WiFi-Pineapple-MK7_REST-Client - WiFi Hacking Workflow With WiFi Pineapple Mark VII API

PINEAPPLE MARK VII REST CLIENT The leading rogue access point and WiFi pentest toolkit for close access operations. Passive and active attacks analyze vulnerable and misconfigured devices. https://hak5.org/collections/sale/products/wifi-pineapple Author :: TW-D Version :: 1.3.7 Copyright ::...

Pinacolada - Wireless Intrusion Detection System For Hak5's WiFi Coconut

Pinacolada looks for typical IEEE 802.11 attacks and then informs you about them as quickly as possible. All this with the help of Hak5's WiFi Coconut, which allows it to listen for threats on all 14 channels in the 2.4GHz range simultaneously. Supported 802.11 Attacks Attack | Type | Status...

Powershell-Backdoor-Generator - Obfuscated Powershell Reverse Backdoor With Flipper Zero And USB Rubber Ducky Payloads

Reverse backdoor written in Powershell and obfuscated with Python. Allowing the backdoor to have a new signature after every run. Also can generate auto run scripts for Flipper Zero and USB Rubber Ducky. usage: listen.py -h --ip-address IPADDRESS --port PORT --random --out OUT --verbose --delay...

P4wnP1: A Open Source USB Attack Platform

PenTestIT RSS Feed As of now, hardware security projects seem to be attracting me more than software based projects. Evidently, I wrote a few posts covering them - List of Portable Hardware Devices for Penetration Testing, List of Raspberry Pi DIY Projects for Anonymity, etc. among other awesome...

Hack with Metasploit: Announcing the UNITED 2017 CTF

Got mad skillz? Want mad skillz? This year at Rapid7s annual UNITED Summit, were hosting a first-of-its-kind Capture the Flag CTF competition. Whether youre a noob to hacking or a grizzled pro, youll emerge from our 25-hour CTF with more knowledge and serious bragging rights. Show off your 1337...

CVE-2015-4624

Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens...

Cross site request forgery (csrf)

Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens...

CVE-2015-4624

Summary (CVE-2015-4624): Hak5 WiFi Pineapple devices v2.0–v2.3 are affected by predictable CSRF tokens enabling command injection during preconfiguration. The issue stems from an anti-CSRF weakness and use of default credentials, allowing unauthorized command execution on vulnerable devices. Rela...

CVE-2015-4624

Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens...

hak5.org XSS vulnerability

Vulnerable URL: https://www.hak5.org/?s=xss"'--!" Details: Description| Value ---|--- Patched:| Yes, at 04.01.2017 Latest check for patch:| 04.01.2017 08:47 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 72538 VIP website status:| No Check hak5.org SSL...

Hak5 WiFi Pineapple Preconfiguration Command Injection

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Hak5 WiFi Pineapple Preconfiguration Command Injection', 'Description' = %q This module exploits a login/csrf check bypass...

Here’s How to Hack Windows/Mac OS X Login Password (When Locked)

A Security researcher has discovered a unique attack method that can be used to steal credentials from a locked computer but, logged-in and works on both Windows as well as Mac OS X systems. In his blog post published today, security expert Rob Fuller demonstrated and explained how to exploit a U...

Unfixed XSS vulnerability at hak5.podzinger.com

Security researcher m3hr4n, has submitted on 19/06/2007 a cross-site-scripting XSS vulnerability affecting hak5.podzinger.com, which at the time of submission ranked 59029 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 19/06/2007. It is...