Commander - A Command And Control (C2) Server

Commander is a command and control framework C2 written in Python, Flask and SQLite. It comes with two agents written in Python and C. Under Continuous Development Not script-kiddie friendly Features Fully encrypted communication TLS Multiple Agents Obfuscation Interactive Sessions Scalable Base6...

packetStrider - A Network Packet Forensics Tool For SSH

packetStrider for SSH is a packet forensics tool that aims to provide valuable insight into the nature of SSH traffic, shining a light into the corners of SSH network traffic where golden nuggets of information previously lay in the dark. The problem that packet strider aims to help with AKA Why?...

postgresql: psql's \gset allows overwriting specially treated variables

A flaw was found in the psql interactive terminal of PostgreSQL. If an interactive psql session uses \gset when querying a compromised server, this flaw allows an attacker to execute arbitrary code as the operating system account running psql. The highest threat from this vulnerability is to...

openSUSE 10 Security Update : wget (wget-1689)

This update fixes a security in wget, where evil servers could send terminal escape codes to the user calling wget. This would only affect interactive sessions. CVE-2004-1488 Additionaly a previous '.file' fix was found to be buggy and replaced. This bug could lead to '.directories' not being...