QUACK! Making the (Rubber) Ducky Talk: A Systematic Study of Keystroke Dynamics for HID Injection Detection

Modern computing systems inherently trust human input devices, creating an exploitable attack surface for adversarial automation. USB Human Interface Device HID emulation attacks, such as those enabled by the USB Rubber Ducky, exploit this assumption to inject arbitrary keystroke sequences while...

📄 Jinja 2 1.4.0 Tactical RMM SSTI Detection

This proof of concept script detects potential server-side template injection vulnerabilities in web applications using template engines such as Jinja. The script sends a dynamically generated mathematical expression within a template payload to a target URL parameter. If the server evaluates the...

Multi-Agent Honeypot-Based Request-Response Context Dataset for Improved SQL Injection Detection Performance

SQL injection remains a major threat to web applications, as existing defenses often fail against obfuscation and evolving attacks because of neglecting the request-response context. This paper presents a context-enriched SQL injection detection framework, focusing on constructing a high-quality...

Vitess allows HTML injection in /debug/querylogz & /debug/env

Summary The /debug/querylogz and /debug/env pages for vtgate and vttablet do not properly escape user input. The result is that queries executed by Vitess can write HTML into the monitoring page at will. Details These pages are rendered using text/template instead of rendering with a proper HTML...

VICIdial Authenticated Remote Code Execution

Vulnerability Details Affected Vendor: VICIdial Affected Product: VICIdial Affected Version: 2.14-917a Platform: GNU/Linux CWE Classification: CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' CVE ID: CVE-2024-8504 2. Vulnerability Description An...

BestEdrOfTheMarket - Little AV/EDR Bypassing Lab For Training And Learning Purposes

Little AV/EDR Evasion Lab for training & learning purposes. ️ under construction..​ | | | | | | \ / \ / | | | | | \ / / | | | | | | | | | | | | | | | | | | ' \ / \ | | | /\ \ | | || || | | || | | | | | | | | / |/||/| ||/|| \ /|| || || ||| | / | | | | | | |/| |/ | '| |/ / \ | | | | | | | |...

Novel Detection of Process Injection Using Network Anomalies

...

TiEtwAgent - PoC Memory Injection Detection Agent Based On ETW, For Offensive And Defensive Research Purposes

This project was created to research, build and test different memory injection detection use cases and bypass techniques. The agent utilizes Microsoft-Windows-Threat-Intelligence event tracing provider, as a more modern and stable alternative to Userland-hooking, with the benefit of Kernel-mode...

GitHub Security Lab: [Java] Query for detecting Jakarta Expression Language injections

This bug was reported directly to GitHub Security Lab...

GitHub Security Lab: Java: Query for detecting JEXL injections

This bug was reported directly to GitHub Security Lab...

Nethive-Project - Restructured And Collaborated SIEM And CVSS Infrastructure

The Nethive Project provides a Security Information and Event Management SIEM insfrastructure empowered by CVSS automatic measurements. Features Machine Learning powered SQL Injection Detection Server-side XSS Detection based on Chrome's XSS Auditor Post-exploitation Detection powered by Auditbea...

Vxscan

This is a Python script for a comprehensive vulnerability scanner, Vxscan. The script is designed to perform various types of scans, including: 1. Directory scanning and JavaScript leak detection 2. WAF/CDN identification 3. Port scanning 4. Fingerprinting and service identification 5. Operating...

Cloak - Backdoor In Any Python Script With Some Tricks

Cloak is an intelligent python backdoor framework. What it exactly does? Cloak generates a python payload via msfvenom and then intelligently injects it into the python script you specify. To evade basic detection, Cloak breaks the payload into several parts and places it in different places in t...

Syhunt ScanTools 6.0 - Console Web Vulnerability Scan Tools

Syhunt ScanTools 6.0 adds advanced fingerprinting capabilities, enhanced spidering, injection and code scan capabilities, and a large number of improved checks. Adds the display of Hybrid, Dynamic and Code detailed scan statistics to the command-line tools. New fingerprinting capabilities - Becau...

Leviathan - Wide Range Mass Audit Toolkit

Leviathan is a mass audit toolkit which has wide range service discovery, brute force, SQL injection detection and running custom exploit capabilities. It consists open source tools such masscan, ncrack, dsss and gives you the flexibility of using them with a combination. The main goal of this...

Piwigo 2.7.2 - Multiple Vulnerabilities

Piwigo 2.7.2 - Multiple Vulnerabilities -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= INDEPENDENT SECURITY RESEARCHER PENETRATION TESTING SECURITY -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Exploit Title: Piwigo 2.7.2 - SQL Injection / Cross Site Scripting Vulnerability's Date: 19/12/2014 Url Vendor:...

[ParameterFuzz v1.8] Parameter´s auditor for web applications

ParameterFuzz is a tool to check the level of fortification in web applications, try to cover the field more exploited by hackers, as the majority of known attacks are based on exploiting poorly filtered parameters. Just as SQL injection, Cross Site Scripting or RFI among others. This tool is...

PHPMyWind最新版SQL注射#1

简要描述： 通用型软件有奖励吗？怎么在重点应用跟一般应用都找不到PHPMyWind？？？ 详细说明： 在官网http://www.phpmywind.com/看了下，最新版是4.6.6，更新时间是13/11/28。去年知道创宇曾发布PHPMyWind三个SQL注入补丁→http://bbs.anquan.org/forum.php?mod=viewthread&tid=26575 本次报告的漏洞文件是order.php，上面的补丁包修复了order.php的31行的level，但是在374行的id却置之不理，因此漏洞产生了。 漏洞证明： 下载最新版PHPMyWind...

Uniscan 4.0 vulnerability scanner Released

Uniscan 4.0 vulnerability scanner Released The Uniscan vulnerability scanner is aimed at information security, which aims at finding vulnerabilities in Web systems and is licensed under the GNU GENERAL PUBLIC LICENSE 3.0 GPL 3. The Uniscan was developed using the Perl programming language to be...

aidSQL: A Tool to Find Vulnerable Spots in Web Sites !

aidSQL is a PHP application provided for detecting security holes in your websites. It is a modular application, meaning that you can develop your very own plugins for SQL injection detection & exploitation. Sample usage of aidsql: ./aidSQL --url=www.sample123.com We find it similar to nikto,...