Getting the Most Value Out of Your Phishing Program

Are your phishing tests worth the money you are spending on them? Please dont misinterpret that as suggesting you shouldnt be testing your users. To the contrary, I think you should be testing all your users executives of all ranks included on a regular basis. What I mean by that question is; are...

Symantec Messaging Gateway 10.6.2-7 - Remote Code Execution Exploit

This Metasploit module exploits the command injection vulnerability of Symantec Messaging Gateway product. An authenticated user can execute a terminal command under the context of the web server user which is root. backupNow.do endpoint takes several user inputs and then pass them to the interna...

How to Test XenMobile Server Database Connectivity

This article describes how to test XenMobile Server database connectivity...

Viproy - VoIP Penetration Testing and Exploitation Kit

Viproy Voip Pen-Test Kit provides penetration testing modules for VoIP networks. It supports signalling analysis for SIP and Skinny protocols, IP phone services and network infrastructure. Viproy 2.0 is released at Blackhat Arsenal USA 2014 with TCP/TLS support for SIP, vendor extentions support,...

Today’s File Security is So ’80s, Part 3: Dynamic Peer Groups – 3 Examples from Customer Data

In the first two parts of this series, we discussed why permissions management, the traditional approach to file security, no longer works and introduced a new approach to file security that leverages machine learning to build dynamic peer groups based on how users actually access files. In this...

Debian: Security Advisory (DSA-3890-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : lynis (openSUSE-2017-705)

This update for lynis fixes the following issues : Lynis 2.5.1 : - Improved detection of SSL certificate files - Minor changes to improve logging and results - Firewall tests: Determine if CSF is in testing mode The Update also includes changes from Lynis 2.5.0 : - CVE-2017-8108: symlink attack m...

SigPloit - Telecom Signaling Exploitation Framework - SS7, GTP, Diameter & SIP

SiGploit a signaling security testing framework dedicated to Telecom Security professionals and reasearchers to pentest and exploit vulnerabilites in the signaling protocols used in mobile operators regardless of the geneartion being in use. SiGploit aims to cover all used protocols used in the...

Why you have to move beyond “We have a policy for that”

Ive never been a big fan of - or have believed in the value of - security policies. Sure, theyre necessary for setting expectations and auditors want to see them. They can also serve as a sort of insurance policy to fall back on when an unexpected security "event" occurs. But, at the end of the...

[SECURITY] Fedora 25 Update: picocom-2.2-2.fc25

As its name suggests, picocom is a minimal dumb-terminal emulation program. It is, in principle, very much like minicom, only it's "pico" instead of "mini"! It was designed to serve as a simple, manual, modem configuration, testing, and debugging tool. It has also served quite well as a low-tech...

pymultitor - Python Multi Threaded Tor Proxy

Did you ever want to be at two different places at the same time? While performing penetration tests there are often problems caused by security devices that block the "attacking" IP. With a large number of IP addresses performing the attacks, better results are guaranteed - especially when...

Symantec Messaging Gateway Remote Code Execution

This module exploits the command injection vulnerability of Symantec Messaging Gateway product. An authenticated user can execute a terminal command under the context of the web server user which is root. backupNow.do endpoint takes several user inputs and then pass them to the internal service...

CVE-2017-0199: in-depth analysis of the Microsoft Office RTF vulnerability-vulnerability warning-the black bar safety net

0x00 Preface Recently, researchers also found a number of CVE-2017-0199 vulnerability of the sample. Although the Microsoft in this year 4 month has been released for the vulnerability the patch, but since its use is relatively simple, worldwide usage is still very high, here to share some of the...

The vulnerability of the Microsoft Office software package, which allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Office suite exists due to insufficient testing of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Artifex MuPDF - Null Pointer Dereference

Source: https://bugs.ghostscript.com/showbug.cgi?id=697500 POC to trigger null pointer dereference mutool After some fuzz testing I found a crashing test case. Git HEAD: 8eea208e099614487e4bd7cc0d67d91489dae642 To reproduce: mutool convert -F cbz nullptrfzpaintpixmapwithmask -o /dev/null ASAN:...

Linux/x86-64 - /bin/sh Shellcode (31 bytes)

Linux/x86-64 - /bin/sh Shellcode 31 bytes. Shellcode exploit for Linx86-64 platform / ;Title: Linux/x86-64 - /bin/sh Shellcode ;Author: Touhid M.Shaikh ;Contact: https://github.com/touhidshaikh ;Category: Shellcode ;Architecture: Linux x8664 ;Description: This shellcode baased on "JMP CALL POP"...

The vulnerability of the HLOS component of Qualcomm Secure Execution Environment allows a perpetrator to gain access to kernel modules beyond their authorized scope.

The vulnerability of the HLOS microprogramming software component of Qualcomm Secure Execution Environment for Android exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to kernel modules beyond their authorize...

WordPress No External Links 3.5.17 Cross Site Scripting

DefenseCode ThunderScan SAST Advisory WordPress No External Links Plugin Security Vulnerability Advisory ID: DC-2017-01-022 Advisory Title: WordPress No External Links Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress No External Links Plugi...

Run HTTP Flood DDoS Attacks: Wreckuests

Stress Testing: Run HTTP Flood DDoS Attacks Wreckuests is a script, which allows you to run DDoS attacks with HTTP-floodGET/POST. It’s written in pure Python and uses proxy-servers as “bots”. This script is published for educational purposes only! Features Cache bypass with random ?abcd=efg...

The Jetson’s Cyber Concerns – Future Smart Cities Cybersecurity Checklist

As cities continue to grow smarter, they will also become easier to hack. With millions if not billions of dollars going into research for urban domains and the Internet of Things IoT, there will be more opportunities to utilize technology to define, access and improve smart city services and...