Lucene search
+L

311 matches found

hackread
hackread
added 2021/11/05 8:14 p.m.14 views

Is a Consolidated Approach Better for WAAP Security?

By Owais Sultan A WAAP security tool is an expanded WAF capable of integrating, observing, and taking action intuitively when needed. This is a post from HackRead.com Read the original post: Is a Consolidated Approach Better for WAAP Security?...

7AI score
Exploits0
kitploit
kitploit
added 2021/09/15 11:30 a.m.16 views

Rootend - A *Nix Enumerator And Auto Privilege Escalation Tool

rootend is a python nix Enumerator & Auto Privilege Escalation tool. For a full list of our tools, please visit our websitehttps://www.twelvesec.com/ Written by: nickvourd twitter maldevel twitter servo Usage Enumeration & Automation Privilege Escalation tool. rootend is an open source tool...

7.7AI score
Exploits0References4
kitploit
kitploit
added 2021/08/13 12:30 p.m.67 views

jwtXploiter - A Tool To Test Security Of Json Web Token

A tool to test security of JSON Web Tokens. Test a JWT against all known CVEs; Tamper with the token payload: changes claims and subclaims values. Exploit known vulnerable header claims kid, jku, x5u Verify a token Retrieve the public key of your target's ssl connection and try to use it in a key...

7.6AI score
Exploits0References2
schneier
schneier
added 2021/08/11 11:42 a.m.38 views

Cobalt Strike Vulnerability Affects Botnet Servers

Cobalt Strike is a security tool, used by penetration testers to simulate network attackers. But its also used by attackers -- from criminals to governments -- to automate their own attacks. Researchers have found a vulnerability in the product. The main components of the security tool are the...

1.7AI score
Exploits0
cnvd
cnvd
added 2021/08/04 12:0 a.m.16 views

Fortinet FortiPortal Trust Management Issue Vulnerability

Fortinet FortiPortal is an advanced, feature-rich managed security analysis and management support tool for Fortinet's FortiGate, FortiWiFi, and FortiAP product lines, available as a virtual machine for MSPs.Fortinet FortiPortal has a trust management issue vulnerability, which stems from the...

10CVSS2.7AI score0.03333EPSS
Exploits0References1
thn
thn
added 2021/06/18 6:33 a.m.47 views

[eBook] 7 Signs You Might Need a New Detection and Response Tool

It's natural to get complacent with the status quo when things seem to be working. The familiar is comfortable, and even if something better comes along, it brings with it many unknowns. In cybersecurity, this tendency is countered by the fast pace of innovation and how quickly technology becomes...

7AI score
Exploits0
bdu_fstec
bdu_fstec
added 2021/06/03 12:0 a.m.7 views

The vulnerability of the IBM Security Guardium security tool lies in its lack of protection for website structures, allowing attackers to gain unauthorized access to the protected information.

The vulnerability of the IBM Security Guardium security tool is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to the protected information...

6.1CVSS6.7AI score0.00653EPSS
Exploits0References4Affected Software1
gitee
gitee
added 2021/05/28 2:56 p.m.4 views

CMSmap

This is an open-source Python tool called CMSmap, designed to automate the process of detecting security flaws in popular Content Management Systems CMSs such as WordPress, Joomla, Drupal, and Moodle. The tool is still in its early stages and may contain bugs or flaws. The primary purpose of CMSm...

7AI score
Exploits0
gitee
gitee
added 2021/05/20 8:33 p.m.7 views

jexboss

Exploit module/targeting JBoss Application Server and others Java Platforms, Frameworks, Applications, etc. The provided code is a Python script that appears to be a tool for testing and exploiting vulnerabilities in JBoss Application Server and other Java-based platforms. The script is written i...

7AI score
Exploits0
cnnvd
cnnvd
added 2021/05/18 12:0 a.m.5 views

Bitdefender Endpoint Security Tool 安全漏洞

Bitdefender Endpoint Security Tool is an endpoint security management tool from the Romanian company Bitdefender. A security vulnerability exists in versions prior to Bitdefender Endpoint Security Tools 6.6.23.320, which stems from the presence of improper access control that allows a normal user...

4CVSS4.9AI score0.00474EPSS
Exploits0References2
kitploit
kitploit
added 2021/05/17 9:30 p.m.143 views

Corsair_Scan - A Security Tool To Test Cross-Origin Resource Sharing (CORS)

Corsairscan is a security tool to test Cross-Origin Resource Sharing CORS misconfigurations. CORS is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served. If this is not properly configured,...

7.1AI score
Exploits0References7
kitploit
kitploit
added 2021/05/14 9:30 p.m.316 views

Mubeng - An Incredibly Fast Proxy Checker And IP Rotator With Ease

An incredibly fast proxy checker & IP rotator with ease. Features Proxy IP rotator : Rotates your IP address for every specific request. Proxy checker : Check your proxy IP which is still alive. All HTTP/S methods are supported. HTTP & SOCKSv5 proxy protocols apply. All parameters & URIs are...

7.2AI score
Exploits0References8
ibm
ibm
added 2021/03/23 8:49 a.m.16 views

Security Bulletin: A vulnerability has been identified in IBM Elastic Storage Server where an attacker could cause a denial of service (CVE-2020-5015)

Summary A security vulnerability has been identified in all levels of IBM Elastic Storage Server that could allow an attacker to cause a denial of service. A fix for this vulnerability is available. Vulnerability Details CVEID: CVE-2020-5015 DESCRIPTION: IBM Elastic Storage System could allow a...

7.5CVSS1.5AI score0.02466EPSS
Exploits0Affected Software1
kitploit
kitploit
added 2021/03/14 11:30 a.m.81 views

Girsh - Automatically Spawn A Reverse Shell Fully Interactive

Who didn't get bored of manually typing the few lines to upgrade a reverse shell to a full interactive reverse shell tty spawn, stty size ..., stty raw -echo or typing the command to use ConPTY. Description With Girsh, just run it and it will detect the OS and execute the correct commands to...

7.8AI score
Exploits0References2
gitee
gitee
added 2021/03/07 11:9 a.m.11 views

Exploit for Improper Restriction of XML External Entity Reference in Apache Solr

注意: 切勿利用本工具对未授权的网站进行非法攻击。由此产生的法律后果由使用者自行承担!!! AttackWebFrameworkTools 1.0 2021-03-06 AttackWebFrameworkTools For RedTeam 更新状态日志: 2021-03-06 新增DVR 摄像头exp 新增Nexus Repository Manager exp。修改默认线程数为20。增加超时时间。增加界面显示shell的路径。修复cookie bug 2021-03-03 修复某些类延时时间过短导致漏洞检测不准确。下一个版本将调整默认线程数字预计是20或者10 2021-02-27 ...

10CVSS9.4AI score0.9957EPSS
Exploits66
kitploit
kitploit
added 2021/01/28 11:30 a.m.57 views

Tritium - Password Spraying Framework

A tool to enumerate and spray valid Active Directory accounts through Kerberos Pre-Authentication. Background Although many Kerberos password spraying tools currently exist on the market, I found it difficult to find tools with the following built-in functionality: The ability to prevent users fr...

7.6AI score
Exploits0References1
kitploit
kitploit
added 2021/01/19 8:30 p.m.58 views

Git-Wild-Hunt - A Tool To Hunt For Credentials In Github Wild AKA Git*Hunt

A tool to hunt for credentials in the GitHub wild AKA githunt Getting started 1. Install the tool 2. Configure your GitHub token 3. Search for credentials 4. See results cat results.json | jq  Installation requirements: virtualenv, python3 1. git clone https://github.com/d1vious/git-wild-hunt &&...

7.3AI score
Exploits0References10
kitploit
kitploit
added 2021/01/11 11:30 a.m.93 views

Wprecon - A Vulnerability Recognition Tool In CMS Wordpress, 100% Developed In Go

Hello! Welcome. Wprecon Wordpress Recon, is a vulnerability recognition tool in CMS Wordpress, 100% developed in Go. Notice: Why is the project out of updates these days ?! What happens is that I am doing the vulnerability scanner. Branch Dev Compile and Install Features Random Agent Detection WA...

7.2AI score
Exploits0References3
threatpost
threatpost
added 2021/01/08 9:31 p.m.63 views

Malicious Software Infrastructure Easier to Get and Deploy Than Ever

Simple to use and deploy offensive security tools, making it easier than ever for criminals with little technical know-how to get in on cybercrime are seeing a significant rise, researchers say. Recorded Future just released findings from its regular year-end observations of malicious...

7.6AI score
Exploits0References13
kitploit
kitploit
added 2020/12/18 11:30 a.m.60 views

Go365 - An Office365 User Attack Tool

Go365 is a tool designed to perform user enumeration and password guessing attacks on organizations that use Office365 now/soon Microsoft365. Go365 uses a unique SOAP API endpoint on login.microsoftonline.com that most other tools do not use. When queried with an email address and password, the...

7.7AI score
Exploits0References2
Rows per page
Query Builder