Sudomy - Subdomain Enumeration & Analysis

Sudomy is a subdomain enumeration tool, created using a bash script, to analyze domains and collect subdomains in fast and comprehensive way. Features For recent time,Sudomy has these 9 features: Easy, light, fast and powerful. Bash script is available by default in almost all Linux distributions...

Pocsuite

This project is an open-sourced remote vulnerability testing and proof-of-concept development framework called Pocsuite, developed by the Knownsec Security Team. It comes with a powerful proof-of-concept engine and many niche features for penetration testers and security researchers. The framewor...

WordPress nelio-ab-testing plugin code issue vulnerability (CNVD-2019-30750)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. nelio-ab-testing is a plugin for A/B testing of websites. The WordPress nelio-ab-testing plugin has a code issue vulnerability and no...

WordPress nelio-ab-testing plugin code issue vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. nelio-ab-testing is a plugin for A/B testing of websites. The WordPress nelio-ab-testing plugin has a code issue vulnerability and no...

CVE-2016-10926

The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php...

CVE-2016-10927

The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php...

CVE-2016-10927

The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php...

Server side request forgery (ssrf)

The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php...

Server side request forgery (ssrf)

The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php...

CVE-2016-10927

CVE-2016-10927 affects the WordPress plugin nelio-ab-testing (pre-4.5.11). The vulnerability is an SSRF in ajax/iesupport.php, with CVSSv3 base score 10.0 (CRITICAL) and CVSSv2 base score 6.4 (MEDIUM). Impact indicators shown: high confidentiality and integrity impact, no availability impact; exp...

CVE-2016-10926

The CVE concerns the Nelio AB Testing WordPress plugin prior to version 4.5.9, which contains a Server-Side Request Forgery (SSRF) vulnerability in ajax/iesupport.php. Publicly documented impact indicates high risk to confidentiality and integrity (CVSS3 base score 10.0; vector: NETWORK, no privi...

CVE-2016-10926

The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php...

Hacktronian - All In One Hacking Tool For Linux & Android

Pentesing Tools That All Hacker Needs. HACKTRONIAN Menu : Information Gathering Password Attacks Wireless Testing Exploitation Tools Sniffing & Spoofing Web Hacking Private Web Hacking Post Exploitation Install The HACKTRONIAN Information Gathering: Nmap Setoolkit Port Scanning Host To IP wordpre...

When Checking the Box Results in Two Zero Days and Root (CVE-2019-14257 and CVE-2019-14258)

Finding new bugs and exploiting them can be exciting and fun for a penetration tester. I was ecstatic to find my first two zero-days, and I used them to break a system from no access to root. This was a good day for me - but the story behind the story provides some real lessons enterprises can...

Microsoft Offers $30K Rewards For Chromium Edge Beta Flaws

Microsoft is calling on researchers to help sniff out any security glitches in the beta version of its new Chromium-based Edge browser before officially pushing it live. The tech company has been working to build a new version of Edge based on Google’s open-source Chromium code, as opposed to its...

WordPress nelio-ab-testing plugin cross-site request forgery vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. nelio-ab-testing is a plugin for A/B testing of websites. A cross-site request forgery vulnerability exists in the WordPress...

Apple Sues Corellium Over iOS 'Replica' Security Testing Software

Apple has sued startup Corellium for copyright infringement, alleging that the company has developed “exact digital replicas” of its iPhone operating system without authorization – from the code down to the graphical user interface. While details about Florida-based Corellium on its website are...

CVE-2017-18547

The nelio-ab-testing plugin before 4.6.4 for WordPress has CSRF in experiment forms...

CVE-2017-18547

The CVE concerns the WordPress Nelio Ab Testing plugin prior to version 4.6.4, where a CSRF flaw exists in the experiment forms. Multiple connected sources (Red Hat CVE entry, CNVD/CVE listings, CVE records, and WP vulnerability databases) corroborate that the vulnerability is a CSRF issue in the...

Intranet_Penetration_Tips

It is an offensive tool for network penetration. The repository contains some internal penetration tips compiled in early 2018, but has since been updated slowly. The author has made the repository public in hopes of collaborating with others to update and maintain it...