[SECURITY] Fedora 30 Update: rubygem-actionpack-5.2.3-2.fc30

Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser...

[SECURITY] Fedora 30 Update: rubygem-activemodel-5.2.3-2.fc30

A toolkit for building modeling frameworks like Active Record. Rich support for attributes, callbacks, validations, serialization, internationalization, and testing...

QRGen - Simple Script For Generating Malformed QRCodes

Simple Script For Generating Malformed QRCodes. These qrcodes are useful if you want to test some QRCode scanner's parser or how the application handle QRCode data. Down side of this tool: you need to manually scan codes with camera. Proof Installation What do you need: python3 qrcode Pillow...

How to build your own PoC framework Pocsuite3 using the article-the vulnerability warning-the black bar safety net

Compared to boring the usage of the description, the more I want to say about Pocsuite3 why will have these features as well as how to achieve. If you also want to build a similar tool, Pocsuite3 some of the thoughts may be able to help you. This article is also recorded Pocsuite3 development...

CQTools - The New Ultimate Windows Hacking Toolkit

CQURE Team has prepared tools used during penetration testing and packed those in a toolkit named CQTools. This toolkit allows to deliver complete attacks within the infrastructure, starting with sniffing and spoofing activities, going through information extraction, password extraction, custom...

Oracle Application Testing Suite Post-Auth DownloadServlet Directory Traversal

This module exploits a vulnerability in Oracle Application Testing Suite OATS. In the Load Testing interface, a remote user can abuse the custom report template selector, and cause the DownloadServlet class to read any file on the server as SYSTEM. Since the Oracle application contains multiple...

Fedora Update for dnsperf FEDORA-2019-f791948895

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora Update for openocd FEDORA-2019-0a5e82cea8

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora Update for python36 FEDORA-2019-7eb6d3b8ea

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Scanners-Box

This is a collection of open-source scanning tools and wordlists for web application security testing. The repository, Scanners-Box, is a collection of tools from various contributors, including lijiejie, ringzero, and others. The tools are categorized into subdomains, database vulnerability...

PeekABoo - Tool To Enable Remote Desktop On The Targeted Machine

PeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. The tool only works if WinRM is enabled. Since Windows Server 2012 WinRM is enabled by default on all Windows server...

[SECURITY] Fedora 30 Update: dnsperf-2.2.1-4.fc30

This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf1 and resperf1 man pages...

Bashter - Web Crawler, Scanner, And Analyzer Framework

Bashter is a tool for scanning a Web-based Application. Bashter is very suitable for doing Bug Bounty or Penentration Testing. It is designed like a framework so you can easily add a script for detect vulnerability. For Example You can add something script like this:...

Exploit for Injection in Oracle Agile_Plm

CNTA-2019-0014-CVE-2019-2725 Disclaimer: This tool...

Exploit for Injection in Oracle Agile_Plm

CNTA-2019-0014-CVE-2019-2725 Disclaimer: This tool...

ParamPamPam - Brute Force Discover GET And POST Parameters

This tool for brute discover GET and POST parameters. Installation With Docker Install Docker git clone https://github.com/Bo0oM/ParamPamPam.git cd ParamPamPam docker build -t parampp . echo -e '!'"/bin/bash\ndocker run -ti --rm parampp $@" /usr/local/bin/parampp parampp -u "https://vk.com/login"...

Kubebot - A Security Testing Slackbot Built With A Kubernetes Backend On The Google Cloud Platform

A security testing Slackbot built with a Kubernetes backend on the Google Cloud Platform Architecture Demo Data Flow 1 - API request tool, target, options initiated from Slackbot, sent to the API server, which is running as a Docker container on a Kubernetes K8s cluster and can be scaled. 2 - API...

Buffer Overflow Vulnerability in Prime95 Software

prime95 is a dedicated software for testing system stability. A buffer overflow vulnerability exists in the Prime95 software. By failing to check the length of incoming data at the host nmae, an attacker could exploit the vulnerability to execute arbitrary code within the context of the applicati...

CVE-2019-2557

Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite subcomponent: Load Testing for Web Apps. The supported version that is affected is 13.3.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2019-2557

Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite subcomponent: Load Testing for Web Apps. The supported version that is affected is 13.3.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...