dorkScanner - A Typical Search Engine Dork Scanner Scrapes Search Engines With Dorks That You Provide In Order To Find Vulnerable URLs

A typical search engine dork scanner that scrapes search engines with queries that you provide in order to find vulnerable URLs. Introduction Dorking is a technique used by newsrooms, investigative organisations, security auditors as well as tech savvy criminals to query various search engines fo...

VB 6.0 Dirlist Object Code Execution Exploit

/ VB 6.0 Dirlist Object Code Execution Author : Hexrain Tutorial Video : https://youtu.be/BLFbUJ4n8hY Twitter : @smashedkernel Greetz : OA Cybersec wornix blacknbunny / import sys try: commandfile = sys.argv1 poc = 'End If\nEnd Sub\nlPtr = Private Type Private Type\nRtlMoveMemory ByVal lPtr, &HE8...

Real Web Pentesting Tutorial Step by Step - [Persian]

Real Web Pentesting Tutorial Step by Step - Persian 1...

Real Web Pentesting Tutorial Step by Step - [Persian]

1...

Open Network Operating System (ONOS) Code Unexpected Execution Vulnerability (CNVD-2020-14220)

Open Network Operating System ONOS is a carrier-grade SDN network operating system for service providers and enterprise backbones. A code unintended execution vulnerability exists in Open Network Operating System ONOS 1.14. The vulnerability stems from a host event listener in the P4 tutorial...

CVE-2019-16297

An issue was discovered in Open Network Operating System ONOS 1.14. In the P4 tutorial application org.onosproject.p4tutorial, the host event listener does not handle the following event types: HOSTMOVED, HOSTREMOVED, HOSTUPDATED. In combination with other applications, this could lead to the...

Design/Logic Flaw

An issue was discovered in Open Network Operating System ONOS 1.14. In the P4 tutorial application org.onosproject.p4tutorial, the host event listener does not handle the following event types: HOSTMOVED, HOSTREMOVED, HOSTUPDATED. In combination with other applications, this could lead to the...

CVE-2019-16297

An issue was discovered in Open Network Operating System ONOS 1.14. In the P4 tutorial application org.onosproject.p4tutorial, the host event listener does not handle the following event types: HOSTMOVED, HOSTREMOVED, HOSTUPDATED. In combination with other applications, this could lead to the...

0L4Bs - Cross-site Scripting Labs For Web Application Security Enthusiasts

Cross-site scripting labs for web application security enthusiasts List of Chall : Chall 1 | URL Chall 2 | Form Chall 3 | User-Agent Chall 4 | Referrer Chall 5 | Cookie Chall 6 | LocalStorage Chall 7 | Login Page Chall 8 | File Upload Chall 9 | Base64 Encoding Chall 10 | Removes Alert Chall 11 |...

Netstat2Neo4J - Create Cypher Create Statements For Neo4J Out Of Netstat Files From Multiple Machines

Graphs help to spot anomalies and patterns in large datasets. This script takes netstat information from multiple hosts and formats them in a way to make them importable into Neo4j. Neo4j can be queried for find connections to certain hosts, from certain hosts, find out the usage or protocols and...

UAC-A-Mola - Tool That Allows Security Researchers To Investigate New UAC Bypasses, In Addition To Detecting And Exploiting Known Bypasses

UAC-A-Mola is a tool that allows security researchers to investigate new UAC bypasses, in addition to detecting and exploiting known bypasses. UAC-A-mola has modules to carry out the protection and mitigation of UAC bypasses. The strong point of uac-a-mola is that it was created so that other...

Phishing-Simulation - Aims To Increase Phishing Awareness By Providing An Intuitive Tutorial And Customized Assessment

Phishing Simulation mainly aims to increase phishing awareness by providing an intuitive tutorial and customized assessment without any actual setup - no domain, no infrastructure, no actual email address to assess people's action on any given situation and gives ability to understand what is the...

Discuz!ML v3.x - Code Injection Vulnerability

Document Title: =============== Discuz!ML v3.x - Code Injection Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2185 Download: https://www.vulnerability-lab.com/resources/documents/2185.rar http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13956...

pwn

PWNexecrise Basic rop toturial Challengs pwnbasicrop Toturial: https://www.anquanke.com/post/id/164530 Basic rop toturial 2 Challengs pwnbasicrop2 Toturial: https://www.anquanke.com/post/id/168468...

PhoneSploit v1.2 - Using Open Adb Ports We Can Exploit A Andriod Device

Using open Adb ports we can exploit an Andriod device. you can find open ports here https://www.shodan.io/search?query=android+debug+bridge+product%3A”Android+Debug+Bridge” To find out how to access a local device -- https://www.youtube.com/watch?v=OlhCAX1qBQo Recent News New Update v.1.2 Port...

Cheat Engine - A Development Environment Focused On Modding

Cheat Engine is an open source tool designed to help you with modifying single player games running under window so you can make them harder or easier depending on your preferencee.g: Find that 100hp is too easy, try playing a game with a max of 1 HP, but also contains other usefull tools to help...

[SECURITY] Fedora 29 Update: botan2-2.9.0-1.fc29

Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...

Typo3 CMS BrowserMaps Leaflet Tutorial tx_browser_pi1 8.0.39 SQL Injection

Exploit Title : Typo3 CMS BrowserMaps Leaflet Tutorial txbrowserpi1 8.0.39 SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 18/02/2019 Vendor Homepage : typo3-organiser.de typo3.org Software Download Links :...

Lazygit - Simple Terminal UI For Git Commands

A simple terminal UI for git commands, written in Go with the gocui library. Are YOU tired of typing every git command directly into the terminal, but you're too stubborn to use Sourcetree because you'll never forgive Atlassian for making Jira? This is the app for you! Installation Homebrew brew...

Pwndb - Search For Creadentials Leaked On Pwndb

A data leak differs from a data breach in that the former usually happens through omission or faulty practices rather than overt action, and may be so slight that it is never detected. While a data breach usually means that sensitive data has been harvested by someone who should not have accessed...