Home Tools Page 237

Tools

The latest hacking and hacker tools. Open source offensive and defensive security tools. Browse interactive maps of offensive security tools used by malicious actors and cybercriminals. Check out some live threat maps and malware intelligence databases.

This will be a curated list of mostly open source hacking tools. These can range from Red Teaming offensive security tools to fuzzers and debuggers for malware analysis. We are always looking for new state of the art tools that can be used for security professionals. Please feel free to send us a tool via email or one of our social media accounts.

pixman pixman_sample_floor_y Integer Overflow

0
Authored by Google Security Research pixman versions prior to 0.42.2 suffer from an out-of-bounds write vulnerability in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. advisories | CVE-2022-44638

SentinelOne sentinelagent 22.3.2.5 Privilege Escalation

0
Authored by ouch_this_hurts SentinelOne sentinelagent version 22.3.2.5 on Linux suffers from a privilege escalation vulnerability due to not use a fully qualified path when calling grep. Change Mirror Download Exploit Title: SentinelOne...

perfSONAR 4.4.4 Open Proxy / Relay

0
Authored by Ryan Moore | Site github.com perfSONAR bundles with it a graphData.cgi script, used to graph and visualize data. There is a flaw in graphData.cgi allowing for unauthenticated users...

perfSONAR 4.4.5 Cross Site Request Forgery

0
Authored by Ryan Moore | Site github.com A partial blind cross site request forgery (CSRF) vulnerability exists in perfSONAR versions 4.x through 4.4.5 within the /perfsonar-graphs/ test results page. Parameters...

IBM Websphere Application Server 7.0 Cross Site Scripting

0
Authored by Milad Karimi IBM Websphere Application Server version 7.0 persistent cross site scripting vulnerability proof of concept details. advisories | CVE-2009-0855 Change Mirror Download # Exploit Title: IBM Websphere Application Server 7.0...

OX App Suite 7.10.6 Cross Site Scripting / SSRF / Resource Consumption

0
Authored by Martin Heiland OX App Suite versions 7.10.6 and below suffer from cross site scripting, server-side request forgery, and resource exhaustion vulnerabilities. advisories | CVE-2022-31469, CVE-2022-37307, CVE-2022-37308, CVE-2022-37309, CVE-2022-37310, CVE-2022-37311,...

Microsoft Exchange ProxyNotShell Remote Code Execution

0
Authored by Soroush Dalili, Spencer McIntyre, Orange Tsai, Rich Warren, Piotr B, DA-0x43-Dx4-DA-Hx2-Tx2-TP-S-Q | Site metasploit.com This Metasploit module chains two vulnerabilities on Microsoft Exchange Server that, when combined, allow...

Concrete CMS 9.1.3 XPATH Injection

0
Authored by nu11secur1ty Concrete CMS version 9.1.3 suffers from an XPATH injection vulnerability. Change Mirror Download ## Title: concretecms-9.1.3 Xpath injection## Author: nu11secur1ty## Date: 11.28.2022## Vendor: https://www.concretecms.org/## Software: https://www.concretecms.org/download## Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/concretecms.org/2022/concretecms-9.1.3## Description:The...

Remote Control Collection Remote Code Execution

0
Authored by h00die, H4rk3nz0 | Site metasploit.com This Metasploit module utilizes the Remote Control Server's protocol to deploy a payload and run it from the server. Remote Control Collection by...

Hirschmann (Belden) BAT-C2 8.8.1.0R8 Command Injection

0
Authored by T. Weber | Site cyberdanube.com Hirschmann (Belden) BAT-C2 version 8.8.1.0R8 suffers from a remote authenticated command injection vulnerability. advisories | CVE-2022-40282 Change Mirror Download CyberDanube Security Research 20221124-0------------------------------------------------------------------------------- ...