Lucene search
K

7925 matches found

Kitploit
Kitploit
added 2018/04/29 12:23 p.m.786 views

Infection Monkey - An Automated Pentest Tool

The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self propagate across a data center and reports success to a centralized Monkey Island server. The Infection Monkey i...

9.8CVSS9.5AI score0.99906EPSS
Exploits19References5
CNVD
CNVD
added 2018/04/27 12:0 a.m.2 views

Composr CMS Cross-Site Scripting Vulnerability

Composr CMS is an open source content management system CMS developed using HTML, CSS and WCAG technologies. A cross-site scripting vulnerability exists in Composr CMS version 10.0.13. A remote attacker can exploit this vulnerability by sending a page=admin-setupwizard&type=step3 request to...

4.8CVSS6.2AI score0.00796EPSS
Exploits1References1
NVD
NVD
added 2018/04/26 2:29 p.m.17 views

CVE-2018-6518

Composr CMS 10.0.13 has XSS via the sitename parameter in a page=admin-setupwizard&type=step3 request to /adminzone/index.php...

4.8CVSS4.9AI score0.00796EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/04/26 2:0 p.m.19 views

CVE-2018-6518

Composr CMS 10.0.13 has XSS via the sitename parameter in a page=admin-setupwizard&type=step3 request to /adminzone/index.php...

4.9AI score0.00796EPSS
Exploits1References1
Hacker One
Hacker One
added 2018/04/25 3:16 a.m.11 views

HackerOne: Team object in GraphQL disclosed total number of whitelisted hackers

Summary: Hi team. Whitelistedhackers i think your setup - Two-factor authentication and IP whitelisting are available to further restrict access to accounts. Description: Again, because of the link error, I can see the number, but I can't see these links. Analogue 310946 Steps To Reproduce 1...

0.6AI score
Exploits0
Prion
Prion
added 2018/04/19 8:29 a.m.19 views

Design/Logic Flaw

hyperstart 1.0.0 in HyperHQ Hyper has memory leaks in the containersetupmodules and hyperrescanscsi functions in container.c, related to runV 1.0.0 for Docker...

5CVSS5.3AI score0.01377EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/04/19 8:29 a.m.13 views

CVE-2018-10205

hyperstart 1.0.0 in HyperHQ Hyper has memory leaks in the containersetupmodules and hyperrescanscsi functions in container.c, related to runV 1.0.0 for Docker...

5.3CVSS5.6AI score
Exploits0References1
Kitploit
Kitploit
added 2018/04/16 8:23 p.m.22 views

Hashtopolis - A Hashcat Wrapper For Distributed Hashcracking

Hashtopolis is a multi-platform client-server tool for distributing hashcat tasks to multiple computers. The main goals for Hashtopolis's development are portability, robustness, multi-user support, and multiple groups management. The application has two parts: Agent Multiple clients C, Python,...

7.2AI score
Exploits0References2
Citrix
Citrix
added 2018/04/16 12:0 a.m.22 views

CVE-2013-4786 for LOM vulnerability

Mitigation recommendations for vulnerability CVE-2013-4786: 1. Setup SSL on the LOM port to encrypt credentials during login. 2. Follow the Secure Deployment Guide for Citrix ADC to isolate all management ports including the BMC management port on a management VLAN as is industry best practice...

7.5CVSS7AI score0.81802EPSS
Exploits2
Kitploit
Kitploit
added 2018/04/10 12:48 p.m.13 views

Pymeta - Search The Web For Files On A Domain To Download And Extract Metadata

Pymeta is a Python3 rewrite of the tool PowerMeta, created by dafthack in PowerShell. It uses specially crafted search queries to identify and download the following file types pdf, xls, xlsx, doc, docx, ppt, pptx from a given domain using Google and Bing. Once downloaded, metadata is extracted...

7.4AI score
Exploits0References2
Kitploit
Kitploit
added 2018/04/05 1:3 p.m.51 views

Security Onion - Linux Distro For IDS, NSM, And Log Management

Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, OSSEC, Sguil, Squert, NetworkMiner, and many other security tools. The easy-to-use Setup wiza...

7.3AI score
Exploits0References4
Oracle linux
Oracle linux
added 2018/04/05 12:0 a.m.44 views

kubernetes security update

1.9.1-2.1.5 - Production built 1.9.1-2.1.5 - Fix the upgrade version check - Remove w/a from Orabug 27125915 1.9.1-2.1.4.dev - Make sure worker node upgrade properly - Orabug 27649898 1.9.1-2.1.3.dev - Ensure that the runtime mounts RO volumes read-only CVE-2017-1002102 - Update Dashboard version...

9.6CVSS7.6AI score0.11586EPSS
Exploits2
Citrix
Citrix
added 2018/04/04 12:0 a.m.7 views

How to Determine the IP Addresses of Active Connections to a Virtual Server of a NetScaler

This article describes how to determine the IP addresses of active connections to a virtual server of a NetScaler. Background To troubleshoot a web application issue, you might need to determine the IP address actively connected to a virtual server of NetScaler. For example, certain percentage of...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2018/03/28 8:14 p.m.39 views

Envizon - Network Visualization Tool With Focus On Red / Blue Team Requirements

This tool is designed, developed and supported by evait security. In order to give something back to the security community, we publish our internally used and developed, state of the art network visualization and organization tool, 'envizon'. We hope your feedback will help to improve and hone i...

6.9AI score
Exploits0References3
Kitploit
Kitploit
added 2018/03/25 1:38 p.m.16 views

Rainmap Lite - Responsive Web Based Interface That Allows Users To Launch Nmap Scans From Their Mobiles/Tablets/Web Browsers

Rainmap Lite - Responsive web application that allows users to launch Nmap scans from their mobiles/tablets/web browsers! Unlike it's predecessor 1, Rainmap-lite does not require special services RabbitMQ, PostgreSQL, Celery, supervisor, etc to make it easy to install on any server. You simply ne...

7.1AI score
Exploits0References2
Kitploit
Kitploit
added 2018/03/24 8:39 p.m.23 views

LeakVM - Research & Pentesting Framework For Android, Run Security Tests Instantly

LeakVM: Run security tests instantly. Why LeakVM : LeakVM fast security test on Android, by skipping the time-consuming build pen-testing laboratories, you can test on real devices or virtual devices. LeakVM makes researchers and pen-testers more productive since they can run the test on real tim...

7.8AI score
Exploits0References16
Kitploit
Kitploit
added 2018/03/16 12:27 p.m.39 views

Powershell-RAT - Python Based Backdoor That Uses Gmail To Exfiltrate Data Through Attachment

Python based backdoor that uses Gmail to exfiltrate data as an e-mail attachment. This RAT will help someone during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends the information to an attacker as an e-mail attachment. Note: This...

7.1AI score
Exploits0References2
Citrix
Citrix
added 2018/03/12 12:0 a.m.6 views

XenDesktop Setup Wizard fails with error "The xsPvsSiteUuid Field Does not exist"

When running the XenDesktop Setup Wizard XDSW you encounter the following error. "The xsPvsSiteUuid Field Does not exist" At this point the XDSW fails and aborts the process...

7.1AI score
Exploits0
Prion
Prion
added 2018/03/02 8:29 a.m.20 views

Null pointer dereference

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation...

7.1CVSS6.4AI score0.0363EPSS
Exploits0References11Affected Software3
UbuntuCve
UbuntuCve
added 2018/03/02 12:0 a.m.34 views

CVE-2018-1066

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation...

7.1CVSS6.8AI score0.0363EPSS
Exploits0References7
Rows per page
Query Builder