VULNEXPO

🔥 VULNEXPO — Vulnerability Detection & Exploitation Framework...

A Deep Dive into Reversing CODESYS

Industrial Control System ICS networking stacks are often the go-to bogeyman for infosec and cybersecurity professionals, and doubly so for offensive, red-team style security folks. How often have you been new on site, all ready to run a bog-standard nmap scan across the internal address space,...

Domain Analyzer - Analyze The Security Of Any Domain By Finding All the Information Possible

Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way. How Domain analyzer takes a domain name and finds information about it, such as DNS servers, mail servers, IP...

deluge-rpc-brute NSE Script

Performs brute force password auditing against the DelugeRPC daemon. Script Arguments passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb See the documentation for the unpwdb library. creds.service, creds.global See the documentation for the creds library. brute.credfile,...

Domain Analyzer

Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way. Domain analyzer takes a domain name and finds information about it, such as DNS servers, mail servers, IP addresse...

Malware exploit: Legend

Type: Remote Code Execution Author: shipcod3 / Jay Turla This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include...

nje-pass-brute NSE Script

z/OS JES Network Job Entry NJE 'I record' password brute forcer. After successfully negotiating an OPEN connection request, NJE requires sending, what IBM calls, an 'I record'. This initialization record may sometimes require a password. This script, provided with a valid OHOST/RHOST for the NJE...

Legend Perl IRC Bot Remote Code Execution Exploit

This Metasploit module exploits a remote command execution on the Legend Perl IRC Bot . This bot has been used as a payload in the Shellshock spam last October 2014. This particular bot has functionalities like NMAP scanning, TCP, HTTP, SQL, and UDP flooding, the ability to remove system logs, an...

Legend Perl IRC Bot Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Legend Perl IRC Bot Remote Code Execution', 'Description' = %q This module exploits a remote command execution on the Legend Perl IR...

Legend Perl IRC Bot Remote Code Execution

This module exploits a remote command execution on the Legend Perl IRC Bot. This bot has been used as a payload in the Shellshock spam last October 2014. This particular bot has functionalities like NMAP scanning, TCP, HTTP, SQL, and UDP flooding, the ability to remove system logs, and ability to...

Domain Analyzer Security Tool - Finds all the security information for a given domain name

Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way. Features It creates a directory with all the information, including nmap output files. It uses colors to remark...

Hackers abusing online Nmap Port Scanning service

Most of you knows the power of Nmap, When used properly, Nmap helps protect your network from invaders. One of the best tool for hackers, penetration testers and Security researchers. Officially Nmap a desktop tool, can be used as web version but should be under some limitations. When someone doe...

Hackers abusing online Nmap Port Scanning service

Most of you knows the power of Nmap, When used properly, Nmap helps protect your network from invaders. One of the best tool for hackers, penetration testers and Security researchers. Officially Nmap a desktop tool, can be used as web version but should be under some limitations. When someone doe...

dns-client-subnet-scan NSE Script

Performs a domain lookup using the edns-client-subnet option which allows clients to specify the subnet that queries supposedly originate from. The script uses this option to supply a number of geographically distributed locations in an attempt to enumerate as many different address records as...

dns-zone-transfer NSE Script

Requests a zone transfer AXFR from a DNS server. The script sends an AXFR query to a DNS server. The domain to query is determined by examining the name given on the command line, the DNS server's hostname, or it can be specified with the dns-zone-transfer.domain script argument. If the query is...

Motorola Cable Modem DOS

I've found it trivial to crash the Motorola Surfboard 4200 Cable modem, as installed default by AT&T Broadband Internet. The modem acts as a bridge, but also has an internal RFC1918 IP address 192.168.100.1. Simply nmap'ing the cable user's IP address, ie: nmap -sS -p 1-1024 12.x.x.x will cause i...

Enterasys SSR8000 DoS

nmap scanning causes system to crash...

Re: DOS attack against HP JetDirect Printers (fwd)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I've never seen nmap dos a HP4000 printer but they do die if you toss junk at the spooler port. The printer display says 86.00x EIO 1 Error, and the red attention light goes on. At this point you have to power the printer back on and off. The rev's ar...

Microsoft Windows NT 3.5.1 SP23.5.1 SP33.5.1 SP43.5.1 SP54.04.0 SP14.0 SP24.0 SP34.0 SP44.0 SP5 - TelnetD

Microsoft Windows NT 3.5.1 SP23.5.1 SP33.5.1 SP43.5.1 SP54.04.0 SP14.0 SP24.0 SP34.0 SP44.0 SP5 - TelnetD source: https://www.securityfocus.com/bid/140/info A vulnerability exists within Microsoft's Telnetd daemon which allows a denial of service condition. The popular scanning tool, Nmap 2.01 or...

Microsoft Windows NT 3.5.1 SP2/3.5.1 SP3/3.5.1 SP4/3.5.1 SP5/4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 - TelnetD

source: https://www.securityfocus.com/bid/140/info A vulnerability exists within Microsoft's Telnetd daemon which allows a denial of service condition. The popular scanning tool, Nmap 2.01 or later can crash telnetd services when using the SYN scanning flag -sS. nmap -sS -p 23...