Windows Inject DLL, Reverse TCP Stager with UUID Support

Inject a custom DLL into the exploited process. Connect back to the attacker with UUID Support This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 329 include Msf::Payload::Stager...

Linux Mettle x86, Reverse TCP Stager

Inject the mettle server payload staged. Connect back to the attacker This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 166 include Msf::Payload::Stager include...

InstaRecon - Automated Digital Reconnaissance

Automated basic digital reconnaissance. Great for getting an initial footprint of your targets and discovering additional subdomains. InstaRecon will do: DNS direct, PTR, MX, NS lookups Whois domains and IP lookups Google dorks in search of subdomains Shodan lookups Reverse DNS lookups on entire...

Tomcat/JBossWeb: Request smuggling via malicious content length header

It was found that JBoss Web / Apache Tomcat did not check for overflowing values when parsing request content length headers. A remote attacker could use this flaw to perform an HTTP request smuggling attack on a JBoss Web / Apache Tomcat server located behind a reverse proxy that processed the...

Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse HTTPS Stager (winhttp)

Inject a VNC Dll via a reflective loader Windows x64 staged. Tunnel communication over HTTPS Windows x64 winhttp This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 781 include...

Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse HTTP Stager (winhttp)

Inject a VNC Dll via a reflective loader Windows x64 staged. Tunnel communication over HTTP Windows x64 winhttp This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 745 include...

Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse HTTPS Stager (winhttp)

Inject the meterpreter server DLL via the Reflective Dll Injection payload staged. Requires Windows XP SP2 or newer. Tunnel communication over HTTPS Windows x64 winhttp This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse HTTP Stager (wininet)

Inject a VNC Dll via a reflective loader Windows x64 staged. Tunnel communication over HTTP Windows x64 wininet This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 610 include...

Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse HTTP Stager (wininet)

Inject the meterpreter server DLL via the Reflective Dll Injection payload staged. Requires Windows XP SP2 or newer. Tunnel communication over HTTP Windows x64 wininet This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

Debian DSA-3253-1 : pound - security update (POODLE)

Pound, a HTTP reverse proxy and load balancer, had several issues related to vulnerabilities in the Secure Sockets Layer SSL protocol. For Debian 7 wheezy this update adds a missing part to make it actually possible to disable client-initiated renegotiation and disables it by default CVE-2009-355...

DidierStevensSuite

It is an offensive tool for reverse-engineering and malware anal...

Pirelli Router P.DG-A4001N WPA Key Reverse Engineering Rev 2

!/usr/bin/env python -- coding: utf-8 -- ''' @license: GPLv3 @author : Eduardo Novella @contact: ednoloainf.upv.es @twitter: @enovella ----------------- Target : ----------------- Vendor : ADB broadband Pirelli Router : Model P.DG-A4001N ISP : Arnet Telecom Argentina, MEO Portugal Possible-target...

DSA-3253-1 pound - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3253-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 20 : zarafa-7.1.12-1.fc20 (2015-5864)

Zarafa Collaboration Platform 7.1.12 final 48726 ================================================== - ZCP-10149: Include Documentation hint for usage of NFS and -o nolock option - ZCP-10233: Zarafa-mr-accept script complains in certain cases about php timezone functions - ZCP-10578: missing...

MiniUPnPd 1.0 - Stack Overflow RCE for AirTies RT Series (MIPS) Exploit

Exploit for multiple platform in category remote exploits !/usr/bin/env python Exploit Title: MiniUPnPd 1.0 Stack Overflow RCE for AirTies RT Series Date: 26.04.2015 Exploit Author: Onur ALANBEL BGA Vendor Homepage: http://miniupnp.free.fr/ Version: 1.0 Architecture: MIPS Tested on: AirTies...

MiniUPnPd 1.0 Stack Overflow

!/usr/bin/env python Exploit Title: MiniUPnPd 1.0 Stack Overflow RCE for AirTies RT Series Date: 26.04.2015 Exploit Author: Onur ALANBEL BGA Vendor Homepage: http://miniupnp.free.fr/ Version: 1.0 Architecture: MIPS Tested on: AirTies RT-204v3 CVE : 2013-0230 Exploit gives a reverse shell to...

MiniUPnPd 1.0 (MIPS) - Remote Stack Overflow Remote Code Execution for AirTies RT Series

MiniUPnPd 1.0 MIPS - Remote Stack Overflow Remote Code Execution for AirTies RT Series !/usr/bin/env python Exploit Title: MiniUPnPd 1.0 Stack Overflow RCE for AirTies RT Series Date: 26.04.2015 Exploit Author: Onur ALANBEL BGA Vendor Homepage: http://miniupnp.free.fr/ Version: 1.0 Architecture:...

MiniUPnPd 1.0 (MIPS) - Remote Stack Overflow Remote Code Execution for AirTies RT Series

!/usr/bin/env python Exploit Title: MiniUPnPd 1.0 Stack Overflow RCE for AirTies RT Series Date: 26.04.2015 Exploit Author: Onur ALANBEL BGA Vendor Homepage: http://miniupnp.free.fr/ Version: 1.0 Architecture: MIPS Tested on: AirTies RT-204v3 CVE : 2013-0230 Exploit gives a reverse shell to...

Windows Interactive Powershell Session, Reverse TCP

Listen for a connection and spawn an interactive powershell session This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/powershell' module MetasploitModule CachedSize = :dynamic include...