101 matches found
py-pygments -- multiple DoS vulnerabilities
Red Hat reports: An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML SML source file, as demonstrated by input that only contains the "exception" keyword. Ben Caller reports: In pygments 1.1+, fixed in...
MalwareSourceCode - Collection Of Malware Source Code For A Variety Of Platforms In An Array Of Different Programming Languages
Malware Source Code Collection !!! DISCLAIMER !!! We do not take any responsibility for any damage done by the code in this repository. Download, compile or run at your own risk Contents: This repository contains the source code for the following: . ├── Acad ├── Engines │ ├── BAT │ ├── Linux...
What Programming Languages Do Ethical Hackers Use?
By Owais Sultan Ethical hacking is when hacking is done for good reasons - The people behind ethical hacking are ethical hackers or white hat hackers. This is a post from HackRead.com Read the original post: What Programming Languages Do Ethical Hackers Use?...
Python and Go Top the Chart of 2019’s Most Popular Hacking Tools
Imperva Cloud WAF protects over a hundred thousand websites globally and observes around a billion of attacks daily. We detect thousands of hacking tools on a daily basis and employ various measures to stop malicious requests. Here are the most dangerous tools and attacks we discover while...
exploit-database
This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains exploits, shellcodes, and papers for various vulnerabilities in different software and systems. The exploits are categorized by operating system, software, and vulnerability...
An intern’s experience with Rust
Over the course of my internship at the Microsoft Security Response Center MSRC, I worked on the safe systems programming languages SSPL team to promote safer languages for systems programming where runtime overhead is important, as outlined in this blog. My job was to port a security critical...
An intern's experience with Rust
Over the course of my internship at the Microsoft Security Response Center MSRC, I worked on the safe systems programming languages SSPL team to promote safer languages for systems programming where runtime overhead is important, as outlined in this blog. My job was to port a security critical...
[SECURITY] Fedora 31 Update: sphinx-2.2.11-13.fc31
Sphinx is a full-text search engine, distributed under GPL version 2. Commercial licensing e.g. for embedded use is also available upon request. Generally, it's a standalone search engine, meant to provide fast, size-efficient and relevant full-text search functions to other applications. Sphinx...
Syhunt Community 6.7 - Web And Mobile Application Scanner
Syhunt Community is a web and now mobile application security scanner. Syhunt is able to scan any kind of application source code for potential security vulnerabilities, pinpointing the exact lines of the code that need to be patched. Or you can simply enter a start URL and get detailed...
[SECURITY] Fedora 29 Update: libnbd-1.0.2-1.fc29
NBD =EF=BF=BD=EF=BF=BD=EF=BF=BD Network Block Device =EF=BF=BD=EF=BF=BD=EF =BF=BD is a protocol for accessing Block Devices hard disks and disk-like things over a Network. This is the NBD client library in userspace, a simple library for writing NBD clients. The key features are: Synchronous and...
[SECURITY] Fedora 30 Update: libnbd-1.0.2-1.fc30
NBD =EF=BF=BD=EF=BF=BD=EF=BF=BD Network Block Device =EF=BF=BD=EF=BF=BD=EF =BF=BD is a protocol for accessing Block Devices hard disks and disk-like things over a Network. This is the NBD client library in userspace, a simple library for writing NBD clients. The key features are: Synchronous and...
[SECURITY] Fedora 29 Update: python-notebook-5.7.2-1.fc29
The Jupyter Notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. The Notebook has support for multiple programming languages, sharing, and interactive widgets...
BST (Binary String Toolkit) - Quickly And Easily Convert Binary Strings For All Your Exploit Development Needs
The Binary String Toolkit or BST for short is a rather simple utility to convert binary strings to various formats suitable for later inclusions in source codes, such as those used to develop exploits in the security field. Features Dump files content to standard output in a binary string format...
[SECURITY] Fedora 27 Update: redis-4.0.10-1.fc27
Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...
'Zip Slip' Vulnerability Affects Thousands of Projects Across Many Ecosystems
Security researchers at British software firm Snyk have revealed details of a critical vulnerability that affects thousands of projects across many ecosystems and can be exploited by attackers to achieve code execution on the target systems. Dubbed "Zip Slip ," the issue is an arbitrary file...
[SECURITY] Fedora 28 Update: python-notebook-5.4.0-2.fc28
The Jupyter Notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. The Notebook has support for multiple programming languages, sharing, and interactive widgets...
[SECURITY] Fedora 27 Update: python-notebook-5.2.1-2.fc27
The Jupyter Notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. The Notebook has support for multiple programming languages, sharing, and interactive widgets...
Metasploit Wrapup, 4.14.4 through 4.14.11
Editor's Note: While this edition of the Metasploit Wrapup is a little late my fault, sorry, we're super excited that it's our first ever Metasploit Wrapup to be authored by an non-Rapid7 contributor. We'd like to thank claudijd -long-time Metasploit contributor, Mozilla security wrangler, and...
Code Injection (Php://input Wrapper)
A modern web application will be reliant on several different programming languages. These languages can be broken up in two flavours. These are client-side languages such as those that run in the browser -- like JavaScript and server-side languages which are executed by the server -- like ASP,...
Code Injection
A modern web application will be reliant on several different programming languages. These languages can be broken up in two flavours. These are client-side languages such as those that run in the browser -- like JavaScript and server-side languages which are executed by the server -- like ASP,...