Home Tools Page 274

Tools

The latest hacking and hacker tools. Open source offensive and defensive security tools. Browse interactive maps of offensive security tools used by malicious actors and cybercriminals. Check out some live threat maps and malware intelligence databases.

This will be a curated list of mostly open source hacking tools. These can range from Red Teaming offensive security tools to fuzzers and debuggers for malware analysis. We are always looking for new state of the art tools that can be used for security professionals. Please feel free to send us a tool via email or one of our social media accounts.

Xen PV Guest Non-SELFSNOOP CPU Memory Corruption

Authored by Jann Horn, Google Security Research On CPUs without SELFSNOOP support, a Xen PV domain that has access to a PCI device (which grants the domain the ability to...

EQS Integrity Line Cross Site Scripting / Information Disclosure

Authored by Giovanni Pellerano | Site ush.it EQS Integrity Line versions through 2022-07-01 suffer from cross site scripting and sensitive information disclosure vulnerabilities. advisories | CVE-2022-34007 Change Mirror Download EQS Integrity Line: Multiple...

DouPHP 1.2 Release 20141027 SQL Injection

Authored by indoushka DouPHP version 1.2 Release 20141027 suffers from a remote SQL injection vulnerability. Change Mirror Download ====================================================================================================================================| # Title : DouPHP v1.2 Release 20141027 SQL Injection...

Ransom Lockbit 3.0 MVID-2022-0620 Buffer Overflow

Authored by malvuln | Site malvuln.com Lockbit ransomware version 3.0 apparently now requires a password to execute as noted by "@vxunderground", but does not properly check bounds for both the...

Windows Defender Remote Credential Guard Authentication Relay Privilege Escalation

Authored by James Forshaw, Google Security Research The handling of Windows Defender Remote Credential Guard credentials is vulnerable to authentication relay attacks leading to elevation of privilege or authentication bypass. advisories...

Advanced Testimonials Manager 5.6 SQL Injection

Authored by indoushka Advanced Testimonials Manager version 5.6 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Change Mirror Download ====================================================================================================================================| # Title : Advanced...

Ransom Lockbit 3.0 MVID-2022-0621 Code Execution

Authored by malvuln | Site malvuln.com Lockbit version 3.0 ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, in this case "RstrtMgr.dll", execute...

Magnolia CMS 6.2.19 Cross Site Scripting

Authored by Giulio Garzia Magnolia CMS versions 6.2.19 and below suffer from a persistent cross site scripting vulnerability. advisories | CVE-2022-33098 Change Mirror Download # Exploit Title: Magnolia CMS <= 6.2.19 - Stored...

Paymoney 3.3 Cross Site Scripting

Authored by nu11secur1ty Paymoney version 3.3 suffers from a cross site scripting vulnerability. Change Mirror Download ## Title: paymoney-3.3 XSS-Reflected## Author: nu11secur1ty## Date: 07.02.2022## Vendor: https://paymoney.techvill.org/## Software: paymoney-3.3## Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/paymoney/2022/paymoney-3.3Description:The parameters first_name...

PHP Library Remote Code Execution

Authored by Eldar Marcussen Several PHP compatibility libraries contain a potential remote code execution flaw in their json_decode() function based on having copy pasted existing vulnerable code. Affected components include...