2.4.0 - ogg Buffer Overflow Denial of Service !/usr/bin/env ruby coding:UTF-8 Exploit Title:Hanso Converter 2.4.0 Buffer OverflowDoS Author:Necmettin COSKUN = twitter.com/babayarisi Vendor :www.hansotools.com Software...

How I Got Here: Brad Arkin

Dennis Fisher talks with Brad Arkin, CSO of Adobe, about his start with punch cards, finding bugs in online poker software, working at @stake and his challenges at Adobe. Download: 11arkin.mp3...

Fedora Update for python-pip FEDORA-2013-6762

Check for the Version of python-pip OpenVAS Vulnerability Test Fedora Update for python-pip FEDORA-2013-6762 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

Outer Ear Authentication

The insides of our ears are a mysterious place for most of us. It turns out, however, that there’s more going on in there than we expected. In a study presented at the IEEE Fourth International Conference on Biometrics in September of 2010, researchers used a shape-finding algorithm to determine ...

Apache Tomcat 7.0.x < 7.0.22 Multiple Vulnerabilities

Binary data 800605.prm...

Apache Tomcat 6.0.x < 6.0.35 Multiple Vulnerabilities

Binary data 800607.prm...

Oracle website vulnerable to SQL injection

Oracle website vulnerable to SQL injection vulnerability Oracle database website itself vulnerable to SQL injection attack. The website having a loophole by which any attacker can easily hack into it. The vulnerability is found and submitted by Hacker "m@m@ ". Oracle provides the world's most...