Sn1per v7.0 - Automated Pentest Framework For Offensive Security Experts

Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security's premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage...

Kali Linux 2019.1 Released — Operating System For Hackers

Wohooo! Great news for hackers and penetration testers. Offensive Security has just released Kali Linux 2019.1, the first 2019 version of its Swiss army knife for cybersecurity professionals. The latest version of Kali Linux operating system includes kernel up to version 4.19.13 and patches for...

exploitdb-bin-sploitsss

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains a collection of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. It is intended to serve as the...

Adobe Flash Zero-Day Leveraged Via Office Docs in Campaign

An Adobe Flash Player zero-day exploit has been spotted in the wild as part of a widespread campaign, researchers said on Wednesday. Adobe has just issued a patch for the previously unknown critical flaw. The vulnerability, CVE-2018-15982, is a use-after-free flaw enabling arbitrary code executio...

Pacu - The AWS Exploitation Framework, Designed For Testing The Security Of Amazon Web Services Environments

Pacu is an open source AWS exploitation framework, designed for offensive security testing against cloud environments. Created and maintained by Rhino Security Labs, Pacu allows penetration testers to exploit configuration flaws within an AWS account, using modules to easily expand its...

The AWS Exploitation Framework: Pacu

Pacu is an open source AWS exploitation framework, designed for offensive security testing against cloud environments. Created and maintained by Rhino Security Labs, Pacu allows penetration testers to exploit configuration flaws within an AWS account, using modules to easily expand its...

exploitdb

The Exploit Database Git Repository This is an official repository of The Exploit Database, a project sponsored by Offensive Security. Our repositories are: - Exploits & Shellcodes: https://github.com/offensive-security/exploitdb - Binary Exploits:...

AWS Slurp Github Takeover

Slurp is a tool used by information security professionals to enumerate AWS S3 buckets. Slurp takes a domain name example.com or wordlist as input and cycles through likely S3 bucket names example.s3.amazonaws.com looking for any world-read/writeable buckets. S3 buckets are a great find for...

Black Hat 2018: Google’s Tabriz Talks Complex Security Landscapes

LAS VEGAS – The complexity of the cybersecurity landscape is at an all-time high, with security researchers, vendors, third-party ecosystems and even governments all trying to come to a consensus for making the cyber-world a safer place. For security experts, navigating these choppy and crowded...

Raccoon - A High Performance Offensive Security Tool For Reconnaissance And Vulnerability Scanning

Offensive Security Tool for Reconnaissance and Information Gathering. Features DNS details DNS visual mapping using DNS dumpster WHOIS information TLS Data - supported ciphers, TLS versions, certificate details and SANs Port Scan Services and scripts scan URL fuzzing and dir/file detection...

exploit-database

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains a collection of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The Exploit Database is a...

Network Manager VPNC 1.2.4 Privilege Escalation

Network Manager VPNC - Privilege Escalation CVE-2018-10900 Release URL: https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc Date Released: 21/07/2018 CVE: CVE-2018-10900 Author: Denis Andzakovic Source: https://gitlab.gnome.org/GNOME/NetworkManager-vpnc Affected Software: Network Manager VPNC ...

exploit-database

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains a collection of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The aim is to serve as the most...

Activision Infinity Ward Call of Duty Modern Warfare 2 - Buffer Overflow

Activision Infinity Ward Call of Duty Modern Warfare 2 - Buffer Overflow Exploit Title: Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 Date: 14-12-2017 Exploit Author: Maurice Heumann Contact: https://twitter.com/momo5502?lang=en Website: https://momo5502.co...

PowerShell Penetration Testing Framework: Nishang

Nishang is an open source framework and collection of powerful PowerShell scripts and payloads that you can use during penetration testing audit, post exploitation phase or other stages of offensive security auditing. Nishang is useful during various phases of a security auditing process and has...

ASX To MP3 3.1.3.7 Buffer Overflow

Exploit Title: Buffer Overflow via crafted malicious .m3u file Exploit Author: Parichay Rai Tested on: XP Service Pack 3 CVE : CVE-2017-15221 Description ------------ A buffer overflow Attack possible due to improper input mechanism Proof of Concept ---------------- !/usr/bin/python This exploit...

ASX to MP3 3.1.3.7 - '.m3u' Local Buffer Overflow

Exploit Title: Buffer Overflow via crafted malicious .m3u file Exploit Author: Parichay Rai Tested on: XP Service Pack 3 CVE : CVE-2017-15221 Description ------------ A buffer overflow Attack possible due to improper input mechanism Proof of Concept ---------------- !/usr/bin/python This exploit...

ASX to MP3 3.1.3.7 - .m3u Local Buffer Overflow

ASX to MP3 3.1.3.7 - .m3u Local Buffer Overflow Exploit Title: Buffer Overflow via crafted malicious .m3u file Exploit Author: Parichay Rai Tested on: XP Service Pack 3 CVE : CVE-2017-15221 Description ------------ A buffer overflow Attack possible due to improper input mechanism Proof of Concept...

Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation (MS17-017) Exploit

Exploit for windows platform in category local exploits E-DB Note: + Source: https://github.com/sensepost/gdi-palettes-exp + Binary: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42432.exe include include include include //From...

BruteSploit - Collection Of Method For Automated Generate, Bruteforce And Manipulation Wordlist

BruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and can be used in CTF for manipulation,combine,transform and permutation some words or file text. Tutorial Check in...