AutoSploit v3.0 - Automated Mass Exploiter

As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets can be collected automatically through Shodan, Censys or Zoomeye. But options to add your custom targets and host lists have been included as well. The available Metasploit modules have been select...

Dynamic Data Resolver (DDR) - IDA Plugin

This blog post was authored by Holger Unterbrink Executive Summary Static reverse-engineering in IDA can often be problematic. Certain values are calculated at run time, which makes it difficult to understand what a certain basic block is doing. But, if you try to perform dynamic analysis by...

Hack Allows Escape of Play-with-Docker Containers

Researchers hacked the Docker test platform called Play-with-Docker, allowing them to access data and manipulate any test Docker containers running on the host system. The proof-of-concept hack does not impact production Docker instances, according to CyberArk researchers that developed the...

H8Mail - Email OSINT And Password Breach Hunting

Email OSINT and password finder. Use h8mail to find passwords through different breach and reconnaissance services, or the infamous "Breach Compilation" torrent. Features Email pattern matching reg exp, useful for all those raw HTML files Small and fast Alpine Dockerfile available CLI or Bulk...

[SECURITY] Fedora 29 Update: haproxy-1.8.15-1.fc29

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

[SECURITY] Fedora 28 Update: haproxy-1.8.15-1.fc28

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

NSA to release free reverse engineering tool GHIDRA at RSAConference

By Waqas WikiLeaks Fame Reverse Engineering Tool GHIDRA to be Released in March. GHIDRA is a reverse engineering tool developed by the United States’ National Security Agency NSA. According to reports, this framework will be released in March at the RSAConference. This is the same reverse...

NSA to release its GHIDRA reverse engineering tool for free

The United States' National Security Agency NSA is planning to release its internally developed reverse engineering tool for free at the upcoming RSA security conference 2019 that will be held in March in San Francisco. The existence of the framework, dubbed GHIDRA, was first publicly revealed by...

NSA to release its GHIDRA reverse engineering tool for free

The United States' National Security Agency NSA is planning to release its internally developed reverse engineering tool for free at the upcoming RSA security conference 2019 that will be held in March in San Francisco. The existence of the framework, dubbed GHIDRA, was first publicly revealed by...

Apache Tomcat JK Connector (mod_jk) < 1.2.46 Authentication Bypass Vulnerability - Active Check

Apache Tomcat JK Connector modjk is prone to an authentication bypass vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

Reverse-Shell

Establish a reverse shell and get persistance on your target using this script,copy this script to your target and leave it run it on the background after a successfull exploitation. Multi-sessions are supported. Shell Script created using Exploit Pack http://www.exploitpack.com -...

Oracle Weblogic Server Deserialization RCE - RMI UnicastRef

An unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a serialized object sun.rmi.server.UnicastRef to the interface to execute code on vulnerable hosts. This module requires Metasploit: https://metasploit.com/download Current source:...

Oracle Weblogic Server Deserialization RCE - MarshalledObject

An unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a serialized object weblogic.corba.utils.MarshalledObject to the interface to execute code on vulnerable hosts. This module requires Metasploit: https://metasploit.com/download Current source:...

FLARE Script Series: Automating Objective-C Code Analysis with Emulation

This blog post is the next episode in the FireEye Labs Advanced Reverse Engineering FLARE team Script Series. Today, we are sharing a new IDAPython library – flare-emu – powered by IDA Pro and the Unicorn emulation framework that provides scriptable emulation features for the x86, x8664, ARM, and...

FLARE Script Series: Automating Objective-C Code Analysis with Emulation

This blog post is the next episode in the FireEye Labs Advanced Reverse Engineering FLARE team Script Series. Today, we are sharing a new IDAPython library – flare-emu – powered by IDA Pro and the Unicorn emulation framework that provides scriptable emulation features for the x86, x8664, ARM, and...

How to tap the RPC vulnerability, Part 1-the vulnerability warning-the black bar safety net

One, Foreword 2018 Year 8 months late, and one researcher（SandboxEscaper open a Windows local privilege escalation 0day vulnerabilities. On the Internet public after less than two weeks time, the vulnerability has already been malware attacks by using reference ESET articles published in. This...

Radare2 - Unix-Like Reverse Engineering Framework And Commandline Tools Security

r2 is a rewrite from scratch of radare in order to provide a set of libraries and tools to work with binary files. Radare project started as a forensics tool, a scriptable command-line hexadecimal editor able to open disk files, but later added support for analyzing binaries, disassembling code,...

Adobe Flash Zero-Day Leveraged Via Office Docs in Campaign

An Adobe Flash Player zero-day exploit has been spotted in the wild as part of a widespread campaign, researchers said on Wednesday. Adobe has just issued a patch for the previously unknown critical flaw. The vulnerability, CVE-2018-15982, is a use-after-free flaw enabling arbitrary code executio...

Apache Superset 0.23 Remote Code Execution

Exploit Title: Apache Superset 0.23 - Remote Code Execution Date: 2018-05-17 Exploit Author: David May [email protected] Vendor Homepage: https://superset.apache.org/ Software Link: https://github.com/apache/incubator-superset Version: Any before 0.23 Tested on: Ubuntu 18.04 CVE-ID:...

Linux/x64 - Reverse (0.0.0.0:1907/TCP) Shell Shellcode (119 Bytes)

/ reverse shell tcp 1907 port shellcode C language - Linux/x8664 Author : Kağan Çapar contact: email protected shellcode len : 119 bytes compilation: gcc -fno-stack-protector -z execstack reverse-shell.c -o reverse-shell Test: run your machine: nc -vlp 1907 and run exploit ./reverse-shell check...