Frame replay vulnerability in Wi-Fi subsystem in Intel® Dual-Band and Tri-Band Wireless-AC Products allows remote attacker to replay frames via channel-based man-in-the-middle

Summary: A vulnerability relating to frame replay during device sleep has been identified in the Intel® Dual-Band and Tri-Band Wireless-AC Products. An attacker who can successfully establish a channel-based man-in-the-middle can potentially replay frames to impact the integrity or availability o...

Syhunt ScanTools 6.0 - Console Web Vulnerability Scan Tools

Syhunt ScanTools 6.0 adds advanced fingerprinting capabilities, enhanced spidering, injection and code scan capabilities, and a large number of improved checks. Adds the display of Hybrid, Dynamic and Code detailed scan statistics to the command-line tools. New fingerprinting capabilities - Becau...

WePay: open 80 port of internal host leaking some configuration info

A testing stage server was accessible from the internet leaking some debug info. Thanks @ruvlol for reporting this to us. A testing stage was accessible to everyone in internet, leaking some debug info...

Hijacker v1.4 - All-in-One Wi-Fi Cracking Tools for Android

Hijacker is a Graphical User Interface for the penetration testing tools Aircrack-ng , Airodump-ng , MDK3 and Reaver. It offers a simple and easy UI to use these tools without typing commands in a console and copy&pasting MAC addresses. This application requires an ARM android device with a...

TeamViewer 11 13 (Windows 10 x86) - Inline Hooking Direct Memory Modification Permission Change

TeamViewer 11 13 Windows 10 x86 - Inline Hooking Direct Memory Modification Permission Change TeamViewer Permissions Hook V1 --- A proof of concept injectable C++ DLL, that uses naked inline hooking and direct memory modification to change TeamViewer permissions. Features As the Server - Enables...

CVE-2017-16959

The CVE-2017-16959 vulnerability affects TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices via the locale feature in cgi-bin/luci. The issue arises from set_sysinfo/get_sysinfo in /usr/lib/lua/luci/controller/locale.lua used by uhttpd, allowing remote authenticated users to probe for existence of a...

November 22, 2017 – Morning Cyber Coffee Headlines – “Thanksgiving Week” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! November 22, 2017 - Headlines Carbon Black in the News: Holiday season scams:...

Phoenix Framework Redirection Vulnerability

Phoenix Framework is a set of resource management and testing as one of the Web automation testing framework . The framework supports unscripted execution , unattended execution and free customization and other execution modes . A redirection vulnerability exists in Phoenix Framework. An attacker...

Kali Linux 2017.3 Release - The Best Penetration Testing Distribution

Kali Linux 2017.3 released , which includes all patches, fixes, updates, and improvements since our last release. In this release, the kernel has been updated to 4.13.10 and it includes some notable improvements: CIFS now uses SMB 3.0 by default EXT4 directories can now contain 2 billion entries...

Node.js VoIP penetration testing framework : Bluebox-ng

Bluebox-ng : Node.js VoIP penetration testing framework Features Auto VoIP/UC penetration test Report generation Performance RFC compliant SIP TLS and IPv6 support SIP over websockets and WSS support RFC 7118 SHODAN, exploitsearch.net and Google Dorks SIP common security tools scan,...

Network Interference Detection Tool: ooniprobe

OONI, the Open Observatory of Network Interference, is a global observation network which aims is to collect high quality data using open methodologies, using Free and Open Source Software FL/OSS to share observations and data about the various types, methods, and amounts of network tampering in...

PowerShell Penetration Testing Framework: Nishang

Nishang is an open source framework and collection of powerful PowerShell scripts and payloads that you can use during penetration testing audit, post exploitation phase or other stages of offensive security auditing. Nishang is useful during various phases of a security auditing process and has...

Technicolor TG789vn v3 HTTP DoS Exploit

Exploit for hardware platform in category dos / poc !/usr/bin/python By Angel Paillalef Silva Vendor: Movistar Router: Technicolor TG789vn v3 Usage: python exploit.py import socket import sys import urllib2 host = "" port = "" iflensys.argv = 2: host = sys.argv1 port = sys.argv2 else: print "nume...

openSUSE Security Update : testing the software stack (openSUSE-2017-1227)

This update contains a security update for testing the software stack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2017-1227. The text description of this plugin is C SUSE LLC...

nullinux - SMB null Session Identification and Enumeration Tool

nullinux is an internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB null sessions. Unlike many of the enumeration tools out there already, nullinux can enumerate multiple targets at once and when...

Lynis 2.5.7 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

subjack - Hostile Subdomain Takeover tool written in Go

subjack is a Hostile Subdomain Takeover tool written in Go designed to scan a list of subdomains concurrently and identify ones that are able to be hijacked. With Go's speed and efficiency, this tool really stands out when it comes to mass-testing. Always double check the results manually to rule...

Security Analysis with Bamboo Plugin

Build Management with Bamboo In the process of continuous integration, a code repository is automatically built and tested by a CI service when code is pushed or committed to the repository. This enables automated testing, tracking, and reporting of build errors and boosts the productivity of...

What You Need To Know About The "ROCA" vulnerability

By Daniel Franke, Infosec Researcher Akamai is aware of the recently-disclosed "ROCA" vulnerability in cryptographic firmware used in products made by Infineon Technologies. A bug in the firmware's prime-search algorithm used for RSA key generation results in RSA keys that are relatively cheap an...

P4wnP1: A Open Source USB Attack Platform

PenTestIT RSS Feed As of now, hardware security projects seem to be attracting me more than software based projects. Evidently, I wrote a few posts covering them - List of Portable Hardware Devices for Penetration Testing, List of Raspberry Pi DIY Projects for Anonymity, etc. among other awesome...