7422 matches found
[SECURITY] [DLA 449-1] botan1.10 security update
Package : botan1.10 Version : 1.10.5-1+deb7u1 CVE ID : CVE-2014-9742 CVE-2015-5726 CVE-2015-5727 CVE-2015-7827 CVE-2016-2194 CVE-2016-2195 CVE-2016-2849 Several security vulnerabilities were found in botan1.10, a C++ library which provides support for many common cryptographic operations, includi...
Oracle Application Testing Suite 登录绕过 和 任意文件上传漏洞
No description provided by source...
RomPager 4.34 (Multiple Router Vendors) - 'Misfortune Cookie' Authentication Bypass
Title: Misfortune Cookie Exploit RomPager = 4.34 router authentication remover Date: 17/4/2016 CVE: CVE-2015-9222 http://mis.fortunecook.ie Vendors: ZyXEL,TP-Link,D-Link,Nilox,Billion,ZTE,AirLive,... Vulnerable models: http://mis.fortunecook.ie/misfortune-cookie-suspected-vulnerable.pdf Versions...
PenQ - The Security Testing Browser Bundle
PenQ is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre-configured with security tools for spidering, advanced web searching, fingerprinting, anonymous browsing, web server scanning, fuzzing, report generating and many more. PenQ is not just ...
Oracle Application Testing Suite DownloadServlet scenario Directory Traversal (CVE-2016-0477)
A directory traversal vulnerability exists in the in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation while processing HTTP requests to the "/olt/download" URI. A remote unauthenticated attacker can exploit this vulnerability by sending a malicious...
How to Report Your Performance Test Results Like a Pro
Performance tests try to reduce the risks of downtime or outages on multi-user systems by conducting experiments that use load to reveal limitations and errors in the system. Testing usually involves assessing the performance and capacity of systems that were expensive and time-consuming to build...
Gateway Edge Service: Zuul
Zuul is a gateway service that provides dynamic routing, monitoring, resiliency, security, and more. Zuul is the front door for all requests from devices and web sites to the backend of the Netflix streaming application. As an edge service application, Zuul is built to enable dynamic routing,...
Ranger - Tool To Access And Interact With Remote Microsoft Windows Based Systems
A tool to support security professionals access and interact with remote Microsoft Windows based systems. This project was conceptualized with the thought process, we did not invent the bow or the arrow, just a more efficient way of using it. Ranger is a command-line driven attack and penetration...
Ruggedization Framework For Security Testing: Gauntlt
Gauntlt is a ruggedization framework that is enables security testing that is usable by devs, ops and security. Gauntlt provides hooks to a variety of security tools and puts them within reach of security, dev and ops teams to collaborate to build rugged software. It is built to facilitate testin...
struts2 vulnerability s2-0 2 9 analysis-vulnerability warning-the black bar safety net
One, overview struts2 0 2 9 vulnerability has been broke for a period of time, online there are some associated analysis, first, vulnerability is determined to appear in OGNL explain the implementation process, the specific vulnerability testing poc online there have been many, My in the 2. 2...
Versatile HTTP load testing: vegeta
Vegeta is a versatile HTTP load testing tool built out of a need to drill HTTP services with a constant request rate. Vegeta can be used both as a command line utility and a library. Install Pre-compiled executables Get them here . Homebrew on Mac OS X You can install Vegeta using the Homebrew...
Oracle Application Testing Suite (ATS) 12.4.0.2.0 - Authentication Bypass Arbitrary File Upload
Oracle Application Testing Suite ATS 12.4.0.2.0 - Authentication Bypass Arbitrary File Upload Exploit Title: Oracle Application Testing Suite Authentication Bypass and Arbitrary File Upload Remote Exploit Exploit Author: Zhou Yu Vendor Homepage: http://www.oracle.com/ Software Link:...
Oracle Application Testing Suite 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload
Exploit for jsp platform in category web applications Exploit Title: Oracle Application Testing Suite Authentication Bypass and Arbitrary File Upload Remote Exploit Exploit Author: Zhou Yu Vendor Homepage: http://www.oracle.com/ Software Link:...
Oracle Application Testing Suite (ATS) 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload
Exploit Title: Oracle Application Testing Suite Authentication Bypass and Arbitrary File Upload Remote Exploit Exploit Author: Zhou Yu Vendor Homepage: http://www.oracle.com/ Software Link: http://www.oracle.com/technetwork/oem/downloads/apptesting-downloads-1983826.html?ssSourceSiteId=otncn...
Black-Box CAN Network Analysis Framework: CANToolz
CANToolz is a framework forCANbus network and device analysis. This tool consist of various different modules which can be piped together and used by security researchers and automotive/OEM security testers for black-box analysis of any CANbus system. You can use this software for ECU discovery,...
DSA-3545-1 cgit - security update
Bulletin has no description...
DSA-3541-1 roundcube - security update
Bulletin has no description...
RouterSploit - Router Exploitation Framework
The RouteSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of various modules that aids penetration testing operations: exploits - modules that take advantage of identified vulnerabilities creds - modules designed to test credentials against...
Pentestly - Python and Powershell internal Penetration Testing Framework
Pentestly is a combination of expanding Python tools for use in penetration tests. The goal is to utilize a familiar user interface while making contributions to the framework easy with the power of Python. Blog post: Pentestly Framework: When Pentesting Meets Python and Powershell Author:...
Stickman Crash Testing ① - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Stickman Crash Testing ① published at the 'play' market has multiple vulnerabilities...