32 matches found
EUVD-2015-5022
Malware in sbrugna...
EUVD-2021-10844
Malware in sbrugna...
CVE-2025-11141
A security flaw has been discovered in Ruijie NBR2100G-E up to 20250919. Affected by this issue is the function listAction of the file /itboxpi/branchpassw.php?a=list. Performing manipulation of the argument city results in os command injection. The attack is possible to be carried out remotely...
Varnish Cache CLI Login Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/varnish' require 'metasploit/framework/tcp/client' class MetasploitModule...
No Protection Against Bruteforce Attacks on Login Page in
Description Modoboa does not restrict or limit unsuccessful login attempts allowing an attacker to brute force the password of a known user Proof of Concept Steps to Reproduce: Capture login request with BurpSuite Send to Intruder Replay the login request with a different password value utilizing...
Psudohash - Password List Generator That Focuses On Keywords Mutated By Commonly Used Password Creation Patterns
psudohash is a password list generator for orchestrating brute force attacks. It imitates certain password creation patterns commonly used by humans, like substituting a word's letters with symbols or numbers, using char-case variations, adding a common padding before or after the word and more. ...
Spraygen - Password List Generator For Password Spraying
Password list generator for password spraying - prebaked with goodies Version 1.4 Generates permutations of Months, Seasons, Years, Sports Teams NFL, NBA, MLB, NHL, Sports Scores, "Password", and even Iterable Keyspaces of a specified size. All permutations are generated with common attributes...
CVE-2021-23921
An issue was discovered in Devolutions Server before 2020.3. There is broken access control on Password List entry elements...
CVE-2021-23921
An issue was discovered in Devolutions Server before 2020.3. There is broken access control on Password List entry elements...
Improper access control
An issue was discovered in Devolutions Server before 2020.3. There is broken access control on Password List entry elements...
CVE-2021-23921
An issue was discovered in Devolutions Server before 2020.3. There is broken access control on Password List entry elements...
CVE-2021-23921
CVE-2021-23921 affects Devolutions Server prior to 2020.3. The issue is broken access control on Password List entry elements, as described in the CVE entry and corroborated by NVD/related records. The connected documents confirm the affected software and the underlying flaw (inadequate access re...
Devolutions Server 安全漏洞
Devolutions Server is an application from Devolutions Canada. It provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server before 2020.3, which stems from a breach of access control on the password list entry element...
Longtongue - Customized Password/Passphrase List Inputting Target Info
Customized Password/Passphrase List inputting Target Info Installation git clone https://github.com/edoardottt/longtongue.git cd longtongue python3 longtongue.py Usage usage: longtongue.py -h -p | -c | -v -l | -L -y -n Customized Password/Passphrase List inputting Target Info optional arguments:...
Chalumeau - Automated, Extendable And Customizable Credential Dumping Tool
Chalumeau is automated,extendable and customizable credential dumping tool based on powershell and python. Main Features Write your own Payloads In-Memory execution Extract Password List Dashboard reporting / Web Interface Parsing Mimikatz Dumping Tickets Screenshots Known Issues Parsing Mimikatz...
Words Scraper - Selenium Based Web Scraper To Generate Passwords List
Selenium based web scraper to generate passwords list. Installation Download Firefox webdriver from https://github.com/mozilla/geckodriver/releases $ tar xzf geckodriver-vVERSION-HERE.tar.gz $ sudo mv geckodriver /usr/local/bin Make sure it is in your PATH $ geckodriver --version Make sure...
Spray - A Password Spraying Tool For Active Directory Credentials By Jacob Wilkin(Greenwolf)
A Password Spraying tool for Active Directory Credentials by Jacob WilkinGreenwolf Getting Started These instructions will show you the requirements for and how to use Spray. Prerequisites All requirements come preinstalled on Kali Linux, to run on other flavors or Mac just make sure curlowa & ly...
Tweetshell - Multi-thread Twitter BruteForcer In Shell Script
Tweetshell is an Shell Script to perform multi-threaded brute force attack against Twitter, this script can bypass login limiting and it can test infinite number of passwords with a rate of +400 passwords/min using 20 threads. Legal disclaimer: Usage of TweetShell for attacking targets without...
Hashcracker - Python Hash Cracker
Supportedhashing algorithms: SHA512, SHA256, SHA384, SHA1, MD5 Features: auto detection of hashing algorithm based on length not recommended, bruteforce, password list Arguments: type: hash algorithm must be one of the supported hashing algorithms mentioned above or AUTO if you want to use...
Facebash - Facebook Brute Forcer In Shellscript Using TOR
Facebook Brute Forcer in shellscript using TOR IG: @thelinuxchoice Legal disclaimer: Usage of Facebash for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not...