Home Tools

Tools

The latest hacking and hacker tools. Open source offensive and defensive security tools. Browse interactive maps of offensive security tools used by malicious actors and cybercriminals. Check out some live threat maps and malware intelligence databases.

This will be a curated list of mostly open source hacking tools. These can range from Red Teaming offensive security tools to fuzzers and debuggers for malware analysis. We are always looking for new state of the art tools that can be used for security professionals. Please feel free to send us a tool via email or one of our social media accounts.

OpenAsset Digital Asset Management Cross Site Scripting

0
Authored by Jack Misiura The OpenAsset Digital Asset Management web application suffers from multiple reflected and persistent cross site scripting vulnerabilities. Vulnerable versions include 12.0.19 (Cloud) and 11.2.1 (On-premise). advisories |...

Archon CMS 3.14 Cross Site Scripting

Authored by indoushka Archon CMS version 3.14 suffers from a cross site scripting vulnerability. Change Mirror Download ====================================================================================================================================| # Title : Archon CMS V3.14 XSS Vulnerability ...

FreeSWITCH 1.10.6 Missing SIP MESSAGE Authentication

0
Authored by Sandro Gauci | Site enablesecurity.com FreeSWITCH versions 1.10.6 and below fails to authenticate SIP MESSAGE requests, leading to spam and message spoofing vulnerabilities. advisories | CVE-2021-37624 Change Mirror Download # FreeSWITCH...

EgavilanMedia PHPCRUD 1.0 Cross Site Scripting

0
Authored by Mahendra Purbia EgavilanMedia PHPCRUD version 1.0 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: EgavilanMedia PHPCRUD 1.0 - 'Full Name' Stored Cross Site Scripting#...

Seagate Central Storage 2015.0916 User Creation / Command Execution

Authored by Ege Balci | Site metasploit.com This Metasploit module exploits the broken access control vulnerability in Seagate Central External NAS Storage device. Subject product suffers several critical vulnerabilities such...

WatchGuard XTM Firebox Unauthenticated Remote Command Execution

Authored by Charles FOL, Dylan Pindur, h00die-gr3y, Misterxid | Site metasploit.com This Metasploit module exploits a buffer overflow at the administration interface (8080 or 4117) of WatchGuard Firebox and XTM...

CollectorStealerBuilder Panel 2.0.0 Man-In-The-Middle

0
Authored by malvuln | Site malvuln.com The panel for Collector Stealer malware version 2.0.0 suffers from a man-in-the-middle vulnerability. Change Mirror Download Discovery / credits: Malvuln - malvuln.com (c) 2022Original source: https://malvuln.com/advisory/54530f88c8e4f4371c9418f00c256b1d_B.txtContact:...

College Website Management System 1.0 SQL Injection

0
Authored by Mr Empy College Website Management System version 1.0 suffers from a remote SQL injection vulnerability. Change Mirror Download # Exploit Title: College Website Management System 1.0 - SQL Injection# Date:...

FreeSWITCH 1.10.5 SIP SUBSCRIBE Missing Authentication

0
Authored by Sandro Gauci | Site enablesecurity.com FreeSWITCH versions 1.10.5 and below fail to authenticate SIP SUBSCRIBE requests by default. advisories | CVE-2021-41157 Change Mirror Download # FreeSWITCH does not authenticate SIP SUBSCRIBE...

JBOSS EAP/AS 6.x Remote Code Execution

Authored by Heyder Andrade, Marcio Almeida, Joao Matos | Site metasploit.com An unauthenticated attacker with network access to the JBOSS EAP/AS versions 6.x and below Remoting Unified Invoker interface can...