34 matches found
network-pentest-metasploitable2
Network / System Penetration Test — Metasploitable 2 !Type...
ThreatExploiter
🔴 ThreatExploiter Automated Network Penetration Testing & E...
ApexPlanet-Task5-capstone-webapp-pentest
🛡️ Capstone Project — Web Application & Network Penetration Test...
New Report Links Research Firms BIETA and CIII to China's MSS Cyber Operations
A Chinese company named the Beijing Institute of Electronics Technology and Application BIETA has been assessed to be likely led by the Ministry of State Security MSS. The assessment comes from evidence that at least four BIETA personnel have clear or possible links to MSS officers and their...
Network-Penetration-Testing-CTF-1-Flag-4
exploit usage: proxychains python3 spipexploit.py -u http://w...
CVE-2024-8982
A Local File Inclusion LFI vulnerability in OpenLLM version 0.6.10 allows attackers to include files from the local server through the web application. This flaw could expose internal server files and potentially sensitive information such as configuration files, passwords, and other critical dat...
Beyond Compliance: The Advantage of Year-Round Network Pen Testing
IT leaders know the drill—regulators and cyber insurers demand regular network penetration testing to keep the bad guys out. But here's the thing: hackers don't wait around for compliance schedules. Most companies approach network penetration testing on a set schedule, with the most common...
Top 10 Critical Pentest Findings 2024: What You Need to Know
One of the most effective ways for information technology IT professionals to uncover a company's weaknesses before the bad guys do is penetration testing. By simulating real-world cyberattacks, penetration testing, sometimes called pentests, provides invaluable insights into an organization's...
New Leak Shows Business Side of China’s APT Menace
A new data leak that appears to have come from one of Chinas top private cybersecurity firms provides a rare glimpse into the commercial side of Chinas many state-sponsored hacking groups. Experts say the leak illustrates how Chinese government agencies increasingly are contracting out foreign...
Reimagining Network Pentesting With Automation
Network penetration testing plays a crucial role in protecting businesses in the ever-evolving world of cybersecurity. Yet, business leaders and IT pros have misconceptions about this process, which impacts their security posture and decision-making. This blog acts as a quick guide on network...
Russian State-Backed 'Infamous Chisel' Android Malware Targets Ukrainian Military
Cybersecurity and intelligence agencies from Australia, Canada, New Zealand, the U.K., and the U.S. on Thursday disclosed details of a mobile malware strain targeting Android devices used by the Ukrainian military. The malicious software, dubbed Infamous Chisel and attributed to a Russian...
CVE-2023-31222
Deserialization of untrusted data in Microsoft Messaging Queuing Service in Medtronic's Paceart Optima versions 1.11 and earlier on Windows allows an unauthorized user to impact a healthcare delivery organization’s Paceart Optima system cardiac device causing data to be deleted, stolen, or...
CVE-2023-31222
Deserialization of untrusted data in Microsoft Messaging Queuing Service in Medtronic's Paceart Optima versions 1.11 and earlier on Windows allows an unauthorized user to impact a healthcare delivery organization’s Paceart Optima system cardiac device causing data to be deleted, stolen, or...
Deserialization of untrusted data
Deserialization of untrusted data in Microsoft Messaging Queuing Service in Medtronic's Paceart Optima versions 1.11 and earlier on Windows allows an unauthorized user to impact a healthcare delivery organization’s Paceart Optima system cardiac device causing data to be deleted, stolen, or...
CVE-2023-31222 Medtronic Paceart MSMQ Deserialization of Untrusted Data
Deserialization of untrusted data in Microsoft Messaging Queuing Service in Medtronic's Paceart Optima versions 1.11 and earlier on Windows allows an unauthorized user to impact a healthcare delivery organization’s Paceart Optima system cardiac device causing data to be deleted, stolen, or...
CVE-2023-31222 Medtronic Paceart MSMQ Deserialization of Untrusted Data
Deserialization of untrusted data in Microsoft Messaging Queuing Service in Medtronic's Paceart Optima versions 1.11 and earlier on Windows allows an unauthorized user to impact a healthcare delivery organization’s Paceart Optima system cardiac device causing data to be deleted, stolen, or...
pimCore v5.4.18-skeleton - Sensitive Cookie with Improper SameSite Attribute Exploit
Exploit Title: pimCore v5.4.18-skeleton - Sensitive Cookie with Improper SameSite Attribute Author: nu11secur1ty Vendor: https://pimcore.com/en Software: https://packagist.org/packages/pimcore/skeleton Reference:...
Trickbot module descriptions
Trickbot aka TrickLoader or Trickster, is a successor of the Dyre banking Trojan that was active from 2014 to 2016 and performed man-in-the-browser attacks in order to steal banking credentials. Trickbot was first discovered in October 2016. Just like Dyre, its main functionality was initially th...
Capsulecorp-Pentest - Vagrant VirtualBox Environment For Conducting An Internal Network Penetration Test
Vagrant VirtualBox Environment For Conducting An Internal Network Penetration Test. 1. Capsulecorp Pentest The Capsulecorp Pentest is a small virtual network managed by vagrant and ansible. It contains five virtual machines, including one Linux attacking system running xubuntu and 4 Windows 2019...
Semi-Automated Network Penetration Testing Framework: Legion
Legion, a fork of SECFORCE’s Sparta, is an open source, easy-to-use, super-extensible and semi-automated network penetration testing framework that aids in discovery, reconnaissance and exploitation of information systems. Legion is developed and maintained by GoVanguard. Features Automatic recon...