WeakerThan Linux

Weakerthan is a penetration testing distribution which is built from Debian Squeeze. For the desktop environment it uses Fluxbox. This operating system is ideal for WiFi hacking as it contains plenty of Wireless tools. It has a very well maintained website and a devoted community. Built from Debi...

FBstalker Does Data Mining on Facebook Graph Search

Facebook’s Graph Search feature connects a lot of dots between friends on the social network—as well as between others who interact with your Facebook friends. Anyone with a keyboard has a nifty data mining tool at their fingertips that can bring up an intricate list of friends and acquaintances,...

DSA-2784-1 xorg-server - use-after-free

Bulletin has no description...

DSA-2779-1 libxml2 - denial of service

Bulletin has no description...

[Firebind Reflector v0.53] Portable Network Path Scanning Tool

Firebind Reflector is a portable network path scanning tool that can profile firewall and other network device rules for port blocking, such as perform egresss/exfiltration testing. Reflector has a client side and listener server-side like Netcat and Ncat, except Reflector can dynamically be told...

[SECURITY] [DSA 2771-1] nas security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2771-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 09, 2013 http://www.debian.org/security/faq -...

Find Misconfigurations: unix-privesc-check

Unix-privesc-check is a script that runs on Unix systems tested on Solaris 9, HPUX 11, Various Linuxes, FreeBSD 6.2. It tries to find misconfigurations that could allow local unprivilged users to escalate privileges to other users or to access local apps e.g. databases. It is written as a single...

Debian Security Advisory DSA 2771-1 (nas - several vulnerabilities)

Hamid Zamani discovered multiple security problems buffer overflows, format string vulnerabilities and missing input sanitising, which could lead to the execution of arbitrary code. OpenVAS Vulnerability Test $Id: deb2771.nasl 6611 2017-07-07 12:07:20Z cfischer $ Auto-generated from advisory DSA...

MetInfo5. 1 tasteless GETSHELL-a vulnerability warning-the black bar safety net

0x00: the A project of penetration testing on the project encountered this situation in the metinfo on the ciphertext cannot be decrypted when we are this method can bypass the background GETSHELL it. 0x01: the The latest official metinfo5. 1, is yesterday download. 0x02: the In fact, is the seco...

Pen Testing Using Live Malware Becoming a Must

BERLIN–Penetration testing has come a long way in the last decade, evolving from a somewhat controversial practice to a de facto best practice in the enterprise market. That evolution hasn’t stopped by any means, and one of the things that experts say must be a part of any comprehensive test now ...

[Matriux Leandros v3.0 rc1] The pentesting distrib (Now added Blackhat Arsenal 2013 Tools)

Matriux is a Debian-based security distribution designed for penetration testing and forensic investigations. Although it is primarily designed for security enthusiasts and professionals, it can also be used by any Linux user as a desktop system for day-to-day computing. Besides standard Debian...

Cisco Content Switching Module Layer 7 Load Balancing DoS

According to its self-reported version number, the Cisco Content Switching Module in the remote switch may be affected by a denial of service vulnerability. The vulnerability exists when the CSM or CSM-S is configured for layer 7 load balancing. An attacker can trigger this vulnerability when the...

[Syhunt Sandcat Browser v4.1] A Penetration-oriented browser (extented to Web Application Assessment)

Sandcat Browser 4 brings unique features that are useful for pen-testers and web developers. Sandcat is built on top of Chromium, the same engine that powers the Google Chrome browser, and uses the Lua programming language to provide extensions and scripting support. Features Live HTTP Headers —...

[OWASP Zed Attack Proxy 2.2.1] Tool for finding vulnerabilities in web applications (Now supports CWE)

OWASP Zed Attack Proxy ZAP An easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing...

Debian Security Advisory DSA 2585-1 (bogofilter - buffer overflow)

A heap-based buffer overflow was discovered in bogofilter, a software package for classifying mail messages as spam or non-spam. Crafted mail messages with invalid base64 data could lead to heap corruption and, potentially, arbitrary code execution. OpenVAS Vulnerability Test $Id: deb25851.nasl...

Debian: Security Advisory (DSA-2553-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-2584-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NASDAQ Patches Reported XSS Vulnerability

A NASDAQ representative confirmed this morning that a cross-site scripting vulnerability on the exchange’s website discovered by an ethical hacker has been patched. The issue was reported on Sept. 2 by Ilia Kolochenko, chief executive of High-Tech Bridge, a Swiss penetration testing company...

DSA-2754-1 exactimage - denial of service

Bulletin has no description...

AjaXplorer 1.0 - Multiple Vulnerabilities

AjaXplorer 1.0 - Multiple Vulnerabilities Trustwave SpiderLabs Security Advisory TWSL2013-027: Multiple Vulnerabilities in AjaXplorer Published: 09/05/13 Version: 1.0 Vendor: AjaXplorer http://ajaxplorer.info Product: AjaXplorer Version affected: 5.0.2 and prior Product description: AjaXplorer is...