Apache Tomcat webshell application for RCEApache Tomcat webshell application for RCE A webshell application and interactive shell for pentesting Apache Tomcat servers. Features Webshell plugin... The...
Day: July 11, 2022
mageni: the vulnerability management cycle
mageni: the vulnerability management cycleMageni Mageni eases for you the vulnerability management cycle. We believe cybersecurity must be an enjoyable and uplifting experience to... The post...
Fraudulent Credit Card Maker Sentenced to 108 Months in Prison
Fraudulent Credit Card Maker Sentenced to 108 Months in PrisonA prolific fraudster who produced fraudulent credit cards using stolen card numbers from the darkweb was sentenced...
CVE-2022-2274: OpenSSL Remote Code Execution Vulnerability
CVE-2022-2274: OpenSSL Remote Code Execution VulnerabilityVersion 3.0.4 of the OpenSSL library has been discovered as susceptible to a remote memory-corruption vulnerability on select systems. Tracked... The...
CrackQL – GraphQL Password Brute-Force And Fuzzing Utility
CrackQL – GraphQL Password Brute-Force And Fuzzing UtilityCrackQL is a GraphQL password brute-force and fuzzing utility. CrackQL is a versatile GraphQL penetration testing tool that exploits...
pywhisker: Python tool for Shadow Credentials attacks
pywhisker: Python tool for Shadow Credentials attacksPyWhisker pyWhisker is a Python equivalent of the original Whisker made by Elad Shamir and written in C#. This tool allows users to......
Two Charged for Selling Counterfeit Oxycodone Pills
Two Charged for Selling Counterfeit Oxycodone PillsA federal grand jury returned an indictment charging two men for selling counterfeit pills on the darkweb. According to an......
mx-takeover: detects misconfigured MX records
mx-takeover: detects misconfigured MX recordsmx-takeover mx-takeover focuses on DNS MX records and detects misconfigured MX records. It currently supports three-technique. These are, MX domains... The post...
CVE-2022-33980: Apache Commons Configuration RCE Vulnerability
CVE-2022-33980: Apache Commons Configuration RCE VulnerabilityOn July 5, 2022, Apache Commons Configuration released version 2.8 to fix a remote code execution vulnerability. Tracked as CVE-2022-33980,... The...
crawlergo v0.4.3 releases: powerful browser crawler for web vulnerability scanners
crawlergo v0.4.3 releases: powerful browser crawler for web vulnerability scannerscrawlergo crawlergo is a browser crawler that uses chrome headless mode for URL collection. It hooks key...
tofu: modular tool for hacking offline Windows filesystems and bypassing login screens
tofu: modular tool for hacking offline Windows filesystems and bypassing login screenstofu A modular tool for hacking offline Windows filesystems and bypassing login screens. Can do...
Haxx – Untethered + Unsandboxed Code Execution Haxx As Root On iOS 14 – iOS 14.8.1
Haxx – Untethered + Unsandboxed Code Execution Haxx As Root On iOS 14 – iOS 14.8.1Untethered + Unsandboxed code execution haxx as root on iOS 14...
Researcher released CVE-2022-34265 PoC for Django SQL Injection flaw
Researcher released CVE-2022-34265 PoC for Django SQL Injection flawCVE-2022-34265 PoC (proof-of-concept) exploit code is about to be published for a vulnerability that allows an attacker to...
kubeaudit: audit Kubernetes clusters for various different security concerns
kubeaudit: audit Kubernetes clusters for various different security concernskubeaudit kubeaudit is a command-line tool and a Go package to audit Kubernetes clusters for various different security concerns,...
Ohio Man Sentenced for Buying Jewelry with Stolen Credit Cards
Ohio Man Sentenced for Buying Jewelry with Stolen Credit CardsFraudster sentenced to prison for more than six years for buying stolen credit cards on the darkweb...
Packer Fuzzer v1.4.8 releases: fast and efficient security detection of websites constructed
Packer Fuzzer v1.4.8 releases: fast and efficient security detection of websites constructedPacker Fuzzer With the popularity of web front-end packaging tools, have you encountered more and...
Pamspy – Credentials Dumper For Linux Using eBPF
Pamspy – Credentials Dumper For Linux Using eBPFpamspy leverage eBPF technologies to achieve an equivalent work of 3snake. It will track a particular userland function inside...
juumla v0.1.4 releases: scan for Joomla vulnerabilities
juumla v0.1.4 releases: scan for Joomla vulnerabilitiesjuumla Juumla is a python tool created to identify the Joomla version, scan for vulnerabilities and search for config or......
CVE-2022-32212: Node.js arbitrary code execution vulnerability
CVE-2022-32212: Node.js arbitrary code execution vulnerabilityRecently, Node.js released an advisory to fix seven vulnerabilities including three separate HTTP Request Smuggling, one code execution (CVE-2022-32212), and... The...
Secretflow – A Unified Framework For Privacy-Preserving Data Analysis And Machine Learning
Secretflow – A Unified Framework For Privacy-Preserving Data Analysis And Machine LearningSecretFlow is a unified framework for privacy-preserving data intelligence and machine learning. To achieve this...
From tech stack to cyber security MESH architecture
From tech stack to cyber security MESH architectureBy Edwin Doyle, Global Cyber Security Strategist, Check Point Software The technology stack is no longer a neat and...
Q&A: Here’s why VPNs are likely to remain a valuable DIY security tool for consumers, SMBs
Q&A: Here’s why VPNs are likely to remain a valuable DIY security tool for consumers, SMBsIt is astounding that billions of online accounts have been breached...