EUVD-2011-5241

Malware in sbrugna...

Penetration-Testing-on-Metasploitable2

Penetration-Testing-on-Metasploitable2...

CVE-2011-10017

Snort Report versions 1.3.2 contains a remote command execution vulnerability in the nmap.php and nbtscan.php scripts. These scripts fail to properly sanitize user input passed via the target GET parameter, allowing attackers to inject arbitrary shell commands. Exploitation requires no...

CVE-2011-10017 Snort Report nmap.php/nbtscan.php RCE

Snort Report versions 1.3.2 contains a remote command execution vulnerability in the nmap.php and nbtscan.php scripts. These scripts fail to properly sanitize user input passed via the target GET parameter, allowing attackers to inject arbitrary shell commands. Exploitation requires no...

Dracnmap

Dracnmap is an open-source program designed to exploit networks and gather information using the help of Nmap. It is intended to simplify the process of network scanning by utilizing the script engine of Nmap and performing various automatic scanning techniques with advanced commands. Dracnmap is...

Exploit for Improper Access Control in Elasticsearch

欢迎各位大佬提BUG,当前版本 AssetScanV1.3 周期 初版：2019年11月28日 V1.0初版编写完成 修改1：2019年12月02日 感谢Shadow·J反馈kali下文件导入异常 修改2：2019年12月03日 V1.1发布，新增ARP存活检测（回滚，测bug） 修改3：2019年12月04日 V1.2发布，修复漏洞脚本异常，修复weblogic脚本 修改4：2019年12月05日 V1.2修改，感谢sevck提供设计思路以及代码不规范问题 修改5：2019年12月05日 V1.2修改，修复IP数据处理异常 修改6：2019年12月19日...

Creating Scripts to Identify Vulnerable Proxy Servers

This whitepaper covers how to create Nmap scripts to identify banners and versions of proxy servers. It also covers methods to mitigate the public visibility of banners and version information on proxy servers. Written in Portuguese...

Creating Scripts to Identify Vulnerable FTPs

This whitepaper covers how to create Nmap scripts to identify banners and versions of FTP servers. It also covers methods to mitigate the public visibility of banners and version information on FTP servers. Written in Portuguese...

The vulnerability of the NMAP import service used in the HCL BigFix Enterprise Suite Asset Discovery tool allows a hacker to increase their privileges.

The vulnerability of the NMAP import service used in the HCL BigFix Enterprise Suite Asset Discovery tool is due to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to increase their privileges remotely...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

CVE-2024-24919 Nmap script to check vulnerability CVE-2024-249...

SUSE CVE-2013-4885

The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences...

CVE-2022-38772

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature...

awesome-windows-exploitation

This is a curated list of Windows exploitation resources and tools. The repository is a collection of articles, tutorials, and tools for Windows exploitation, including stack overflows, heap overflows, and kernel-based Windows overflows. The list includes resources such as articles from Phrack, a...

Findsploit

It is an offensive tool for searching and exploiting. The primary CVE ID is not explicitly mentioned in the provided context. The tool, Findsploit, is a bash script that searches both local and online exploit databases. It includes three sub-scripts: "compilesploit" to automatically compile and r...

icsmaster

This repository is an offensive tool for ICS Industrial Control Systems security research and exploitation. It contains a collection of resources, including papers, exploits, firmware, Nmap scripts, and tools, related to ICS security. The repository is maintained by GeneBlue and appears to be a...

oscp

This is an offensive tool for penetration testing and vulnerability assessment. It is a Python script called reconscan.py that is designed to be used as a preparation for the OSCP Offensive Security Certified Professional exam. The script is multithreaded and can be run against several hosts at...

Nmap 7.70 - Free Security Scanner: Better service and OS detection, 9 new NSE scripts, new Npcap, and much more

Nmap "Network Mapper" is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets...

Nmap 7.60 - Free Security Scanner For Network Exploration & Security Audits

Nmap "Network Mapper" is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets...

Network Mapper: Nmap

the Network Mapper Nmap is a free and open source utility for network discovery and security auditing. Network mapper was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for...

aNmap - Android Network Mapper (Nmap for Android)

Nmap is one of the most improtant tools for every cracker white, grey black hat "hacker". Nmap is a legendary hack tool and probably the prevelent networt security port scanner tool over the last 10 years on all major Operating Systems. So far it was available in windows, linux and Mac OS X. But...