Home Tools Page 4

Tools

The latest hacking and hacker tools. Open source offensive and defensive security tools. Browse interactive maps of offensive security tools used by malicious actors and cybercriminals. Check out some live threat maps and malware intelligence databases.

This will be a curated list of mostly open source hacking tools. These can range from Red Teaming offensive security tools to fuzzers and debuggers for malware analysis. We are always looking for new state of the art tools that can be used for security professionals. Please feel free to send us a tool via email or one of our social media accounts.

ABB Cylon Aspect 3.08.01 logCriticalLookup.php Unauthenticated Log Disclosure

0
Authored by LiquidWorm | Site zeroscience.mk ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated log information disclosure vulnerability. An unauthorized attacker can reference the affected page and disclose the...

pfSense 2.5.2 Cross Site Scripting

0
Authored by EQSTLab, physicszq | Site github.com A cross site scripting vulnerability in pfsense version 2.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected...

Roundcube Webmail Cross Site Scripting

0
Authored by bartfroklage | Site github.com Roundcube Webmail versions prior to 1.5.7 and 1.6.x prior to 1.6.7 allows cross site scripting via SVG animate attributes. advisories | CVE-2024-37383

Grafana Remote Code Execution

0
Authored by z3k0sec | Site github.com This repository contains a Python script that exploits a remote code execution vulnerability in Grafana's SQL Expressions feature. By leveraging insufficient input sanitization, this...

Helakuru 1.1 DLL Hijacking

0
Authored by surajhacx | Site github.com Helakuru version 1.1 suffers from a dll hijacking vulnerability. advisories | CVE-2024-48605

Vendure Arbitrary File Read / Denial Of Service

0
Authored by EQSTLab, Rajesh Sharma | Site github.com Vendure is an open-source headless commerce platform. Prior to versions 3.0.5 and 2.3.3, a vulnerability in Vendure's asset server plugin allows an...

Linux Dangling PFN Mapping / Use-After-Free

0
Authored by Jann Horn, Google Security Research, Seth Jenkins An error path in usbdev_mmap() (where remap_pfn_range() fails midway through) frees pages before the PFN mapping pointing to those pages is...

ABB Cylon Aspect 3.08.01 networkDiagAjax.php Remote Network Utility Execution

0
Authored by LiquidWorm | Site zeroscience.mk ABB Cylon Aspect version 3.08.01 allows an unauthenticated attacker to perform network operations such as ping, traceroute, or nslookup on arbitrary hosts or IPs...

IBM Security Verify Access 10.0.8 Open Redirection

0
Authored by Giulio Garzia IBM Security Verify Access versions 10.0.0 through 10.0.8 suffer from an OAUTH related open redirection vulnerability. advisories | CVE-2024-35133 Change Mirror Download - IBM Security Verify Access >= 10.0.0...

ABB Cylon Aspect 3.08.01 databaseFileDelete.php Command Injection

0
Authored by LiquidWorm | Site zeroscience.mk ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands...