shadow-pentest

🖤 Shadow Pentest Framework v1.0 Automated CVE Discovery & E...

Pen-Strategist: A Reasoning Framework for Penetration Testing Strategy Formation and Analysis

Cyber threats are rapidly increasing, expanding their impact from large-scale enterprises to government services and individual users, making robust security systems increasingly essential. However, a significant shortage of skilled cybersecurity professionals exacerbates this challenge. While...

pentestfr

Pentest Framework — Kali Linux / VirtualBox Framework Python...

HTTP Fetch, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/patchupdllinject/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf payloadreversetcprc4 show options ...sh...

EUVD-2012-5577

Malware in sbrugna...

EUVD-2012-5578

Malware in sbrugna...

EUVD-2012-5580

Malware in sbrugna...

EUVD-2012-5576

Malware in sbrugna...

AutoPentester: An LLM Agent-Based Framework for Automated Pentesting

Penetration testing and vulnerability assessment are essential industry practices for safeguarding computer systems. As cyber threats grow in scale and complexity, the demand for pentesting has surged, surpassing the capacity of human professionals to meet it effectively. With advances in AI,...

AssassinGo

This is an extensible and concurrency pentest framework in Go, also with a WebGUI. It is an offensive tool for Network Scanning, Vulnerability Scanning, and Information Gathering. The primary CVE ID is not specified in the provided context. The target product/service is not explicitly stated, but...

CVE-2012-5878

Bulb Security Smartphone Pentest Framework SPF 0.1.2 through 0.1.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostingPath parameter to 1 SEAttack.pl or 2 CSAttack.pl in frameworkgui/ or the 3 appURLPath parameter to frameworkgui/attachMobileModem.pl...

CVE-2012-5693

Bulb Security Smartphone Pentest Framework SPF before 0.1.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddressTB parameter to 1 remoteAttack.pl or 2 guessPassword.pl in frameworkgui/; the filename parameter to 3 CSAttack.pl or 4 SEAttack.pl in...

CVE-2012-5878

CVE-2012-5878 concerns the Smartphone Pentest Framework (SPF) versions 0.1.2–0.1.4. The connected records confirm a remote OS command injection vulnerability in SPF’s web GUI, triggered by unsanitized input in the hostingPath parameter for SEAttack.pl and CSAttack.pl (frameworkgui/), and the appU...

CVE-2012-5693

Bulb Security Smartphone Pentest Framework SPF before 0.1.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddressTB parameter to 1 remoteAttack.pl or 2 guessPassword.pl in frameworkgui/; the filename parameter to 3 CSAttack.pl or 4 SEAttack.pl in...

Sn1per v7.0 - Automated Pentest Framework For Offensive Security Experts

Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security's premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage...

Jok3R - Network And Web Pentest Framework

Jok3r is a Python3 CLI application which is aimed at helping penetration testers for network infrastructure and web black-box security tests. Its main goal is to save time on everything that can be automated during network/web pentest in order to enjoy more time on more interesting and challengin...

Penetration Testers Framework: PTF

The PenTesters Framework PTF is a Python script designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. As pentesters, we’ve been accustom to the /pentest/ directories or our own toolsets that we want to keep up-to-date all o...

AndroL4b - A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

AndroL4b is an android security virtual machine based on ubuntu Mate includes the collection of latest framework, tutorials and labs from different security geeks and researcher for reverse engineering and malware analysis. Tools APKStudio Cross-platform Qt5 based IDE for reverse-engineering...

CVE-2012-5697

The btinstall installation script in Bulb Security Smartphone Pentest Framework SPF before 0.1.3 uses weak permissions 777 for all files in the frameworkgui/ directory, which allows local users to obtain sensitive information or inject arbitrary Perl code via direct access to these files...

CVE-2012-5696

Bulb Security Smartphone Pentest Framework SPF before 0.1.3 does not properly restrict access to frameworkgui/config, which allows remote attackers to obtain the plaintext database password via a direct request...