Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Join Community Telegram CVE-2021-4...

ADenum - A Pentesting Tool That Allows To Find Misconfiguration Through The The Protocol LDAP And Exploit Some Of Those Weaknesses With Kerberos

AD Enum is a pentesting tool that allows to find misconfiguration through the protocol LDAP and exploit some of those weaknesses with Kerberos. cracking john -jp path John binary path -w wordList The path of the wordlist to be used john Default:...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4j-scan-turbo Multi-threaded scanner Test for the log4j v...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Northwave Log4j CVE-2021-44228 checker Friday 10 December 202...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-44228-Test-Server A small server for verifing if a gi...

OpenCATS 0.9.4 Remote Code Execution

Exploit Title: OpenCATS 0.9.4 - Remote Code Execution RCE Google Dork: intext:"Current Available Openings, Recently Posted Jobs" Date: 21/09/2021 Exploit Author: Nicholas Ferreira - https://github.com/Nickguitar Vendor Homepage: https://www.opencats.org/ Software Link:...

2022 Planning: Simplifying Complex Cybersecurity Regulations

Compliance does not equal security, but it’s also true that a strong cybersecurity program meets many compliance obligations. How can we communicate industry regulatory requirements in a more straightforward way that enhances understanding while saving time and effort? How can we more easily...

The vulnerability of embedded software developed by Qualcomm, due to insufficient testing of input data, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of microprogramming software in embedded Qualcomm devices exists due to insufficient testing of input data. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of protected information...

SMBeagle - Fileshare Auditing Tool That Hunts Out All Files It Can See In The Network And Reports If The File Can Be Read And/Or Written

SMBeagle is an SMB fileshare auditing tool that hunts out all files it can see in the network and reports if the file can be read and/or written. All these findings are streamed out to either a CSV file or an elasticsearch host, or both!? SMBeagle tries to make use of the win32 APIs for maximum...

KaliIntelligenceSuite - Shall Aid In The Fast, Autonomous, Central, And Comprehensive Collection Of Intelligence By Executing Standard Penetration Testing Tools

Kali Intelligence Suite KIS shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by automatically: executing Kali Linux tools e.g., dnsrecon, gobuster, hydra, nmap, etc. querying publicly available APIs e.g., Censys.io, Haveibeenpwned.com, Hunter.io,...

The vulnerability of the Windows Hyper-V component of the Windows operating system, which allows a hacker to trigger a service failure

The vulnerability of the Windows Hyper-V component of the operating system exists due to insufficient testing of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures by transmitting specially crafted input data to the application...

STEWS - A Security Tool For Enumerating WebSockets

STEWS is a tool suite for security testing of WebSockets This research was first presented at OWASP Global AppSec US 2021 Features STEWS provides the ability to: Discover : find WebSockets endpoints on the web by testing a list of domains Fingerprint : determine what WebSockets server is running ...

ShonyDanza - A Customizable, Easy-To-Navigate Tool For Researching, Pen Testing, And Defending With The Power Of Shodan

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan. With ShonyDanza, you can: Obtain IPs based on search criteria Automatically exclude honeypots from the results based on your pre-configured thresholds Pre-configure all IP searches to filte...

OWASP Top 10 Deep Dive: Identification and Authentication Failures

In the 2021 edition of the OWASP top 10 list, Broken Authentication was changed to Identification and Authentication Failures. This term bundles in a number of existing items like cryptography failures, session fixation, default login credentials, and brute-forcing access. Additionally, this...

Intel Is Maintaining Legacy Technology for Security Research

Interesting: Intel’s issue reflects a wider concern: Legacy technology can introduce cybersecurity weaknesses. Tech makers constantly improve their products to take advantage of speed and power increases, but customers don’t always upgrade at the same pace. This creates a long tail of old product...

GSD-2021-1002273 usb: musb: tusb6010: check return value after calling platform_get_resource()

usb: musb: tusb6010: check return value after calling platformgetresource This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.162 by commit...

vulhub

This repository is an open-source collection of vulnerable web applications and tools for security training and research. It is maintained by phith0n and hosted on GitHub. The repository contains a variety of vulnerable applications, including web servers, databases, and other systems, to help...

[SECURITY] Fedora 33 Update: medusa-2.2-14.20181216git292193b.fc33

Medusa is a speedy, massively parallel, modular, login brute-forcer for network services. Some of the key features of Medusa are: Thread-based parallel testing. Brute-force testing can be performed against multiple hosts, users or passwords concurrently. Flexible user input. Target information...

[SECURITY] Fedora 34 Update: medusa-2.2-17.20181216git292193b.fc34

Medusa is a speedy, massively parallel, modular, login brute-forcer for network services. Some of the key features of Medusa are: Thread-based parallel testing. Brute-force testing can be performed against multiple hosts, users or passwords concurrently. Flexible user input. Target information...

vulhub

This is an offensive tool repository for vulnerability research and testing, specifically targeting various web applications and services. The repository contains a collection of exploits, proof-of-concept PoC code, and tools for identifying and exploiting vulnerabilities in software and systems...