enumy

Enumy Enumy is an ultra fast portable executable that you drop on target Linux machine during a pentest or CTF in the post exploitation phase. Running enumy will enumerate the box for common security vulnerabilities. Installation You can download the final binary from the release x86 or x64 tab...

Living Long Doing Pentests

Whitepaper called Living Long Doing Pentests. It discusses basic LLDP protocol fuzzing and usage from a pentester's point of view...

Cervantes 安全漏洞

Cervantes is an open source collaboration platform designed for Pentester and Red Teams by Cervantes Open Source. A security vulnerability exists in Cervantes 0.5-alpha and earlier versions that stems from accepting insecure file uploads...

GYM MS 1.0 Cross Site Scripting

Exploit Title: GYM MS - GYM Management System - Cross Site Scripting Stored Date: 29/09/2023 Vendor Homepage: https://phpgurukul.com/gym-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/projects/GYM-Management-System-using-PHP.zip Version: 1.0 Last Update: 31 August 20...

Reflected XSS on clients-registrations endpoint

A POST based reflected Cross Site Scripting vulnerability on has been identified in Keycloak. When a malicious request is sent to the client registration endpoint, the error message is not properly escaped, allowing an attacker to execute malicious scripts into the user's browser. Acknowledgement...

GHSA-M98G-63QJ-FP8J Reflected XSS on clients-registrations endpoint

A POST based reflected Cross Site Scripting vulnerability on has been identified in Keycloak. When a malicious request is sent to the client registration endpoint, the error message is not properly escaped, allowing an attacker to execute malicious scripts into the user's browser. Acknowledgement...

Ethical Hacking and Penetration Testing. Where to Begin.

Looking at the employment landscape, it’s clear that prospects for landing cybersecurity positions are excellent and on the rise, but what about the commercial viability of that “grey side-gig”, ethical hacking and penetration testing? While the notion of “being bad to help the good people” is...

DNSObserver - A Handy DNS Service Written In Go To Aid In The Detection Of Several Types Of Blind Vulnerabilities

A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for out-of-band DNS interactions and sends notifications with the received request's details via Slack. DNSObserver can help you find bugs such as blind OS command...

Composr CMS 10.0.30 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Title: Composr CMS 10.0.30 - Persistent Cross-Site Scripting Author: Manuel Garcia Cardenas Vendor: https://compo.sr/ CVE: N/A ============================================= MGC ALERT 2020-001 - Original release date: February 06, 2020 - Last...

Clipboardme - Grab And Inject Clipboard Content By Link

Grab/Inject Clipboard Content Browsers are implementing a new JavaScript API for asynchronous clipboard access to integrate copy and paste into web applications. It is a replacement for the synchronous execCommand-based copy & paste. Async Clipboard requests doesn't block the page while waiting t...

Rabid - A CLI Tool And Library Allowing To Simply Decode All Kind Of BigIP Cookies

RA pid B ig I P D ecoder What it is A CLI tool and library allowing to simply decode all kind of BigIP cookies. Features Support all 4 cookie formats CLI tool & library Hackable References Homepage / Documentation: https://orange-cyberdefense.github.io/rabid/ Author Made by Alexandre ZANNI @noraj...

NetAss2 - Network Assessment Assistance Framework

Easier network scanning with NetAss2 Network Assessment Assistance Framework. Make it easy for Pentester to do penetration testing on network. Dependencies nmap tool zmap tool Installation git clone https://github.com/zerobyte-id/NetAss2.git cd NetAss2 sudo chmod +x install.bash sudo ./install.ba...

CMS Made Simple 2.2.10 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications ============================================= MGC ALERT 2019-002 - Original release date: April 10, 2019 - Last revised: May 22, 2019 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 CVSS Base Score - CVE-ID: CVE-2019-11226...

WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion

============================================= MGC ALERT 2019-001 - Original release date: February 06, 2019 - Last revised: March 13, 2019 - Discovered by: Manuel García Cárdenas - Severity: 7/10 CVSS Base Score - CVE-ID: CVE-2019-9618 ============================================= I. VULNERABILIT...

WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion

WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion ============================================= MGC ALERT 2019-001 - Original release date: February 06, 2019 - Last revised: March 13, 2019 - Discovered by: Manuel García Cárdenas - Severity: 7/10 CVSS Base Score - CVE-ID:...

WordPress GraceMedia Media Player 1.0 Plugin - Local File Inclusion Vulnerability

Exploit for php platform in category web applications WordPress GraceMedia Media Player 1.0 Plugin - Local File Inclusion ============================================= MGC ALERT 2019-001 - Original release date: February 06, 2019 - Last revised: March 13, 2019 - Discovered by: Manuel García...

PENTOL - Pentester Toolkit For Fiddler2

PENTOL - Pentester Toolkit is built as a plugin for the Fiddler HTTP debugging proxy. Features CORS DETECTED Cross-Origin Resource Sharing CRLF DETECTED HTTP response splitting Headers DETECTED X-Frame-Options USAGE Install Fiddler2 Open Fiddler2 Press Key CTRL + R or Rules Customize Rules... Cop...

Mobile Application Testing Toolkit: Scrounger

Even though several other mobile application analysis tools have been developed, there is no one tool that can be used for both android and ios and can be called a “standard” must use on every mobile application assessment. The idea behind Scrounger is to make a metasploit-like tool that will not...

Skills That a ‘Next-Level’ Pentester Should Have

The field of penetration testing has grown rapidly since the United States Department of Defense’s Tiger Teams first emerged on the computer scene. With that growth, we’ve seen different skill-sets, approaches and quality levels emerge among penetration-testing professionals. Moshe Zioni is the...

CSP MySQL User Manager 2.3.1 - Authentication Bypass

Exploit Title: CSP MySQL User Manager 2.3.1 - Authentication Bypass Date: 2018-05-04 Exploit Author: Youssef mami Vendor Homepage: https://code.google.com/archive/p/cspmum/ Software Link: https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/cspmum/cmum-231.zip Version:...