ObserverIP Scan Tool 1.4.0.1 Denial Of Service

Exploit Title: ObserverIP Scan Tool 1.4.0.1 - Denial of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-08-16 Homepage: https://www.ambientweather.com Software Link: https://p10.secure.hostingprod.com/@site.ambientweatherstore.com/ssl/iptools/IPTools64bit.exe Tested Version: 1.4.0....

ObserverIP Scan Tool 1.4.0.1 - Denial of Service (PoC)

ObserverIP Scan Tool 1.4.0.1 - Denial of Service PoC Exploit Title: ObserverIP Scan Tool 1.4.0.1 - Denial of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-08-16 Homepage: https://www.ambientweather.com Software Link:...

Deprecated / Disabled Plugins in Scan Policy - Notice

One or more plugins that were enabled in the scan policy have been either deprecated or disabled by Tenable with a notice to inform customers of the change. See plugin output for details on which plugins enabled in the scan policy have been deprecated or disabled and any other pertinent...

How Do I Make My Windows 10 Computer Run Faster? (Part 1)

We’ve all been there. You get your shiny home PC or laptop back from the store and unboxed and everything is perfect. It runs like a dream: starting up quickly, speeding you through internet searches and web browsing, and applications open in the blink of an eye. But then over the following month...

Qualys Cloud Platform 2.34 New Features

This release of the Qualys Cloud Platform version 2.34 includes updates and new features for Cloud Agent, EC2 Connector, Continuous Monitoring, Security Assessment Questionnaire, Web Application Scanning, and Web Application Firewall, highlights as follows. Cloud Agent Automatic Merge of Cloud...

Siemens Automation License Manager Information Disclosure Vulnerability

Siemens Automation License Manager is a Siemens system for processing remote and local licenses for HMI, SCADA and industrial products. An information disclosure vulnerability exists in Siemens Automation License Manager version 5 prior to 5.3.4.4, which can be exploited by sending specially...

Node.js third-party modules: Command Injection Vulnerability in libnmap Package

I would like to report a command injection vulnerability in libnmap. It allows an attacker to inject arbitrary OS commands instead of a valid network range to be scanned. Module module name: libnmap version: 0.4.11 npm page: https://www.npmjs.com/package/libnmap Module Description API to access...

Raccoon - A High Performance Offensive Security Tool For Reconnaissance And Vulnerability Scanning

Offensive Security Tool for Reconnaissance and Information Gathering. Features DNS details DNS visual mapping using DNS dumpster WHOIS information TLS Data - supported ciphers, TLS versions, certificate details and SANs Port Scan Services and scripts scan URL fuzzing and dir/file detection...

Reconnaissance and Vulnerability Scanning Tool: Raccoon

Raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity. It will do everything from fetching DNS records, retrieving WHOIS information, obtaining TLS data, detecting WAF presence and up to threaded dir busting and subdomain enumeration. Every scan output...

Samsung SmartThings Hub video-core HTTP server buffer overflow vulnerability (CNVD-2018-14292)

Samsung SmartThings Hub is a smart home management device from Samsung, South Korea. video-core HTTP server is one of the HTTP servers. samsungWifiScan handler is one of the WiFi network discovery handlers. A buffer overflow vulnerability exists in the samsungWifiScan handler of the video-core HT...

Samsung SmartThings Hub video-core HTTP server buffer overflow vulnerability

Samsung SmartThings Hub is a smart home management device from Samsung, South Korea. video-core HTTP server is one of the HTTP servers. samsungWifiScan handler is one of the WiFi network discovery handlers. A buffer overflow vulnerability exists in the samsungWifiScan handler of the video-core HT...

Faraday v3.0 - Collaborative Penetration Test and Vulnerability Management Platform

This new version has made major architectural changes to adapt the software to the new challenges of cybersecurity. It focuses on processing large volumes of data and facilitating user interaction with Faraday in their environment. Faraday just got much faster Architecture changes and a new...

Pure Blood v2.0 - A Penetration Testing Framework Created For Hackers / Pentester / Bug Hunter

A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter. Web Pentest / Information Gathering: Banner Grab Whois Traceroute DNS Record Reverse DNS Lookup Zone Transfer Lookup Port Scan Admin Panel Scan Subdomain Scan CMS Identify Reverse IP Lookup Subnet Lookup Extract Page...

Cred Scanner - A Simple File-Based Scanner To Look For Potential AWS Access And Secret Keys In Files

A simple command line tool for finding AWS credentials in files. Optimized for use with Jenkins and other CI systems. I suspect there are other, better tools out there such as git-secrets, but I couldn't find anything to run a quick and dirty scan that also integrates well with Jenkins. Usage: To...

Git-Secrets - Prevents You From Committing Secrets And Credentials Into Git Repositories

Prevents you from committing passwords and other sensitive information to a git repository. Synopsis git secrets --scan -r|--recursive --cached --no-index --untracked ... git secrets --scan-history git secrets --install -f|--force git secrets --list --global git secrets --add -a|--allowed...

Webkiller - Tool Information Gathering Write By Python.

Tool Information Gathering Write With Python. ██╗ ██╗███████╗██████╗ ██╗ ██╗██╗██╗ ██╗ ███████╗██████╗ ██║ ██║██╔════╝██╔══██╗██║ ██╔╝██║██║ ██║ ██╔════╝██╔══██╗ ██║ █╗ ██║█████╗ ██████╔╝█████╔╝ ██║██║ ██║ █████╗ ██████╔╝ ██║███╗██║██╔══╝ ██╔══██╗██╔═██╗ ██║██║ ██║ ██╔══╝ ██╔══██╗...

Buffer overflow

In wlanhddcfg80211vendorscan, a buffer overwrite can potentially occur in Android releases from CAF using the linux kernel Android for MSM, Firefox OS for MSM, QRD Android before security patch level 2018-06-05...

Faraday Beta v3.0 - Collaborative Penetration Test and Vulnerability Management Platform

This new version has made major architectural changes to adapt the software to the new challenges of cybersecurity. It focuses on processing large volumes of data and facilitating user interaction with Faraday in their environment. Faraday just got much faster Architecture changes and a new...

Analysis antivirus BitDefender of an integer overflow vulnerability, the first part-the vulnerability warning-the black bar safety net

In software vulnerabilities“Pantheon”, the security software vulnerability is considered other than software vulnerabilities in more serious. We rely on security software to defend against attackers, so our defensive system in the vulnerability only allows an attacker to cause harm, but also will...

CVE-2018-12716

The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scanresults JSON data, which allows remote attackers to determine the physical location of most web browsers by leveraging the presence of one of these devices on its...