Python Backdoor Framework: NXcrypt

Python Backdoor Framework: NXcrypt Features NXcrypt is a polymorphic ‘python backdoors’ crypter written in python by Hadi Mene h4d3s . The output is fully undetectable . NXcrypt can inject malicious python file into a normal file with multi-threading system . Run it with superuser’s permissions...

NXcrypt - Python Backdoor Framework

NXcrypt NXcrypt is a polymorphic 'python backdoors' crypter written in python by Hadi Mene h4d3s . The output is fully undetectable . NXcrypt can inject malicious python file into a normal file with multi-threading system . Run it with superuser's permissions . NXcrypt output is Fully undetectabl...

Denial Of Service (DoS)

ImageMagick is vulnerable to denial of service DoS attacks. The library contains a logic error during threading, allowing a malicious user to cause resource exhaustion, leading to the system crashing...

Online Malware & URL Analysis: MalSub

Online Malware & URL Analysis malsub is a Python 3.6.x framework that wraps several web services of online malware and URL analysis sites through their RESTful Application Programming Interfaces APIs . It supports submitting files or URLs for analysis, retrieving reports by hash values, domains,...

[SECURITY] Fedora 25 Update: suricata-3.2.1-1.fc25

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

[SECURITY] Fedora 24 Update: suricata-3.2.1-1.fc24

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

Code injection

Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives,...

CVE-2017-5682

Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives,...

Intel PSET Application Install wrapper contains an escalation of privilege vulnerability.

Summary: Intel PSET Application Install wrapper contains an escalation of privilege vulnerability. Description: Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer a...

UBUNTU-CVE-2016-8605

The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777. Th...

Google Chrome (Fedora 25 Ubuntu 16.04) - tracker-extract gnome-video-thumbnailer + totem Drive-By Download

Google Chrome Fedora 25 Ubuntu 16.04 - tracker-extract gnome-video-thumbnailer + totem Drive-By Download Source: https://scarybeastsecurity.blogspot.com/2016/12/redux-compromising-linux-using-snes.html Overview Full reliable 0day drive-by exploit against Fedora 25 + Google Chrome, by breaking out...

Auto_EAP - Automated Brute-Force Login Attacks Against EAP Networks

AutoEAP.py is a script designed to perform automated brute-force authentication attacks against various types of EAP networks. These types of wireless networks provide an interface to facilitate password guessing of domain credentials as radius servers check authentication against Active Director...

openSUSE Security Update : MozillaThunderbird (openSUSE-2016-1195)

This update for Mozilla Thunderbird to version 45.4.0 fixes the following issues : - When using Thunderbird in a browser like context, for rendering HTML e-mail or feeds, it may be affected by vulnerabilities also fixed in Firefox ESR 45.4. MFSA 2016-86, boo999701 The following bugs were fixed in...

openSUSE Security Update : MozillaThunderbird (openSUSE-2016-1166)

This update for Mozilla Thunderbird to version 45.4.0 fixes the following issues : - When using Thunderbird in a browser like context, for rendering HTML e-mail or feeds, it may be affected by vulnerabilities also fixed in Firefox ESR 45.4. MFSA 2016-86, boo999701 The following bugs were fixed in...

APT2 - Automated Penetration Toolkit

This tool will perform an NMap scan, or import the results of a scan from Nexpose, Nessus, or NMap. The processesd results will be used to launch exploit and enumeration modules according to the configurable Safe Level and enumerated service information. All module results are stored on localhost...

The vulnerability of the Firefox browser, which allows a malicious actor to execute arbitrary code

The Mozilla Firefox browser contains a vulnerability related to errors in the implementation of the Web Workers technology. Exploiting this vulnerability allows malicious actors to execute arbitrary code by terminating the worker process, thereby enabling them to transfer objects between threads...

Automated Penetration Testing Toolkit: APT2

This tool will perform an NMap scan, or import the results of a scan from Nexpose, Nessus, or NMap. The processesd results will be used to launch exploit and enumeration modules according to the configurable Safe Level and enumerated service information. All module results are stored on localhost...

Apple Mac OSX Kernel - Null Pointer Dereference in AppleGraphicsDeviceControl

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=782 AppleGraphicsDeviceControlClient doesn't check that its pointer to its IOService at this+0xd8 is non-null before using it in all external methods. We can set this pointer to NULL by racing two threads, one of which calls...

American Fuzzy Lop Utilities: afl-utils

Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization afl-utils is a collection of utilities to assist fuzzing with american-fuzzy-lop afl . afl-utils includes tools for: automated crash sample collection, verification, reduction and analys...

Shocker - A tool to find and exploit servers vulnerable to Shellshock

A tool to find and exploit servers vulnerable to Shellshock Help Text usage: shocker.py -h, --help show this help message and exit --Host HOST, -H HOST A target hostname or IP address --file FILE, -f FILE File containing a list of targets --port PORT, -p PORT The target port number default=80...