Home Tools Page 288

Tools

The latest hacking and hacker tools. Open source offensive and defensive security tools. Browse interactive maps of offensive security tools used by malicious actors and cybercriminals. Check out some live threat maps and malware intelligence databases.

This will be a curated list of mostly open source hacking tools. These can range from Red Teaming offensive security tools to fuzzers and debuggers for malware analysis. We are always looking for new state of the art tools that can be used for security professionals. Please feel free to send us a tool via email or one of our social media accounts.

Zyxel Remote Command Execution

Authored by jbaines-r7 | Site github.com Victorian Machinery is a proof of concept exploit for CVE-2022-30525. The vulnerability is an unauthenticated and remote command injection vulnerability affecting Zyxel firewall's that...

Ransom.Conti MVID-2022-0606 Code Execution

Authored by malvuln | Site malvuln.com Conti ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code and...

IpMatcher 1.0.4.1 Server-Side Request Forgery

Authored by Sick Codes, Kelly Kaoudis IpMatcher versions 1.0.4.1 and below for .NET Core 2.0 and .NET Framework 4.5.2 incorrectly validates octal and hexadecimal input data which can lead to...

Chrome 100 extensions::ExtensionApiFrameIdMap::GetFrameId Heap Use-After-Free

Authored by Google Security Research, Glazvunov A use-after-free issue exists in Chrome 100 and earlier versions. A malicious extension can achieve arbitrary code execution in the browser process. advisories | CVE-2022-0972

TLR-2005KSH Arbitrary File Delete

Authored by Ahmed Alroky TLR-2005KSH suffers from an arbitrary file deletion vulnerability. advisories | CVE-2021-46424 Change Mirror Download # Exploit Title: TLR-2005KSH - Arbitrary File Delete# Date: 2022-05-11# Exploit Author: Ahmed Alroky# Author...

College Management System 1.0 SQL Injection

Authored by Eren Gozaydin College Management System version 1.0 suffers from a remote SQL injection vulnerability. advisories | CVE-2022-28079 Change Mirror Download # Exploit Title: College Management System - 'course_code' SQL Injection (Authenticated)#...

AppleVideoDecoder CreateHeaderBuffer Out-Of-Bounds Free

Authored by Google Security Research, natashenka AppleVideoDecoder suffers from an out-of-bounds free vulnerability. The attached video file contains a malformed HEVC Decoder Configuration Record that leads to an out-of-bounds free...

F5 BIG-IP iControl Remote Code Execution

Authored by Alt3kx, Ron Bowes, Heyder Andrade, James Horseman | Site metasploit.com This Metasploit module exploits an authentication bypass vulnerability in the F5 BIG-IP iControl REST service to gain access...

Ransom.REvil MVID-2022-0595 Code Execution

Authored by malvuln | Site malvuln.com REvil ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and...

Ransom.REvil MVID-2022-0597 Code Execution

Authored by malvuln | Site malvuln.com REvil ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and...