RedRabbit - Red Team PowerShell Script

RedRabbit is a PowerShell script aimed at helping pentesters conduct ethical hacking RedTeam To Run: You can either run locally by downloading the script or run remotely using: powershell –nop –c “iexNew-Object...

Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Mar 2020)

This host is missing an important security update according to Microsoft Office Click-to-Run updates. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

2019: Looking Back at Malware

In 2019, attacker behavior evolved, becoming more evasive. The most common behaviors seen across all attack data—mapped to the MITRE ATT&CK™ Framework—were: Software Packing for Defense Evasion, Hidden Windows for Defense Evasion, Standard Application Layer Protocol for Command and Control C2,...

SharpRDP - Remote Desktop Protocol .NET Console Application For Authenticated Command Execution

To compile open the project in Visual Studio and build for release. Two DLLs will be output to the Release directory, you do not need those because the DLLs are in the assembly. If you do not want to use the provided DLLs you will need to .NET SDK to create the AxMSTSCLib.dll DLL. To create it...

openSUSE Security Update : python-azure-agent (openSUSE-2020-261)

This update for python-azure-agent fixes the following issues : python-azure-agent was updated to version 2.2.45 jscECO-80 + Add support for Gen2 VM resource disks + Use alternate systemd detection + Fix /proc/net/route requirement that causes errors on FreeBSD + Add cloud-init auto-detect to...

openSUSE: Security Advisory for python-azure-agent (openSUSE-SU-2020:0261-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

python-pillow: out-of-bounds write in expandrow in libImaging/SgiRleDecode.c

An out-of-bounds write flaw was discovered in python-pillow in the way SGI RLE images are decoded. An application that uses python-pillow to decode untrusted images may be vulnerable to this flaw, which can allow an attacker to crash the application or potentially execute code on the system...

Ohmybackup - Scan Victim Backup Directories & Backup Files

ohmybackup - Scan Victim's Backup Directories & Backup Files ohmybackup Scans backup folders on target sites. Searches archived files in the folders it finds. With the 2-file scanning system, it adds extensions and filenames in different ways, making it more likely to be found. 1 -...

CVE Api - Parse & filter the latest CVEs from cve.mitre.org

Parse & filter the latest CVEs from https://cve.mitre.org. Docs Usage http://localhost:4000/cve?target=KEYWORD The year parameter is optional. http://localhost:4000/cve?target=KEYWORD&year=YEAR Examples http://localhost:4000/cve?target=ruby%20on%20rails...

CVE-2014-4607

Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run...

DEBIAN-CVE-2014-4607

Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run...

CVE-2014-4607

Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run...

Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Feb 2020)

This host is missing an important security update according to Microsoft Office Click-to-Run updates. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

SEcraper - Search Engine Scraper Tool With BASH Script.

Search engine scraper tool with BASH script. Dependency curl cli Available search engine Ask.com Search.yahoo.com Bing.com Installation git clone https://github.com/zerobyte-id/SEcraper.git cd SEcraper/ Run bash secraper.bash "QUERY" Download SEcraper...

CVE-2019-10789

All versions of curling.js are vulnerable to Command Injection via the run function. The command argument can be controlled by users without any sanitization...

Command injection

All versions of curling.js are vulnerable to Command Injection via the run function. The command argument can be controlled by users without any sanitization...

CVE-2019-10789

All versions of curling.js are vulnerable to Command Injection via the run function. The command argument can be controlled by users without any sanitization...

CVE-2019-18899 apt-cacher-ng insecure use of /run/apt-cacher-ng

The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1-lp151.3.3.1...

PT-2020-10008 · Opensuse +1 · Opensuse Leap +1

Name of the Vulnerable Software and Affected Versions: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1-lp151.3.3.1 Description: The issue allows local attackers to influence the outcome of operations run by the apt-cacher-ng package in the user-owned directory /run/apt-cacher-ng with root...

UBUNTU-CVE-2019-20388

xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak...