Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Kitploit
Kitploitadded 2023/06/24 12:30 p.m.20 views

msLDAPDump - LDAP Enumeration Tool

msLDAPDump simplifies LDAP enumeration in a domain environment by wrapping the lpap3 library from Python in an easy-to-use interface. Like most of my tools, this one works best on Windows. If using Unix, the tool will not resolve hostnames that are not accessible via eth0 currently. Binding...

7.3AI score
Exploits0References4
Qualys Blog
Qualys Blogadded 2022/09/29 2:32 p.m.38 views

Qualys Threat Research Thursday

Welcome to the second edition of the Qualys Research Team’s “Threat Research Thursday”, where we collect and curate notable new tools, techniques, procedures, threat intelligence, cybersecurity news, malware attacks, and more. Feedback on our first edition, Introducing Qualys Threat Research...

0.2AI score0.98905EPSS
Exploits6
Debian CVE
Debian CVEadded 2022/06/27 8:45 p.m.30 views

CVE-2022-31088

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the user name field at login could be used to enumerate LDAP data. This is only the case for LDAP search configuration. This issue has been fixed ...

6.5CVSS6AI score0.01008EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2021/12/02 4:17 p.m.1 views

xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapSearchEnumeration

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality,...

8.5CVSS7.7AI score0.04774EPSS
Exploits1References5
Kitploit
Kitploitadded 2021/12/02 11:30 a.m.71 views

Kerberoast - Kerberoast Attack -Pure Python-

Kerberos attack toolkit -pure python- Install pip3 install kerberoast Prereqirements Python 3.6 See requirements.txt For the impatient IMPORTANT: the accepted target url formats for LDAP and Kerberos are the following : +://:@/?= : +://:@/?= Steps -with SSPI-: kerberoast auto Steps -SSPI not...

7.5AI score
Exploits0References1
Prion
Prionadded 2020/12/17 5:15 a.m.12 views

Denial of service

HashiCorp Vault and Vault Enterprise 1.4.1 and newer allowed the enumeration of users via the LDAP auth method. Fixed in 1.5.6 and 1.6.1...

5CVSS5.2AI score0.01289EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2020/12/17 4:17 a.m.17 views

CVE-2020-35177

HashiCorp Vault and Vault Enterprise 1.4.1 and newer allowed the enumeration of users via the LDAP auth method. Fixed in 1.5.6 and 1.6.1...

5.2AI score0.01289EPSS
Exploits0References2
Kitploit
Kitploitadded 2020/04/03 11:30 a.m.264 views

Jackdaw - Tool To Collect All Information In Your Domain And Show You Nice Graphs

Jackdaw is here to collect all information in your domain, store it in a SQL database and show you nice graphs on how your domain objects interact with each-other an how a potential attacker may exploit these interactions. It also comes with a handy feature to help you in a password-cracking...

7.8AI score
Exploits0References5
Rows per page
Query Builder