Home Tools Page 272

Tools

The latest hacking and hacker tools. Open source offensive and defensive security tools. Browse interactive maps of offensive security tools used by malicious actors and cybercriminals. Check out some live threat maps and malware intelligence databases.

This will be a curated list of mostly open source hacking tools. These can range from Red Teaming offensive security tools to fuzzers and debuggers for malware analysis. We are always looking for new state of the art tools that can be used for security professionals. Please feel free to send us a tool via email or one of our social media accounts.

Windows Kernel nt!MiRelocateImage Invalid Read

Authored by Google Security Research, mjurczyk The Microsoft Windows kernel suffers from an invalid read in nt!MiRelocateImage while parsing a malformed PE file. advisories | CVE-2022-30155

Travel Tours Script 1.0 SQL Injection

Authored by CraCkEr Travel Tours Script version 1.0 suffers from a remote SQL injection vulnerability. Change Mirror Download ┌┌────────────────────────────────────────────────────────────────────────────┐││ ...

Property Listing Script 3.1 SQL Injection

Authored by CraCkEr Property Listing Script version 3.1 suffers from a remote SQL injection vulnerability. Change Mirror Download ┌┌────────────────────────────────────────────────────────────────────────────────────┐││ ...

Orange Station 1.0 SQL Injection

Authored by nu11secur1ty Orange Station version 1.0 suffers from a remote SQL injection vulnerability. Change Mirror Download ## Title: Orange Station 1.0 SQLi## Author: nu11secur1ty## Date: 0.16.2022## Vendor: https://www.mayurik.com/## Software: https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html## Reference:...

Backdoor.Win32.HoneyPot.a MVID-2022-0622 Weak Hardcoded Password

Authored by malvuln | Site malvuln.com Backdoor.Win32.HoneyPot.a malware suffers from a weak hardcoded password vulnerability. Change Mirror Download Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source: https://malvuln.com/advisory/e3bb503f9b02cf57341695f30e31128f.txtContact: [email protected]: twitter.com/malvulnThreat:...

Builder XtremeRAT 3.7 MVID-2022-0623 Insecure Permissions

Authored by malvuln | Site malvuln.com Builder XtremeRAT malware version 3.7 suffers from an insecure permissions vulnerability. Change Mirror Download Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source: https://malvuln.com/advisory/7f314e798c150aedd9ce41ed39318f65.txtContact:...

Builder XtremeRAT 3.7 MVID-2022-0624 Insecure Crypto Bypass

Authored by malvuln | Site malvuln.com Builder XtremeRAT malware version 3.7 suffers from an insecure cryptography implementation vulnerability that allows an attacker to login with only partial knowledge of a...

Asus GameSDK 1.0.0.4 Unquoted Service Path

Authored by Angelo Pio Amirante Asus GameSDK version 1.0.0.4 suffers from an unquoted service path vulnerability in GameSDK.exe. advisories | CVE-2022-35899 Change Mirror Download # Exploit Title: Asus GameSDK v1.0.0.4 - 'GameSDK.exe' Unquoted...

Windows LSA Service LsapGetClientInfo Impersonation Level Check Privilege Escalation

Authored by James Forshaw, Google Security Research On Microsoft Windows, the LsapGetClientInfo API in LSASRV will fallback and directly capture a caller's impersonation token if it fails to impersonate, leading...

Sourcegraph gitserver sshCommand Remote Command Execution

Authored by Spencer McIntyre, Altelus1 | Site metasploit.com A vulnerability exists within Sourcegraph's gitserver component that allows a remote attacker to execute arbitrary OS commands by modifying the core.sshCommand value...