Cross-Site Request Forgery (CSRF) in pkp/omp

✍️ Description Attacker or malicious user is able to delete any user profile photo if a logged in user visits attacker website. because lack of CSRF token 🕵️‍♂️ Proof of Concept 1.when you logged in open this POC.html in a browser 2.you can check unintentionally your profile photo deleted...

The joy of phishing your employees

Many companies set up phishing test programs for their employees, often as part of a compliance requirement involving ongoing employee education on security topics. The aim of these programs is to train employees on how to spot a malicious link, not click it, and forward it on to the appropriate...

Amnesty Intl. accuses Indian cyber security firm of spyware attacks

By Waqas According to Amnesty International, it found evidence that attackers testing the spyware were using the IP address of Indian cyber security firm Innefu Labs. This is a post from HackRead.com Read the original post: Amnesty Intl. accuses Indian cyber security firm of spyware attacks...

FUSE - A Penetration Testing Tool For Finding File Upload Bugs

FUSE is a penetration testing system designed to identify Unrestricted Executable File Upload UEFU vulnerabilities. The details of the testing strategy is in our paper, "FUSE: Finding File Upload Bugs via Penetration Testing", which appeared in NDSS 2020. To see how to configure and execute FUSE,...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

Usage Make sure Python and ncat are installed...

The vulnerability of the Bluetooth Classic environment for developing IoT applications exists due to insufficient verification of input data, allowing attackers to trigger service failures.

The vulnerability of the Bluetooth Classic environment for developing IoT applications exists due to insufficient testing of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

Penetration Testing Your AWS Environment - A CTO's Guide

So, you've been thinking about getting a Penetration Test done on your Amazon Web Services AWS environment. Great! What should that involve exactly? There are many options available, and knowing what you need will help you make your often limited security budget go as far as possible. Broadly, th...

CVE-2021-31987

A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients...

Practical tips on how to use application security testing and testing standards

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Daniel Cuthbert, Global Head of Security...

Practical tips on how to use application security testing and testing standards

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Daniel Cuthbert, Global Head of Security...

OpenSSH through 8.7 allows remote attackers who have a suspicion that a certain combination of username and public key is known to an SSH server to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

...

The 2021 OWASP Top 10 Have Evolved: Here's What You Should Know

Late last week, the Open Web Application Security Project OWASP released its top 10 list of critical web application security risks. The last OWASP Top 10 came out in 2017, and in the intervening 4 years, we've seen a fundamental shift in application security that includes greater emphasis on...

Some-PoC-oR-ExP

This repository is an offensive tool for collecting or writing various vulnerability PoCs proofs of concept and exploits. The primary vulnerability targeted by the code is CNVD-2020-10487, a Tomcat-Ajp local file inclusion LFI vulnerability. The tool is designed to exploit this vulnerability to...

PayloadsAllTheThings

It is an offensive tool for general use. This repository contains a collection of payloads, likely for testing and exploitation purposes. The payloads are not explicitly described, but the repository's funding model suggests it may be used for offensive security research. The repository includes ...

[SECURITY] Fedora 35 Update: python3.8-3.8.12-1.fc35

Python 3.8 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.8, see other distributions that support it, such as an older Fedora release...

com.salesforce.kafka.test:kafka-junit (=3.2.3), com.salesforce.kafka.test:kafka-junit-core (=3.2.3) +12 more potentially affected by CVE-2021-38153 via org.apache.kafka:kafka_2.12 (=2.8.0)

org.apache.kafka:kafka2.12 MAVEN version =2.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.kafka:kafka2.12 and may be impacted: - com.salesforce.kafka.test:kafka-junit =3.2.3 - com.salesforce.kafka.test:kafka-junit-core =3.2.3 -...

5 Tips for Achieving Better Cybersecurity Risk Management

When thinking about cybersecurity risk management, think about the last time you were comparing health-insurance policies. Each policy offers a means to protect yourself and your family from financial losses e.g. from hospital coverage, and many policies include things that are designed to reduce...

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

This repository is an open-source collection of vulnerable systems and applications for educational purposes, specifically for penetration testing and vulnerability assessment. It is maintained by phith0n and is available on GitHub under the MIT License. The repository contains a variety of...

Ntlm_Theft - A Tool For Generating Multiple Types Of NTLMv2 Hash Theft Files

A tool for generating multiple types of NTLMv2 hash theft files. ntlmtheft is an Open Source Python3 Tool that generates 21 different types of hash theft documents. These can be used for phishing when either the target allows smb traffic outside their network, or if you are already inside the...

XssHunter-Express 授权问题漏洞

XssHunter-Express is used to test and find blind XSS. XssHunter-Express suffers from an Authorization Problem vulnerability that stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...