[Sahi] Web Test Automation Tool

Sahi Pro is a powerful tool for automation of web application testing. Sahi Pro helps test web applications across different browsers with high reliability and low maintenance. Existing testing teams with minimal programming knowledge can easily get started and contribute to test automation. Sahi...

[Blue|Smash] Bluetooth Penetration Testing Suite

Blue|Smash is a free open source bluetooth pentest suite, powered by python for linux. I built Blue|Smash to aid me in my bluetooth adventures and thought others might benefit from my work :D. Here is a list of some of the tools included. Sorbo's Frontline bluetooth sniffer. A bruteforce scanner...

Ability Web Server(ftp) - Remote Buffer Overflow Exploit

Exploit for windows platform in category remote exploits !/usr/bin/python ==================================================== Exploit Title : Ability Web Serverftp Remote Buffer Overflow Exploit Author : JoKeRStEx Version : 2.34 \r\n" junk="A" 969 nop = "\x90" 32 eip="\x7C\x83\x69\xF0" call esp...

PT-2013-76: Local File Inclusion in LiveStreet CMS

The specialists of the Positive Research center have detected a Local File Inclusion vulnerability in LiveStreet CMS. Insufficient validation of user input in the install\index.php script allows remote attackers to include files located on the attacked server and thus execute a PHP code. It may...

[Evil Foca] IPv4 and IPv6 Penetration testing tool

Evil Foca is a tool for Pentesters and Security Auditors to perform security testing in IPv4/ IPv6 data networks. The tool is capable to do different attacks such as: MITM on IPv4 networks using ARP Spoofing and DHCP ACK injection. MITM on IPv6 networks using Neighbor Advertisement Spoofing, SLAA...

DSA-2811-1 chromium-browser - several

Bulletin has no description...

[MKBRUTUS] Password bruteforcer for MikroTik devices or boxes running RouterOS

Mikrotik brand devices www.mikrotik.com, which runs the RouterOS operative system, are worldwide known and popular with a high networking market penetration. Many companies choose them as they are a great combination of low-cost and good performance. RouterOS can be also installed on other device...

ManageEngine DesktopCentral 8.0.0 build 80293 - Arbitrary File Upload

DesktopCentral versions prior to 80293 suffer from a remote shell upload vulnerability. DesktopCentral Arbitrary File Upload Vulnerability Affected versions: DesktopCentral versions :8020 User-Agent: Mozilla/5.0 Windows NT 6.1; rv:22.0 Gecko/20100101 Firefox/22.0 Accept:...

Kaseya 6.3 Shell Upload

, , . .' '. ', . , '. , ., , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. Kaseya Arbitrary File Upload Vulnerability Affected versions: All versions and hotfixes prior to 6.3.0.2 PDF:...

Kaseya < 6.3.0.2 - Arbitrary File Upload

, , . .' '. ', . , '. , ., , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. Kaseya Arbitrary File Upload Vulnerability Affected versions:...

Debian: Security Advisory (DSA-2799-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OWASP Xenotix XSS Exploit Framework v4.5

Version 4.5 Additions JavaScript Beautifier Pause and Resume support for Scan Jump to Payload Cookie Support for POST Request Cookie Support and Custom Headers for Header Scanner Added TRACE method Support Improved Interface Better Proxy Support WAF Fingerprinting Load Files Hash Calculator Hash...

[WebSurgery] Web application security testing suite

WebSurgery is a suite of tools for security testing of web applications. It was designed for security auditors to help them with web application planning and exploitation. Suite currently contains a spectrum of efficient, fast and stable web tools Crawler, Bruteforcer, Fuzzer, Proxy, Editor and...

CTF365 Capture The Flag - The Next Generation IT Security Training Platform

For years, the Capture the Flag platform has been a common and very popular part of the hacker convention scene. Teams come from all over the world to show their skill and technique in various competitions. The CTF365 team took that interest, passion and excitement and went to a new level in thei...

CTF365 Capture The Flag - The Next Generation IT Security Training Platform

For years, the Capture the Flag platform has been a common and very popular part of the hacker convention scene. Teams come from all over the world to show their skill and technique in various competitions. The CTF365 team took that interest, passion and excitement and went to a new level in thei...

Python tools for Pentesters

If you are involved in vulnerability research, reverse engineering or penetration testing, I suggest to try out the Python programming language. It has a rich set of useful libraries and programs. This page lists some of them. Most of the listed tools are written in Python, others are just Python...

[aidSQL] PHP Application For SQL Injection Detection & Exploitation

aidSQL a PHP application provided for detecting security holes in your website/s. It’s a modular application, meaning that you can develop your very own plugins for SQL injection detection & exploitation. The tool provides pen-testing capabilities for MS-SQL 2000, MySQL 5 and the author promises ...

TAO 2.5.1 Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

Metasploit Modules Available for Seven Open Source Packages

Open source projects with anywhere between 100,000 and 1 million downloads are pretty sizable endeavors, and with the code open for scrutiny, you would think bugs would be found and some sort of disclosure process would be in place. If a spate of recently discovered issues in seven popular softwa...

[SECURITY] [DSA 2786-1] icu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2786-1 [email protected] http://www.debian.org/security/ Michael Gilbert October 27, 2013 http://www.debian.org/security/faq -...