Heap-based Buffer Overflow

libgd.so is vulnerable to heap-based buffer overflows. The overflows can be triggered when the function gdImageTiffPtr of gdtiff.c reads input images of GD and GD2 formats and does not check the transparent index bounds of the palette. Note: this CVE is disputed because the vendor suggested GD an...

Fedora 31 : php (2020-32f9a2b308)

PHP version 7.3.15 20 Feb 2020 Core: - Fixed bug php71876 Memory corruption htmlspecialchars: charset ' not supported. Nikita - Fixed bug php79146 cscript can fail to run on some systems. clarodeus - Fixed bug php78323 Code 0 is returned on invalid options. Ivan Mikheykin - Fixed bug php76047...

PowerSploit

This is an offensive tool for Windows PowerShell exploitation. It is a PowerShell post-exploitation framework called PowerSploit, which includes various modules for code execution, DLL injection, and antivirus bypass. The framework is designed to be used by penetration testers and red teamers to...

Biotech health care innovations meet security challenges

The level and speed of innovations taking place in the biotech industry are baffling. On the one hand, it makes us hopeful we can quickly reduce the number of illnesses and their consequences through technological advancement—saving thousands of lives. On the other, concerns about the application...

The Game Changing Role of Performance Testing (Part 1)

In two previous blogs, VMware Carbon Black software engineers discussed how important it was to maintain a balance of latency, scale, and cost as they built out and enhanced the company’s reputation services. They also provided some insights into the challenges they encountered with various...

What are the benefits of SAST testing in CI/CD pipelines?

Static application security testing SAST is traditionally used in software development lifecycles both early on in the process and often to "white box" test all files containing source code. Integrating SAST into modern CI/CD pipelines allows developers to continuously monitor their code, providi...

metasploit-framework

This is the Metasploit Framework repository, a widely used penetration testing tool. It is an offensive tool for penetration testing and vulnerability assessment. The primary target of this tool is the Metasploit Framework itself, which is a Ruby-based framework for developing and executing...

commix

This is an automated tool for testing web-based applications to find command injection vulnerabilities. It is written in Python and can be used by web developers, penetration testers, or security researchers. The tool is designed to test web-based applications with the view to find bugs, errors, ...

SUDO_KILLER - A Tool To Identify And Exploit Sudo Rules' Misconfigurations And Vulnerabilities Within Sudo

Linux Privilege Escalation through SUDO abuse. If you like the tool and for my personal motivation so as to develop other tools please a +1 star The tool can be used by pentesters, system admins, CTF players, students, System Auditors and trolls :. INTRO WARNING: SUDOKILLER is part of the KILLER...

AFLplusplus

This is a code repository for AFLplusplus, a tool for fuzz testing and vulnerability discovery. The repository contains various files and directories related to the project, including configuration files, makefiles, and documentation. The repository is organized as follows: .clang-format is a...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector targeted by this repository is not explicitly stated, but it appears to be a collection of various vulnerabilities in different environments. The probable entry points for these...

The vulnerability of the Oracle Flow Builder component in the software for testing web applications, web services, and Oracle databases within the Oracle Application Testing Suite allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Oracle Flow Builder component, a software tool for testing web applications, web services, and databases within the Oracle Application Testing Suite, is related to access control deficiencies. Exploiting this vulnerability could allow an attacker operating remotely to gai...

Aduket - Straight-forward HTTP Client Testing, Assertions Included

Straight-forward HTTP client testing, assertions included! Simple httptest.Server wrapper with a little request recorder spice on it. No special DSL, no complex API to learn. Just create a server and fire your request like an Hadouken then assert them. TODO Add example usages Add docs Add respons...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The repository contains a variety of vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and more. The environments are designed to be easy to use and require no pre-existing knowledge of...

OpenSMTPD 6.6.1 Local Privilege Escalation

Exploit Title: OpenSMTPD 6.6.1 - Local Privilege Escalation Date: 2020-02-02 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.opensmtpd.org/ Version: OpenSMTPD 6.4.0 - 6.6.1 Tested on: OpenBSD 6.6, Debian GNU/Linux bullseye/sid with opensmtpd 6.6.1p1-1 CVE: CVE-2020-7247 !/usr/bin/perl...

FockCache - Minimalized Test Cache Poisoning

FockCache - Minimalized Test Cache Poisoning Detail For Cache Poisoning : https://portswigger.net/research/practical-web-cache-poisoning FockCache FockCache tries to make cache poisoning by trying X-Forwarded-Host and X-Forwarded-Scheme headers on web pages. After successful result, it gives you ...

PowerSploit

This is an offensive tool for Windows PowerShell. It is a collection of PowerShell modules for various purposes, including code execution, DLL injection, and antivirus bypass. The tool is part of the PowerSploit framework, which is a collection of PowerShell modules for penetration testing and re...

The Rise of the Open Bug Bounty Project

Can you imagine launching a global bug bounty platform with almost 500,000 submissions and 13,000 researchers without consuming a cent from venture capitalists? If not, this success story is for you. The once skyrocketing bug bounty industry seems to be not in the best shape today. While prominen...

Pen Testing Ships. A year in review

Partially driven by the upcoming inclusion of Cyber Security by the IMO International Maritime Organisation, 2019 was a really busy year for maritime security testing at PTP. What can we all learn from a year of evaluating the security of ships? We’ve been involved in all sorts of ship testing,...

DVNA - Damn Vulnerable NodeJS Application

Damn Vulnerable NodeJS Application DVNA is a simple NodeJS application to demonstrate OWASP Top 10 Vulnerabilities and guide on fixing and avoiding these vulnerabilities. The fixes branch will contain fixes for the vulnerabilities. Fixes for vunerabilities OWASP Top 10 2017 vulnerabilities at...