66 matches found
vulnscan
VulnScan — Automatic Vulnerability Scanner Kali Linux Edit...
web-pentest-tool
🛡️ AutoPenTest — Automated Penetration Testing Tool ⚠️ DI...
redteam-notebook
It is an offensive tool for network and web exploitation. The repository, redteam-notebook, contains a collection of commands, tips, and tricks for preparation and execution of red teaming activities, specifically for the OSCP exam. The primary vulnerability targeted is not explicitly stated, but...
Wordpress Pingback Locator
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Pingback Locator', 'Description' = %q This module will scan for wordpress sites with the Pingback API enabled. By interfacing with the...
TCP SYN Port Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TCP SYN Port Scanner', 'Description' = %q Enumerate open TCP services using a raw SYN scan. , 'Author' = 'kris katterjohn', 'License' = MSFLICENS...
Turkish Hackers Exploiting Poorly Secured MS SQL Servers Across the Globe
Poorly secured Microsoft SQL MS SQL servers are being targeted in the U.S., European Union, and Latin American LATAM regions as part of an ongoing financially motivated campaign to gain initial access. "The analyzed threat campaign appears to end in one of two ways, either the selling of 'access'...
[SECURITY] Fedora 36 Update: netscanner-0-0.6.20201116git8baab36.fc36
A TCP/UDP scanner to find open or closed ports...
Jfscan - A Super Fast And Customisable Port Scanner, Based On Masscan And NMap
Killing features Scan with nmap fast! Allows you to scan targets with Masscan and run Nmap on discovered ports with possibility of custom options. Nmap on steroids. Allows to scan targets in multiple formats. Can output results in domain:port format. Works in stdin/stdout mode, so you can pipe...
Skanuvaty - Dangerously Fast DNS/network/port Scanner
Dangerously fast dns/network/port scanner, all-in-one. Start with a domain, and we'll find everything about it. Features: Finds subdomains from root domain Finds IPs for subdomains Checks what ports are open on those IPs Notice: not yet implemented Outputs a handy .json file with all the data for...
PortSwigger Web Security: RCE of Burp Scanner / Crawler via Clickjacking
A vulnerability was discovered in Burp Suite, a web application security testing tool. The vulnerability allowed an attacker to exploit a known XSS vulnerability in the embedded Chrome browser used by Burp Suite. By leveraging this vulnerability, an attacker could execute arbitrary commands on th...
DivideAndScan - Divide Full Port Scan Results And Use It For Targeted Nmap Runs
DivideEt Impera And Scan and also merge the scan results D ivideA ndS can is used to efficiently automate port scanning routine by splitting it into 3 phases: 1. Discover open ports for a bunch of targets. 2. Run Nmap individually for each target with version grabbing and NSE actions. 3. Merge th...
Sarenka - OSINT Tool - Data From Services Like Shodan, Censys Etc. In One Place
SARENKA is an Open Source Intelligence OSINT tool which helps you obtaining and understanding Attack Surface. The main goal is to gathering infromation from search engines for Internet-connected devices https://censys.io/ , https://www.shodan.io/. It scraps data about Common Vulnerabilities and...
USN-4665-1: curl vulnerabilities
Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPTCONNECTONLY option. This could result in data being sent to the wrong destination, possibly exposing sensitive information. This issue only affected Ubuntu 20.10. CVE-2020-8231 Varnavas Papaioannou discovered that curl...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : curl vulnerabilities (USN-4665-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4665-1 advisory. Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPTCONNECTONLY option. This could result in data being sen...
8x8 Bounty: Open TURN relay abuse is possible due to lack of peer access control (Critical)
NOTE: This is not an SSRF vulnerability but an open TURN relay vulnerability. Typically, this security vulnerability has at least the same impact as an SSRF. However it is considered more useful from an attacker's point of view since attacks are not restricted to HTTP. - Affects: - █████:443 -...
RecScanSec - Reconnaisance Scanner Security
RecScanSec made for reconnaisance Scanner and information gathering with an emphasis on simplicity. It will do everything from. Features Information Security Headers WAF Analyzer Information Disclosure Banner Grabbing Url Crawl HTML Form Detector Port Scanner Get SSL Information Subdomain...
Zeebsploit - Web Scanner / Exploitation / Information Gathering
zeebsploit is a tool for hacking searching for web information and scanning vulnerabilities of a web Installation & Usage apt-get install git git clone https://github.com/jaxBCD/Zeebsploit.git cd Zeebsploit chmod +x install ./install python3 zeebsploit.py type 'help' for show modules and follow...
Zeebsploit - Web Scanner / Exploitation / Information Gathering
zeebsploit is a tool for hacking searching for web information and scanning vulnerabilities of a web Installation & Usage apt-get install git git clone https://github.com/jaxBCD/Zeebsploit.git cd Zeebsploit chmod +x install ./install python3 zeebsploit.py type 'help' for show modules and follow...
Metasploit Cheat Sheet
The Metasploit Project is a computer security project that provides information on vulnerabilities, helping in the development of penetration tests and IDS signatures. Metasploit is a popular tool used by pentest experts. Metasploit : Search for module: msf search regex Specify and exploit to use...
Quasar - An Information Gathering Framework For Lazy Penetration Testers
Quasar Is An Information Gathering Framework For Penetration Testers Coded By Belahsan Ouerghi: Website Informations E-mail Address Checker Phone Number Information Credit Card Bin Checker Ip Locator Port Scanner Installation sudo apt-get install git git clone...