UCanCode - Multiple Vulnerabilities

Exploit for windows platform in category dos / poc UCanCode multiple vulnerabilities Url: http://www.hmi-software.com/ http://www.ucancode.net/index.htm http://www.ucancode.net/bbs/zhuce/login.htm Description: Form vendor's web page "UCanCode Software is a Market Leading provider of HMI & SCADA,...

geoip-attack-map - Cyber Security GeoIP Attack Map Visualization

This geoip attack map visualizer was developed to display network attacks on your organization in real time. The data server follows a syslog file, and parses out source IP, destination IP, source port, and destination port. Protocols are determined via common ports, and the visualizations vary i...

datasploit - A tool to perform various OSINT techniques

A tool to perform various OSINT techniques, aggregate all the raw data, visualise it on a dashboard, and facilitate alerting and monitoring on the data. Overview of the tool: Performs OSINT on a domain / email / username / phone and find out information from different sources. Correlates and...

OWASP SSL TLS Scanning : DeepViolet

DeepViolet is a TLS/SSL scanning API written in Java. To keep DeepViolet easy to use, identify bugs, reference implementations have been developed that consume the API. If you want to see what DeepViolet can do, use it from the command line in your scripts or use the graphical tool from the comfo...

New Google Tools Help Devs Improve Content Security Policy Protection

Cross-site scripting is the cockroach of web application security vulnerabilities, enjoying continued longevity despite the abundant availability of scanning tools and programming advice designed to squash it. Google yesterday took another shot at eradicating XSS attacks with the release of two...

Generic OS X Malware Detection Method Explained

When it comes to detecting OS X malware, the future may not be rooted in machine learning algorithms, but patterns and heatmap visualization, a researcher posits. In an academic paper published by Virus Bulletin on Monday, Vincent Van Mieghem, a former student at the Delft University of Technolog...

Microsoft Azure Cloud Security Auditing: Azurite

Microsoft Azure Cloud Security Auditing Auditing Cloud services has become an essential task and significant effort is required to assess the security of the available resources. Azurite was developed to assist penetration testers and auditors during the enumeration and reconnaissance activities...

PHP gettext 1.0.12 - (gettext.php) Unauthenticated Code Execution

Exploit for php platform in category web applications CVE-2016-6175 gettext.php | @kmkzsecurity Project Homepage: https://launchpad.net/php-gettext/ Download: https://launchpad.net/php-gettext/trunk/1.0.12/+download/php-gettext-1.0.12.tar.gz Version: 1.0.12 latest release Tested on: Linux Debian,...

Androguard - Reverse engineering, Malware and goodware analysis of Android applications

Reverse engineering, Malware and goodware analysis of Android applications ... and more ninja ! Features Androguard is a full python tool to play with Android files. Map and manipulate DEX/ODEX/APK/AXML/ARSC format into full Python objects, Diassemble/Decompilation/Modification of DEX/ODEX/APK...

Open Source Threat Intelligence Collector: OSTrICa

Open Source Threat Intelligence Collector OSTrICa stands for Open Source Threat Intelligence Collector and is an Open Source plugin-oriented framework to collect and visualize Threat Intelligence Information. Furthermore, OSTrICa is also the Italian word for oyster: that’s where the logo come fro...

Advantech Patches WebAccess Remote Code Execution Flaws

Advantech has published a new version of its WebAccess product to address vulnerabilities that put installations at risk to remote code execution attacks. Exploiting the vulnerabilities would be a challenge, however, according to an advisory published Tuesday by the Industrial Control Systems Cyb...

Certec EDV atvise SCADA Server 2.5.9 - Local Privilege Escalation

Certec EDV atvise SCADA server 2.5.9 Privilege Escalation Vulnerability Vendor: Certec EDV GmbH Product web page: http://www.atvise.com Affected version: 2.5.9 Summary: atvise scada is based on newest technologies and standards: The visualization in pure web technology as well as a consistent...

The vulnerability of the web server for visualizing BACnet/IP network controllers, SAUTER moduWeb Vision, allows a intruder to obtain confidential information.

The vulnerability of the BACnet/IP network controller visualization web server, SAUTER moduWeb Vision, is related to the transmission of data in an open manner. Exploiting this vulnerability could allow a malicious actor to obtain confidential information by listening to network traffic...

Open Source Big Data Analytics and Visualization: Lumify

Open Source Big Data Integration, Analytics, and Visualization Lumify is an open source project big data fusion, analysis, and visualization platform designed for anyone. Its intuitive web-based interface helps users discover connections and explore relationships in their data via a suite of...

iniNet SpiderControl SCADA Web Server Service 2.02 - Insecure File Permissions

iniNet SpiderControl SCADA Web Server Service 2.02 Insecure File Permissions Vendor: iniNet Solutions GmbH Product web page: http://www.spidercontrol.net Affected version: 2.02.0000 Summary: Modular and automated engineering is provided for HMI and SCADA. The tools are developed to join a large...

Network Vision IntraVue Code Injection Vulnerability

OVERVIEW Researcher Jürgen Bilberger from Daimler TSS GmbH has identified a code injection vulnerability in Network Vision’s IntraVue software. Network Vision has produced a new version that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The...

[SECURITY] Fedora 22 Update: COPASI-4.16-0.19.20150817git3bc4e9.fc22

COPASI is a software application for simulation and analysis of biochemical networks and their dynamics. COPASI is a stand-alone program that supports models in the SBML standard and can simulate their behavior using ODEs or Gillespie's stochastic simulation algorithm; arbitrary discrete events c...

[SECURITY] Fedora 23 Update: COPASI-4.16-0.19.20150817git3bc4e9.fc23

COPASI is a software application for simulation and analysis of biochemical networks and their dynamics. COPASI is a stand-alone program that supports models in the SBML standard and can simulate their behavior using ODEs or Gillespie's stochastic simulation algorithm; arbitrary discrete events c...

[SECURITY] Fedora 23 Update: openms-2.0.0-21.20150529git88dc25.fc23

OpenMS is an open-source C++ library for LC/MS data management and analyses. It offers an infrastructure for the rapid development of mass spectrometry related software. It comes with a vast variety ready-to-use tools for proteomics and metabolomics data analysis TOPPTools and powerful 2D and 3D...

Gping - Ping, But With A Graph

Ping, but with a graph Install and run Created/tested with Python 3.4, should run on 2.7 will require the statistics module though. pip3 install pinggraph Tested on Windows and Ubuntu, should run on OS X as well. After installation just run: gping yourhost If you don't give a host then it pings...