7019 matches found
CVE-2013-1923
rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks...
CVE-2013-1923
rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks...
Linux Command Shell, Reverse TCP Stager
Spawn a command shell staged. Connect back to the attacker This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 272 include Msf::Payload::Stager def initializeinfo = supermergeinfoinfo,...
Linux Meterpreter, Reverse TCP Stager
Inject the mettle server payload staged. Connect back to the attacker This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 272 include Msf::Payload::Stager def initializeinfo =...
Linux Command Shell, Reverse TCP Stager
Spawn a command shell staged. Connect back to the attacker This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 272 include Msf::Payload::Stager def initializeinfo = supermergeinfoinfo,...
[Xplico 1.1.0] Open Source Network Forensic Analysis Tool (NFAT)
The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email POP, IMAP, and SMTP protocols, all HTTP contents, each VoIP call SIP, FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is ...
[Binwalk] Firmware Analysis Tool
Binwalk is a firmware analysis tool designed to assist in the analysis, extraction, and reverse engineering of firmware images and other binary blobs. It is simple to use, fully scriptable, and can be easily extended via custom signatures, extraction rules, and plugin modules. Binwalk supports...
Command Shell, Reverse TCP (via Firefox XPCOM script)
Creates an interactive shell via Javascript with access to Firefox's XPCOM API This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = :dynamic include Msf::Payload::Single include...
[TheHarvester v2.2] The Information Gathering Suite
The objective of this program is to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database. This tool is intended to help Penetration testers in the early stages of the penetration te...
[CrowdRE] Reverse Engineering Tool
A new project called CrowdRE aims to make it easy for the reverse engineering of complex applications working in collaboration with other users. Normally, the process reversing software from a complicated binary can consume much time, CrowdRE will help accelerate this process through teamwork...
[APKinspector] Powerful GUI tool to analyze the Android applications
The goal of this project is to aide analysts and reverse engineers to visualize compiled Android packages and their corresponding DEX code. APKInspector provides both analysis functions and graphic features for the users to gain deep insight into the malicious apps: CFG Call Graph Static...
[SECURITY] Fedora 20 Update: nginx-1.4.4-1.fc20
Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...
[SECURITY] Fedora 19 Update: nginx-1.4.4-1.fc19
Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...
Python tools for Pentesters
If you are involved in vulnerability research, reverse engineering or penetration testing, I suggest to try out the Python programming language. It has a rich set of useful libraries and programs. This page lists some of them. Most of the listed tools are written in Python, others are just Python...
MIPS Little Endian - Reverse Shell Shellcode Linux
MIPS Little Endian - Reverse Shell Shellcode Linux. Shellcode exploit for hardware platform MIPS Little Endian Reverse Shell ASM File and Assembled Shellcode Written by Jacob Holcomb, Security Analyst @ Independent Security Evaluators Blog: http://infosec42.blogspot.com Company Website:...
D-Link Backdoor Czechr
!/usr/bin/php | Everyone is permitted to copy and distribute verbatim copies of this license | document, but changing it is not allowed. | | http://www.gnu.org/licenses/gpl.html .-------------------------------------------------------------------------------. / errorreporting1; settimelimit0; //...
[Binwalk v1.2.2] Firmware Analysis Tool
Binwalk is a firmware analysis tool designed to assist in the analysis, extraction, and reverse engineering of firmware images and other binary blobs. It is simple to use, fully scriptable, and can be easily extended via custom signatures, extraction rules, and plugin modules. Binwalk supports...
Ghost catcher of the eye(ZoomEye)on the D-Link back door of the statistical analysis report-vulnerability warning-the black bar safety net
Background Security researcher reverse engineering to discover the embedded equipment manufacturers Taiwan, Information Technology D-Link router models Use the firmware system in the presence of the back door. The D-Link firmware by its U.S. subsidiary Alpha Networks development. Hackers only nee...
Unix Command Shell, Reverse TCP (via nodejs)
Continually listen for a connection and spawn a command shell via nodejs This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 3231 include Msf::Payload::Single include...
nginx: Multiple vulnerabilities
Background nginx is a robust, small, and high performance HTTP and reverse proxy server. Description Multiple vulnerabilities have been discovered in nginx. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send a specially crafted request, possibly...