Pi-Hole Remove Commands Linux Privilege Escalation
Authored by h00die, Emanuele Barbeno | Site metasploit.com
Pi-Hole versions 3.0 through 5.3 allows for command line input to the removecustomcname, removecustomdns, and removestaticdhcp functions without properly validating the parameters...
Domhttpx – A Google Search Engine Dorker With HTTP Toolkit Built With Python, Can...
domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time.
Usage
Flags
This will display help for the...
Sniffle – A Sniffer For Bluetooth 5 And 4.X LE
Sniffle is a sniffer for Bluetooth 5 and 4.x (LE) using TI CC1352/CC26x2 hardware.
Sniffle has a number of useful features, including:
Support for BT5/4.2 extended length advertisement and data packetsSupport...
Microsoft Exchange AD Schema Misconfiguration Privilege Escalation
Authored by James Forshaw, Google Security Research
The msExchStorageGroup schema class added during Exchange installation can be used to create almost any AD object including users, groups or domain trusts...
Cerbrutus – Network Brute Force Tool, Written In Python
Modular brute force tool written in Python, for very fast password spraying SSH, and FTP and in the near future other network services.
COMING SOON: SMB, HTTP(s) POST, HTTP(s) GET, HTTP...
tsharkVM – Tshark + ELK Analytics Virtual Machine
This project builds virtual machine which can be used for analytics of tshark -T ek (ndjson) output. The virtual appliance is built using vagrant, which builds Debian 10 with pre-installed and...
Retoolkit – Reverse Engineer’s Toolkit
Retoolkit is a collection of tools you may like if you are interested on reverse engineering and/or malware analysis on x86 and x64 Windows systems. After installing this toolkit you'll have a folder...
ObjectPlanet Opinio 7.12 Cross Site Scripting
Authored by Ang Kar Min
ObjectPlanet Opinio version 7.12 suffers from reflective and persistent cross site scripting vulnerabilities.
advisories | CVE-2020-26563
Change Mirror Download
# Exploit Title: ObjectPlanet Opinio 7.12 allows Cross-Site Scripting#...
Denver IP Camera SHO-110 Snapshot Disclosure
Authored by Ivan Nikolsky
Denver IP Camera SHO-110 suffers from an unauthenticated disclosure of a snapshot.
Change Mirror Download
# Exploit Title: Denver IP Camera SHO-110 - Unauthenticated Snapshot# Date: 28 July...
Longjing Technology BEMS API 1.21 Remote Arbitrary File Download
Authored by LiquidWorm | Site zeroscience.mk
Longjing Technology BEMS API version 1.21 suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is...
