Home Tools Page 3

Tools

The latest hacking and hacker tools. Open source offensive and defensive security tools. Browse interactive maps of offensive security tools used by malicious actors and cybercriminals. Check out some live threat maps and malware intelligence databases.

This will be a curated list of mostly open source hacking tools. These can range from Red Teaming offensive security tools to fuzzers and debuggers for malware analysis. We are always looking for new state of the art tools that can be used for security professionals. Please feel free to send us a tool via email or one of our social media accounts.

CyberPanel Command Injection

0
Authored by Luka Petrovic | Site github.com Proof of concept exploit for a command injection vulnerability in CyberPanel. This vulnerability enables unauthenticated attackers to inject and execute arbitrary commands on...

Qualitor 8.24 Server-Side Request Forgery

0
Authored by OpenXP Research Team | Site github.com Qualitor versions 8.24 and below suffer from an unauthenticated server-side request forgery vulnerability. advisories | CVE-2024-48360 Change Mirror Download # CVE-2024-48360 | Qualitor <= v8.24...

WordPress Automatic 3.92.0 Path Traversal / Server-Side Request Forgery

0
Authored by Quantum-Hacker | Site github.com WordPress Automatic plugin versions 3.92.0 and below proof of concept exploit that demonstrates path traversal and server-side request forgery vulnerabilities. advisories | CVE-2024-27954

WordPress WP-Automatic SQL Injection

0
Authored by Valentin Lobstein, Rafie Muhammad | Site metasploit.com This Metasploit module exploits an unauthenticated SQL injection vulnerability in the WordPress wp-automatic plugin versions prior to 3.92.1 to achieve remote...

Xerox Printers Authenticated Remote Code Execution

0
Authored by Timo Longin, Tamas Jos | Site sec-consult.com Various Xerox printers, such as models EC80xx, AltaLink, VersaLink, and WorkCentre, suffer from an authenticated remote code execution vulnerability. advisories | CVE-2024-6333 Change...

ABB Cylon Aspect 3.08.02 logYumLookup.php Authenticated File Disclosure

0
Authored by LiquidWorm | Site zeroscience.mk ABB Cylon Aspect version 3.08.02 suffers from an authenticated arbitrary file disclosure vulnerability. Input passed through the logFile GET parameter via the logYumLookup.php script...

Lawo AG vsm LTC Time Sync Path Traversal

0
Authored by Sandro Einfeldt, Dennis Jung | Site sec-consult.com Lawo AG vsm LTC Time Sync versions prior to 4.5.6.0 suffer from a path traversal vulnerability. advisories | CVE-2024-6049 Change Mirror Download SEC Consult...

ABB Cylon Aspect 3.08.01 getApplicationNamesJS.php Building/Project Name Exposure

0
Authored by LiquidWorm | Site zeroscience.mk ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated building/project name exposure vulnerability. Change Mirror Download ABB Cylon Aspect 3.08.01 (getApplicationNamesJS.php) Building/Project Name ExposureVendor: ABB Ltd.Product...

ABB Cylon Aspect 3.08.01 persistenceManagerAjax.php Command Injection

0
Authored by LiquidWorm | Site zeroscience.mk ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands...

ABB Cylon Aspect 3.08.01 throttledLog.php Unauthenticated Log Disclosure

0
Authored by LiquidWorm | Site zeroscience.mk ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated log information disclosure vulnerability. An unauthorized attacker can reference the affected page and disclose the...