Minecraft fans beware: Players and servers at risk from BleedingPipe vulnerability

Minecraft players interested in modding are potentially at risk of compromise. A Remote Code Execution RCE vulnerability in certain Minecraft mods allows for malicious commands on both servers and clients. The vulnerability, named BleedingPipe, allows attackers to take over a targeted server...

CVE-2022-23206

In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach...

Server-Side Request Forgery (SSRF)

In Apache Traffic Control Traffic Ops, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach...

Fast and Full Featured SSL Scanner: SSLyze

SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL servers. SSLyze is all Python code but it uses an OpenSSL wrapper...

[Web-Sorrow v1.5] Versatile security scanner for the information disclosure and fingerprinting phases of pentesting

Web-Sorrow is a perl based tool for misconfiguration, version detection, enumeration, and server information scanning. It's entirely focused on Enumeration and collecting Info on the target server. Web-Sorrow is a "safe to run" program, meaning it is not designed to be an exploit or perform any...

Telnet Server Detection

Binary data 1903.prm...

Kerberos Version 5 Server Detection - TCP

Binary data 1164.prm...