Can LLMs Hack Enterprise Networks? -- Replicated Computational Results (RCR) Report

This is the Replicated Computational Results RCR Report for the paper "Can LLMs Hack Enterprise Networks?" The paper empirically investigates the efficacy and effectiveness of different LLMs for penetration-testing enterprise networks, i.e., Microsoft Active Directory Assumed-Breach Simulations...

HACK NDSU: A Real-World Event to Promote Student Interest in Cybersecurity

Hack NDSU let students scan, probe, and hack North Dakota State University's campus network, under professionals' supervision, providing an aspirational experience, potentially motivating them to enter the field. This paper provides a blueprint for educational hacking events against production...

EUVD-2019-0218

Malware in sbrugna...

EUVD-2025-25559

Malicious code in bioql PyPI...

Unbreakable Enterprise kernel security update

5.15.0-306.177.4 - Revert 'usb: gadget: userial: Disable ep before setting port to null to fix the crash caused by port being null' Greg Kroah-Hartman - drm/v3d: Assign job pointer to NULL before signaling the fence Maira Canal - scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sys...

How to Test a Network Throughput Using Iperf

This article describes how to test a network throughput using Iperf. Iperf allows administrators and engineers to test throughput between any two hosts, including physical systems and Virtual Machines VMrunning on XenServer. Requirements Iperf for Windows Download a copy of Iperf for Windows. Thi...

PT-2023-25567 · Apache · Apache Superset

Name of the Vulnerable Software and Affected Versions: Apache Superset versions up to and including 2.1.0 Description: The issue is related to improper REST API permission in Apache Superset, allowing authenticated Gamma users to test network connections, which may lead to a possible Server-Side...

How To Test Port Connectivity Using PowerShell Without The Need To Install Telnet Client

Traditionally, admins will install the Telnet Client on a Windows machine to test the ability to reach a port on another computer. The purpose of this article is to provide instructions on how to test connectivity to a specific port on another device using Powershell and without the need to insta...

CVE-2016-10650

ntfserver is a Network Testing Framework Server. ntfserver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on the...

CVE-2016-10650

CVE-2016-10650 affects ntfserver (Network Testing Framework Server). The vulnerability arises because ntfserver downloads binary resources over HTTP, allowing a network-positioned attacker to perform a MITM and swap the requested binary with a malicious one, potentially leading to remote code exe...

NetScaler SD-WAN Path Continuously Flipping Between GOOD/BAD/DEAD on WAN Links

Something to observe here is whether the GOOD/BAD/DEAD is occurring while the link is idle, or while the link is under load traffic. The following information covers all cases, but this is the "most common root cause" for each scenario: Idle - speed/duplex mismatch, ARP issue, IPS/IDS device and ...

sylkie - IPv6 address spoofing with the Neighbor Discovery Protocol

A command line tool and library for testing networks for common address spoofing security vulnerabilities in IPv6 networks using the Neighbor Discovery Protocol. Getting Started Note: This project is still in the early phases of development. If you run into any problems, please consider submittin...

Smith - A Very Quick And Very Dirty Client/Server Tool For Testing Firewalls

A client/server style agent meant for testing connectivity to and from a machine on a network. Installation python setup.py install or pip install . should install smith. Note: If you want to use the tcp/udp protocol options, you'll need to install scapy and it's dependencies. Ubuntu has 'apt-get...

Java LOIC - Low Orbit Ion Cannon. A Java based network stress testing application

Low Orbit Ion Cannon. The project is a Java implementation of LOIC written by Praetox but it's not related with the original project. The main purpose of Java LOIC is testing your network. Java LOIC should work on most operating systems. Download Java LOIC...

My DEFCON social engineering talk and DerbyCon

This year has been a year of firsts for me and for Coalfire. I was recently hired to my first Information security job as a penetration tester for Coalfire Labs, the forensic and app/network testing side of Coalfire. Many of the Coalfire Labs team attended DEFCON in Las Vegas in early August.. No...

SEC Consult SA-20120220-1 :: Multiple Vulnerabilities in ELBA5

SEC Consult Vulnerability Lab Security Advisory 20120220-1 ======================================================================= title: Multiple Vulnerabilities in ELBA5 product: ELBA 5 vulnerable version: ELBA 5.4.1 5.5.0 R00004 build 0778 fixed version: partially in 5.5.0 R00004 build 0778 al...

RoseAttackv1.txt

/-------------------------------------------------------------/ / Implementation of Rose Attack described by Gandalf . Reference: Bugtraq, 30 mars 2004, "IPv4 fragmentation, The Rose Attack" Written by Laurent Constantin Library netwib must be installed:...

Apache 2.x - Memory Leak

Apache 2.x - Memory Leak / apache-massacre.c Test code for Apache 2.x Memory Leak By Matthew Murphy DISCLAIMER: This exploit tool is provided only to test networks for a known vulnerability. Do not use this tool on systems you do not control, and do not use this tool on networks you do not own...

SMTP settings

This plugin sets various SMTP parameters because several checks need to use a third-party host/domain name in order to work properly. The checks that rely on this are SMTP or DNS relay checks. By default, 'example.edu' is being used for this purpose. However, under some circumstances, this may le...

MiM Simultaneous close attack

Доброе время суток Учёный Кот! Глядя на убогий эксплоит mimsc.exe решили написать нечто похожее, коментарий одного из автора проекта: ---------------------------------------------------------------------------------------------- Данный эксплоит написан в поддержку security advisory MiM Simultaneo...