Home Tools Page 278

Tools

The latest hacking and hacker tools. Open source offensive and defensive security tools. Browse interactive maps of offensive security tools used by malicious actors and cybercriminals. Check out some live threat maps and malware intelligence databases.

This will be a curated list of mostly open source hacking tools. These can range from Red Teaming offensive security tools to fuzzers and debuggers for malware analysis. We are always looking for new state of the art tools that can be used for security professionals. Please feel free to send us a tool via email or one of our social media accounts.

Backdoor.Win32.Shark.btu MVID-2022-0615 Insecure Permissions

Authored by malvuln | Site malvuln.com Backdoor.Win32.Shark.btu malware suffers from an insecure permissions vulnerability. Change Mirror Download Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source: https://malvuln.com/advisory/5a83f8b8c8a8b7a85b3ff632aa60e793.txtContact: [email protected]: twitter.com/malvulnThreat: Backdoor.Win32.Shark.btuVulnerability:...

Trojan-Mailfinder.Win32.VB.p MVID-2022-0616 Insecure Permissions

Authored by malvuln | Site malvuln.com Trojan-Mailfinder.Win32.VB.p malware suffers from an insecure permissions vulnerability. Change Mirror Download Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source: https://malvuln.com/advisory/20e438d84aa2828826d52540d80bf7f.txtContact: [email protected]: twitter.com/malvulnThreat: Trojan-Mailfinder.Win32.VB.pVulnerability:...

Mitel 6800/6900 Series SIP Phones Backdoor Access

Authored by Moritz Abrell | Site syss.de Mitel 6800/6900 Series SIP Phones excluding 6970 and Mitel 6900 Series IP (MiNet) Phones have a flow to spawn a telnet backdoor on...

Lepin EP-KP001 KP001_V19 Authentication Bypass

Authored by Matthias Deeg | Site syss.de When analyzing the USB flash drive Lepin EP-KP001, Matthias Deeg found out that it uses an insecure hardware design which allows an attacker...

Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor

Authored by T. Weber | Site sec-consult.com Nexans FTTO GigaSwitch industrial/office switches HW version 5 suffer from having a hardcoded backdoor user and multiple outdated vulnerable software components. advisories | CVE-2015-0235,...

SIEMENS-SINEMA Remote Connect 3.0.1.0-01.01.00.02 Cross Site Scripting

Authored by Steffen Robertz | Site sec-consult.com SIEMENS-SINEMA Remote Connect versions 3.0.1.0-01.01.00.02 and below suffer from a cross site scripting vulnerability. advisories | CVE-2022-29034 Change Mirror Download SEC Consult Vulnerability Lab Security Advisory...

Gentics CMS 5.36.29 Cross Site Scripting / Deserialization

Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com Gentics CMS version 5.36.29 suffers from persistent cross site scripting and unsafe java deserialization vulnerabilities. advisories | CVE-2022-30981, CVE-2022-30982 Change Mirror Download SEC Consult...

SoftGuard SNMP Network Management Extension HTML Injection / File Download

Authored by Philipp Espernberger | Site sec-consult.com SoftGuard Web (SGW) versions prior to 5.1.5 suffer from html injection and arbitrary file system access allow for file downloads. advisories | CVE-2022-31201, CVE-2022-31202 Change...

XNU Flow Divert Race Condition Use-After-Free

Authored by Google Security Research, nedwill XNU suffers from a flow divert race condition use-after-free vulnerability. advisories | CVE-2022-26757

phpIPAM 1.4.5 Remote Code Execution

Authored by Guilherme Alves phpIPAM version 1.4.5 suffers from an authenticated remote code execution vulnerability. Change Mirror Download # Exploit Title: phpIPAM 1.4.5 - Remote Code Execution (RCE) (Authenticated)# Date: 2022-04-10# Exploit...