The vulnerability of the Intel Wireless Bluetooth driver, which exists due to insufficient verification of input data, allows a perpetrator to trigger a service failure.

The vulnerability of the Intel Wireless Bluetooth driver exists due to insufficient testing of input data. Exploiting this vulnerability can allow a remote attacker to cause service failures...

vulhub

It is an offensive tool for Vulnerability Research. This repository contains pre-built vulnerable environments based on Docker-Compose. The tool allows users to easily create and manage vulnerable environments for testing and research purposes. The environments are designed to be easy to use and...

Exploit for CVE-2013-0422

K8tools 2020628 声明: 工具仅供安全研究或授权渗透，非法用途后果自负。 下载: https://github.com/k8gege/K8tools 文档: http://k8gege.org PS: 不定期更新,文件比较大，可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行，大部份经过修改编译兼容性稳定性更好 注意：不保证永久有效,喜欢自行保存。 综合工具 + 反弹工具 Ladon 6.6.6 反弹MSF/NC ShellTCP/HTTP/HTTPS + 扫描工具 Ladon 6.6 SMB漏洞检测 SMBGhost...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

Usage: Make sure Python is installed, then run poc.py. Window...

IBM Tivoli Storage Manager 5.2.0.1 Buffer Overflow

Exploit Title: IBM Tivoli Storage Manager Command Line Administrative Interface 5.2.0.1 - id' Field Stack Based Buffer Overflow Exploit Author: Paolo Stagno aka VoidSec Vendor Homepage: https://www.ibm.com/support/knowledgecenter/en/SSGSG77.1.0/com.ibm.itsm.tsm.doc/welcome.html Version: 5.2.0.1...

This One Time on a Pen Test: CSRF to Password Reset Phishing

Each year, Rapid7 penetration testers complete hundreds of internally and externally based penetration testing service engagements. This post is part of an ongoing series featuring testimonials of what goes on beneath the hoodie. For more insights, check out our 2020 Under the Hoodie report...

How to Optimize Your App Settings for Privacy

By Uzair Amir In order to protect users' privacy, developers must keep their apps' security in mind and put their apps through regression testing. This is a post from HackRead.com Read the original post: How to Optimize Your App Settings for Privacy...

Behind the Scenes: Under the Hoodie 2020 Video Series

Longtime fans of our Under the Hoodie video series may have noticed that this year’s videos looked, well, a little different. Because we were all working from home amid the COVID-19 pandemic, we realized that it was no longer feasible to sit down in person and interview our pen testing services...

The vulnerability of Intel microprocessor microprogramming software arises from insufficient testing of input data, allowing attackers to exploit this weakness to gain increased privileges.

The vulnerability of Intel processor microprogramming software exists due to insufficient testing of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Windows MSCTF Server component of the Windows operating system allows attackers to disclose protected information.

The vulnerability of the Windows MSCTF Server component exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to disclose protected information...

pocsuite3

This is a Python package called pocsuite3, which is a remote vulnerability testing and proof-of-concept development framework. It is developed by the Knownsec 404 Team and comes with a powerful proof-of-concept engine, many powerful features for penetration testers and security researchers. The...

Exploit for Path Traversal in Citrix Xenmobile_Server

Usage & Disclaimer This script is a batch detection tool for...

Informatica: Blind SQL injection at tsftp.informatica.com

The parameter refreshtoken sent to the REST path /api/v1/token is vulnerable to blind SQL injection. Compare the response time of these 2 requests: $ time curl -X POST "https://tsftp.informatica.com/api/v1/token" -H "accept: application/json" -H "Content-Type: application/x-www-form-urlencoded" -...

vulhub

It is an offensive tool for vulnerable environments. The repository contains a collection of pre-built vulnerable docker environments, including Flask SSTI, Apache Parsing Vulnerability, and others. The tool allows users to easily create and run vulnerable environments for testing and training...

RUSTSEC-2020-0140 `Shared` can cause a data race

Shared data structure in model crate implements Send and Sync traits regardless of the inner type. This allows safe Rust code to trigger a data race, which is undefined behavior in Rust. Users are advised to treat Shared as an unsafe type. It should not be used outside of the testing context, and...

`Shared` can cause a data race

Shared data structure in model crate implements Send and Sync traits regardless of the inner type. This allows safe Rust code to trigger a data race, which is undefined behavior in Rust. Users are advised to treat Shared as an unsafe type. It should not be used outside of the testing context, and...

Security Bulletin: Vulnerabilities in Tivoli Netcool/OMNIbus

Summary There are vulnerabilities in the libnhttpd interface which is part of Tivoli Netcool/OMNIbus. This were discovered during penetration testing of the product. Vulnerability Details Third Party Entry: PSIRT-ADV0026226 DESCRIPTION: Created from Advisory: ADV0026226 CVSS Base score: 8.8 CVSS...

Citrix UPS Print Driver Certification Tool

Where to download ? Certain legacy Citrix tools are now available on request only. Please submit the request here - https://forms.gle/obA39PEz5qpDiSPq8 Once we verify your request, we will provide access to the download location. Description The Citrix UPS Print Driver Certification Tool can be...

pwntools

This is an open-source repository for the pwntools project, a Python library for reverse engineering and exploitation. The repository contains various files and workflows for contributing to the project, including issue templates, pull request templates, and workflows for continuous integration a...

This One Time on a Pen Test: How I Hacked a Self-Driving Car

Each year, Rapid7 penetration testers complete hundreds of internally and externally based penetration testing service engagements. This post is part of an ongoing series featuring testimonials of what goes on beneath the hoodie. For more insights, check out our 2020 Under the Hoodie report. An...