Fedora Update for python3 FEDORA-2018-a042f795b2

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for python3-docs FEDORA-2018-aa8de9d66a

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 26 Update: python3-3.6.5-1.fc26

Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as t...

[SECURITY] Fedora 28 Update: python3-3.6.5-1.fc28

Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the...

openSUSE Security Update : python3-Django (openSUSE-2018-318)

This update for python3-Django to version 1.18.18 fixes multiple issues. Security issues fixed : - CVE-2018-7537: Fixed catastrophic backtracking in django.utils.text.Truncator. bsc1083305 - CVE-2018-7536: Fixed catastrophic backtracking in urlize and urlizetrunc template filters bsc1083304. -...

Cisco node-jos < 0.11.0 - Re-sign Tokens

!/usr/bin/env python3 import base64 from urllib.parse import quoteplus import rsa import sys zi0Black ''' EDB Note: This has been updated https://github.com/offensive-security/exploitdb/pull/139 POC of CVE-2018-0114 Cisco node-jose = 8 return b::-1 def generateheaderpayloadpayload,pubkey: create...

Dotdotslash - An Tool To Help You Search For Directory Traversal Vulnerabilities

An tool to help you search for Directory Traversal Vulnerabilities Benchmarks Platforms that I tested to validate tool efficiency: DVWA low/medium/high bWAPP low/medium/high Screenshots Instalation You can download the last version cloning this repository git clone...

Fuzzing and Data Manipulation Framework: Fuddly

Among the variety of complementary approaches used in the security evaluation of a target e.g. , software, an embedded equipment, etc. , fuzz testing—abbreviated fuzzing —is widely recognized as an effective means to help discovering security weaknesses in a target. Fuzzing is a software testing...

Shellen - Interactive Shellcoding Environment, In Which You Can Easily Craft Your Shellcodes

Shellen is an interactive shellcoding environment. If you want a handy tool to write shellcodes, then shellen may be your friend. Also, it can be used just as assembly/disassembly tool. It uses keystone and capstone engines for all provided operations. Shellen works only on python3. Maybe it will...

openSUSE Security Update : python3-openpyxl (openSUSE-2018-202)

This update for python3-openpyxl fixes one security issue : - CVE-2017-5992: Prevent resolving external entities by default, which allowed remote attackers to conduct XXE attacks via a crafted .xlsx document bsc1025592. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

Enumdb - MySQL and MSSQL Brute Force And Post Exploitation Tool To Search Through Databases And Extract Sensitive Information

Enumdb is brute force and post exploitation tool for MySQL and MSSQL databases. When provided a list of usernames and/or passwords, it will cycle through each looking for valid credentials. By default enumdb will use newly found, or given, credentials to search the database and find tables...

macro_pack - Tool Used To Automatize Obfuscation And Generation Of Ms Office Documents For Pentest, Demo, And Social Engineering Assessments

The macropack is a tool used to automatize obfuscation and generation of retro formats such as MS Office documents or VBS like format. This tool can be used for redteaming, pentests, demos, and social engineering assessments. macropack will simplify antimalware solutions bypass and automatize the...

GTScan - The Nmap Scanner for Telco

The Nmap Scanner for Telco. With the current focus on telecom security, there used tools in day to day IT side penetration testing should be extended to telecom as well. From here came the motivation for an nmap-like scanner but for telco The current security interconnect security controls might...

Fedora 27 : botan (2017-523f6a613d)

Version 1.10.17, 2017-10-02 - Address a side channel affecting modular exponentiation. An attacker capable of a local or cross-VM cache analysis attack may be able to recover bits of secret exponents as used in RSA, DH, etc. CVE-2017-14737 - Workaround a miscompilation bug in GCC 7 on x86-32...

CoffeeMiner - Collaborative (MITM) Cryptocurrency Mining Pool In Wifi Networks

Collaborative mitm cryptocurrency mining pool in wifi networks Warning: this project is for academic/research purposes only. A blog post about this project can be read here: http://arnaucode.com/blog/coffeeminer-hacking-wifi-cryptocurrency-miner.html Concept Performs a MITM attack to all selected...

Instagram-Py - Simple Instagram Brute Force Script

Instagram-Py is a simple python script to perform basic brute force attack against Instagram , this script can bypass login limiting on wrong passwords , so basically it can test infinite number of passwords. Instagram-Py is proved and can test over 6M passwords on a single instagram account with...

Automatize Obfuscation and Generation of MS Office Documents: macro_pack

The macropack is a tool used to automatize obfuscation and generation of MS Office documents for pentest, demo, and social engineering assessments. The goal of macropack is to simplify antimalware solutions bypass and automatize the process from vba generation to final Office document generation...

openSUSE Security Update : python3-PyJWT (openSUSE-2017-1178)

This update for python3-PyJWT fixes the following vulnerability : - CVE-2017-11424: Insufficient filtering of PEM encoding public keys allowed for creation of JWTs from scratch boo1054106, with duplicate CVE-2017-12880 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

ShadowSocks ConnecTion - A Wrapper Tool For Shadowsocks To Consistently Bypass Firewalls

A wrapper tool for shadowsocks to consistently bypass firewalls. Quick start Automatically connect The easiest way to run this tool is just type ssct in terminal, and ssct will acquire available shadowsocks servers from ishadowsocks and connect to it automatically. Connect to a specific server...

DNS Diagnostics & Performance Measurement Tools: DNSDiag

Ever been wondering if your ISP is hijacking your DNS traffic ? Ever observed any misbehavior with your DNS responses? Ever been redirected to wrong address and suspected something is wrong with your DNS? Here we have a set of tools to perform basic audits on your DNS requests and responses to ma...