phpIPAM 1.4 - SQL Injection Vulnerability

Exploit for php platform in category web applications !/usr/bin/env python3 Exploit Title: phpIPAM Custom Field Filter SQL Injection Exploit Announcement Date: September 16, 2019 5:18 AM Exploit Creation Date: September 27, 2019 Exploit Author: Kevin Kirsche Vendor Homepage: https://phpipam.net...

Truegaze - Static Analysis Tool For Android/iOS Apps Focusing On Security Issues Outside The Source Code

A static analysis tool for Android and iOS applications focusing on security issues outside the source code such as resource strings, third party libraries and configuration files. Requirements Python 3 is required and you can find all required modules in the requirements.txt file. Only tested on...

Airflowscan - Checklist And Tools For Increasing Security Of Apache Airflow

Checklist and tools for increasing security of Apache Airflow. DISCLAIMER This project NOT AFFILIATED with the Apache Foundation and the Airflow project, and is not endorsed by them. Contents The purpose of this project is provide tools to increase security of Apache Airflow. installations. This...

UPDATE: SILENTTRINITY v0.3.0

PenTestIT RSS Feed Just yesterday, I wrote about this open source post-exploitation C2 framework and a new release is already available. The post was titled - List of Open Source C2 Post-Exploitation Frameworks. We now have SILENTTRINITY v0.3.0 amongst us, which was in the works for a long time!...

AutoRecon - Multi-Threaded Network Reconnaissance Tool Which Performs Automated Enumeration Of Services

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services. It is intended as a time-saving tool for use in CTFs and other penetration testing environments e.g. OSCP. It may also be useful in real-world engagements. The tool works by firstly...

[SECURITY] Fedora 29 Update: python3-docs-3.7.4-1.fc29

The python3-docs package contains documentation on the Python 3 programming language and interpreter. Install the python3-docs package if you'd like to use the documentation for the Python 3 language...

Fedora Update for python3-docs FEDORA-2019-60a1defcd1

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora Update for python3-docs FEDORA-2019-9bfb4a3e4b

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Git-Hound - Find Exposed Keys Across GitHub Using Code Search Keywords

A pattern-matching, batch-catching secret snatcher. This project is intended to be used for educational purposes. Git Hound makes it easy to find exposed API keys on GitHub using pattern matching, targetted querying, and a scoring system. Usage echo "tillsongalloway.com" | python git-hound.py or...

RecScanSec - Reconnaisance Scanner Security

RecScanSec made for reconnaisance Scanner and information gathering with an emphasis on simplicity. It will do everything from. Features Information Security Headers WAF Analyzer Information Disclosure Banner Grabbing Url Crawl HTML Form Detector Port Scanner Get SSL Information Subdomain...

Faraday v3.8 - Collaborative Penetration Test and Vulnerability Management Platform

Here are the main new features and improvements in Faraday v3.8: Set up Faraday with a double click! We are committed to facilitate your work processes. With that in mind, we enhanced our installation phases, so now it’s easier to have Faraday on your devices: You can download our platform with...

Exploit for Use After Free in Microsoft

Note: This project has been archived as actual exploits have...

BruteDum - Brute Force Attacks SSH, FTP, Telnet, PostgreSQL, RDP, VNC With Hydra, Medusa And Ncrack

BruteDum is a SSH, FTP, Telnet, PostgreSQL, RDP, VNC brute forcing tool with Hydra, Medusa and Ncrack. BruteDum can work with aany Linux distros if they have Python 3. Features of BruteDum SSH, FTP, Telnet, PostgreSQL, RDP, VNC with Hydra recommended SSH, FTP, Telnet, PostgreSQL, RDP, VNC with...

Adidnsdump - Active Directory Integrated DNS Dumping By Any Authenticated User

By default any user in Active Directory can enumerate all DNS records in the Domain or Forest DNS zones, similar to a zone transfer. This tool enables enumeration and exporting of all DNS records in the zone for recon purposes of internal networks. For more info, read the associated blog post...

openSUSE Security Update : ceph (openSUSE-2019-1284)

This update for ceph version 13.2.4 fixes the following issues : Security issues fixed : - CVE-2018-14662: Fixed an issue with LUKS 'config-key' safety bsc1111177 - CVE-2018-10861: Fixed an authorization bypass on OSD pool ops in ceph-mon bsc1099162 - CVE-2018-1128: Fixed signature check bypass i...

Security update for ceph (moderate)

openSUSE Security Update: Security update for ceph Announcement ID: openSUSE-SU-2019:1284-1 Rating: moderate References: 1084645 1086613 1096748 1099162 1101262 1111177 1114567 1114710 Cross-References: CVE-2018-10861 CVE-2018-1128 CVE-2018-1129 CVE-2018-14662 CVE-2018-16846 Affected Products:...

FTPBruter - A FTP Server Brute Forcing Tool

Brute forcing tool for FTP server. FTPBruter can work in any OS if they have and support Python 3. Feature Brute force a FTP server with a username or a list of usernames That's all. Install and Run on Linux You have to install Python 3 first: Install Python 3 on Arch Linux and its distros: sudo...

Pepe - Collect Information About Email Addresses From Pastebin

Collect information about leaked email addresses from Pastebin About Script parses Pastebin email:password dumps and gather information about each email address. It supports Google, Trumail, Pipl, FullContact and HaveIBeenPwned. Moreover, it allows you to send an informational mail to person abou...

[SECURITY] Fedora 28 Update: python3-3.6.8-2.fc28

Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the...

Sh00T - A Testing Environment for Manual Security Testers

A Testing Environment for Manual Security Testers. Sh00t is a task manager to let you focus on performing security testing provides To Do checklists of test cases helps to create bug reports with customizable bug templates Features: Dynamic Task Manager to replace simple editors or task managemen...