MAL-2026-5684 Malicious code in jec (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cfd390b5ea0fe558bd7f5fd56dec8386148e58d7f8d4b6bba14f8a2aa8b6d323 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in sysbu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7d7e10321db9abd5e77b0f656d5fac237968ecd79c0ce409b58ee555fb5b236 Despite advertising itself as a 'System binary configuration tool', sysbu's index.js unconditionally invokes startApp on require/CLI execution. If...

MAL-2026-5616 Malicious code in sysbu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7d7e10321db9abd5e77b0f656d5fac237968ecd79c0ce409b58ee555fb5b236 Despite advertising itself as a 'System binary configuration tool', sysbu's index.js unconditionally invokes startApp on require/CLI execution. If...

Malicious code in sysau (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b9246e768a775d54485e7208d0ed4fc575af09bc78c3fde95c5cb24ebc2350d Package advertises itself as a 'System binary configuration tool' but ships pointer.py spawned by index.js which hardcodes...

MAL-2026-3773 Malicious code in sysbin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ab8ea4ce073a93a1973a062ac7661ceeaea9c312f9fd67e9acda9936e2b6578 Package metadata advertises sysbin as a 'System binary configuration tool' but the tarball ships pointer.py, a stealth overlay that runs automaticall...

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling via the unicode processing of HTTP header values. An attacker can bypass firewall or proxy protections by sending requests containing non-ASCII characters. Note: This is only exploitable if C extensions are not in...

EUVD-2019-7493

Malware in sbrugna...

EUVD-2025-2685

Malicious code in bioql PyPI...

Exploit for SQL Injection in Glpi-Project Glpi

CVE-2025-24799 SQLi Scanner A fast SQL injection vulnerabilit...

Exploit for Protection Mechanism Failure in Microsoft

PoC exploit for CVE-2024-30052, a vulnerability in a Windows-bas...

Havoc - Modern and malleable post-exploitation command and control framework

Havoc is a modern and malleablepost-exploitation command and control framework, created by @C5pider. Havoc is in an early state of release. Breaking changes may be made to APIs/core structures as the framework matures. Support Consider supporting C5pider on Patreon/Github Sponsors. Additional...

Secretflow - A Unified Framework For Privacy-Preserving Data Analysis And Machine Learning

SecretFlow is a unified framework for privacy-preserving data intelligence and machine learning. To achieve this goal, it provides: An abstract device layer consists of plain devices and secret devices which encapsulate various cryptographic protocols. A device flow layer modeling higher algorith...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796 Remote overflow PO...

ezEmu - Simple Execution Of Commands For Defensive Tuning/Research

ezEmu enables users to test adversary behaviors via various execution techniques. Sort of like an "offensive framework for blue teamers ", ezEmu does not have any networking/C2 capabilities and rather focuses on creating local test telemetry. Windows See /Linux for ELF ezEmu is compiled as...

Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager

CVE-2020-5902 IoC Detection Tool This script is intended to b...

CVE-2019-17019

When Python was installed on Windows, a python file being served with the MIME type of text/plain could be executed by Python instead of being opened as a text file when the Open option was selected upon download. Note: this issue only occurs on Windows. Other operating systems are unaffected...

Infoga - Email Information Gathering

Infoga is a tool for gathering e-mail accounts information ip,hostname,country,... from different public sources search engines, pgp key servers. Is a really simple tool, but very effective for the early stages of a penetration test or just to know the visibility of your company in the Internet...

Equation organization leaked windows framework vulnerability tool Esteemaudit RDP vulnerability

1. Reproduction environment: • Windows 2003 sp2 x86 •Windows 2003 configuration the domain server Domain server set up please refer to: https://wenku.baidu.com/view/430e9e96964bcf84b9d57bd4.html） 2. Environment to build: From https://yadi.sk/d/NJqzpqo3GxZA4 download the leaked file Under linux by...

Targeted Geolocation Framework: HoneyBadger v2

HoneyBadger is a framework for targeted geolocation. While honeypots are traditionally used to passively detect malicious actors, HoneyBadger is an Active Defense tool to determine who the malicious actor is and where they are located. HoneyBadger leverages “agents” built in various technologies...

Fedora Update for moin FEDORA-2008-3301

Check for the Version of moin OpenVAS Vulnerability Test Fedora Update for moin FEDORA-2008-3301 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...