Actual Sync-server Gocardless service is logging sensitive data including bearer tokens and account numbers

Summary The GoCardless components in Actualbudget in are logging responses to STDOUT in a parsed format using console.logand console.debug Which in this version of node is an alias for console.log. This is exposing sensitive information in log files including, but not limited to: - Gocardless...

Exploit for OS Command Injection in Php

PHP-CGI Injector 🚀 CVE-2024-4577 & CVE-2024-8926 Exploit To...

Exploit for Command Injection in Ivanti Connect_Secure

🚨 CVE-2024-21887 Exploit Tool 🛠️ A robust tool for detecting...

Exploit for Command Injection in Ivanti Connect_Secure

🚨 CVE-2024-21887 Exploit Tool 🛠️ A robust tool for detecting...

NetworkAssessment - With Wireshark Or TCPdump, You Can Determine Whether There Is Harmful Activity On Your Network Traffic That You Have Recorded On The Network You Monitor

The Network Compromise Assessment Tool is designed to analyze pcap files to detect potential suspicious network traffic. This tool focuses on spotting abnormal activities in the network traffic and searching for suspicious keywords. DNS Tunneling Detection : Identifies potential covert...

PrivescCheck

This is an offensive tool for Windows privilege escalation. It is an extended and updated version of PowerUp, aiming to enumerate common Windows security misconfigurations that can be leveraged for privilege escalation and gather various information useful for exploitation and/or post-exploitatio...