Three main source versions of the control system Git, Subversion (svn), CVS, Mercurial, today released an update patch that fixes a client code execution vulnerability. The vulnerability was discovered and...
Exploitation / Network PenTest
by do son · Published August 12, 2017 · Last modified November 4, 2024
MODBUS Modbus is a serial communications protocol originally published by Modicon (now Schneider Electric) in 1979 for use with its programmable logic controllers (PLCs). Simple and robust, it has since become a de facto standard communication protocol and is now a...
EggShell is an iOS and macOS post exploitation surveillance pentest tool written in Python. This tool creates 1 line multi-stage payloads that give you a command line session with extra...
Exploitation / Network PenTest
by do son · Published August 7, 2017 · Last modified November 4, 2024
labs: Vulnerability Labs for security analysis Download
Exploitation / Network PenTest / Sniffing & Spoofing
by do son · Published August 7, 2017 · Last modified November 4, 2024
Introduction Zarp is a network attack tool centered around the exploitation of local networks. This does not include system exploitation, but rather abusing networking protocols and stacks to take over,...
Exploitation / Information Gathering / Maintaining Access / Network PenTest / Post Exploitation / Vulnerability Analysis / Web Exploitation / Web Information Gathering / Web Maintaining Access / Web Vulnerability Analysis / WebApp PenTest
by do son · Published August 6, 2017
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others. Contents Contents Network Analysis IP Whois DNS...
What is SMBLoris? SMBLoris is a remote and uncredentialed denial of service attack against Microsoft® Windows® operating systems, caused by a 20+ year old vulnerability in the Server Message Block (SMB) network protocol implementation. What versions of Windows are affected?...
Exploitation / Information Gathering / Network PenTest / Vulnerability Analysis
by do son · Published August 3, 2017 · Last modified November 4, 2024
Penetration Testing SQL server SQL Server is a relational database management system from Microsoft, which is used as a central location to save and obtain data needed for applications. It...
Nitro Pro PDF Reader 11.0.3.173 Javascript API Remote Code Execution This module exploits an unsafe Javascript API implemented in Nitro and Nitro Pro PDF Reader version 11. The saveAs() Javascript...
Exploitation / Metasploit / Network PenTest
by do son · Published July 28, 2017 · Last modified November 4, 2024
Shellter Shellter is a dynamic shellcode injection tool, and the first truly dynamic PE infector ever created. It can be used in order to inject shellcode into native Windows applications...
Exploitation / Metasploit / Network PenTest
by do son · Published July 25, 2017 · Last modified November 4, 2024
Msfvenom is the combination of payload generation and encoding. It replaced msfpayload and msfencode on June 8th 2015. To start using msfvenom, first please take a look at the options...
This script will generate payloads for basic intrusion detection avoidance. It utilizes publicly demonstrated techniques from several different sources. Installation Setting up samba shares: 1.) apt-get install samba 2.) vi/nano/whatever...
What is CVE-2017-4901? The drag-and-drop (DnD) function in VMware Workstation and Fusion has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system...
Exploitation / Metasploit / Network PenTest
by do son · Published July 21, 2017 · Last modified November 4, 2024
Tool Name: MeterSSH Written by: David Kennedy Company: TrustedSec Website: https://www.trustedsec.com Twitter: @TrustedSec, @HackingDave MeterSSH is a way to take shellcode, inject it into memory then tunnel whatever port you want to...
phishery A Simple SSL Enabled HTTP server with the primary purpose of phishing credentials via Basic Authentication. Phishery also provides the ability easily to inject the URL into a .docx...
Support Securityonline.info site. Thanks!
