Home Tools Page 108

Tools

The latest hacking and hacker tools. Open source offensive and defensive security tools. Browse interactive maps of offensive security tools used by malicious actors and cybercriminals. Check out some live threat maps and malware intelligence databases.

This will be a curated list of mostly open source hacking tools. These can range from Red Teaming offensive security tools to fuzzers and debuggers for malware analysis. We are always looking for new state of the art tools that can be used for security professionals. Please feel free to send us a tool via email or one of our social media accounts.

Glibc Tunables Privilege Escalation

0
Authored by Blasty, jheysel-r7, Qualys Threat Research Unit | Site metasploit.com A buffer overflow exists in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. It...

Vinchin Backup And Recovery Command Injection

0
Authored by Valentin Lobstein, Gregory Boddin | Site metasploit.com This Metasploit module exploits a command injection vulnerability in Vinchin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.*. Due to insufficient...

MajorDoMo Remote Code Execution

0
Authored by Valentin Lobstein MajorDoMo versions prior to 0662e5e suffer from an unauthenticated remote code execution vulnerability. advisories | CVE-2023-50917 Change Mirror Download **Introduction**MajorDoMo, a beacon in Russian home automation and particularly favored...

Atlassian Confluence Improper Authorization / Code Execution

0
Authored by Atlassian, jheysel-r7 | Site metasploit.com This improper authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker...

Terrapin SSH Connection Weakening

0
Authored by Jorg Schwenk, Marcus Brinkmann, Fabian Baumer | Site terrapin-attack.com In this paper, the authors show that as new encryption algorithms and mitigations were added to SSH, the SSH...

Asterisk 20.1.0 Denial Of Service

0
Authored by Sandro Gauci | Site enablesecurity.com When handling DTLS-SRTP for media setup, Asterisk version 20.1.0 is susceptible to denial of service due to a race condition in the hello...

PKP-WAL 3.4.0-3 Remote Code Execution

0
Authored by EgiX | Site karmainsecurity.com PKP Web Application Library (PKP-WAL) versions 3.4.0-3 and below, as used in Open Journal Systems (OJS), Open Monograph Press (OMP), and Open Preprint Systems...

RTPEngine mr11.5.1.6 Denial Of Service

0
Authored by Sandro Gauci | Site enablesecurity.com RTPEngine version mr11.5.1.6 suffers from a denial of service vulnerability via DTLS Hello packets during call initiation. Change Mirror Download # RTPEngine susceptible to Denial...

Chrome V8 Sandbox Escape

0
Authored by R3tro74 | Site retr0.zip Proof of concept exploit for a new technique to escape from the Chrome V8 sandbox.

osCommerce 4.13-60075 Shell Upload

0
Authored by nu11secur1ty osCommerce version 4.13-60075 suffers from a remote shell upload vulnerability. Change Mirror Download ## Title: osCommerce 4.13-60075 File-Upload-RCE## Author: nu11secur1ty## Date: 12/14/2023## Vendor: https://www.oscommerce.com/## Software: https://www.oscommerce.com/download-file## Reference: https://portswigger.net/web-security/file-upload## Description:The...