Search the Community
Showing results for tags 'v2.0.7'.
-
HaE is used to highlight HTTP requests and extract information from HTTP response messages or request messages. The plugin can custom regular expressions to match HTTP response messages. You can decide for yourself whether the corresponding request that meets the custom regular expression match needs to be highlighted and information extracted. Note: The use of HaE requires a basic regular expression foundation for testers. Since the Java regular expression library is not as elegant or convenient as Python when using regular expressions, HaE requires users to use () to extract what they need The expression content contains; for example, if you want to match a response message of a Shiro application, the normal matching rule is rememberMe=delete, if you want to extract this content, you need to become (rememberMe=delete). [hide][Hidden Content]]
-
Targeting countries, OS, browsers, device types (mobile, tablet, PC), categories Click-fraud protection 2 payments model CPC (cost per click), CPM (cost per impression) Manage users, sites, campaigns, ads Impressions, clicks statistics Separate admin, advertiser/webmaster, moderator accounts 16 most popular banner sizes Responsive HTML 5 ad units Visual ad unit builder Internal user support system [Hidden Content] [hide][Hidden Content]]
-
SUDO_KILLER is a tool that can be used for privilege escalation on the Linux environment by abusing SUDO in several ways. The tool helps to identify misconfiguration within sudo rules, vulnerability within the version of sudo being used (CVEs and vulns), and the use of dangerous binary, all of these could be abused to elevate privilege to ROOT. SUDO_KILLER will then provide a list of commands or local exploits which could be exploited to elevate privilege. It is worth noting that the tool does not perform any exploitation on your behalf, the exploitation will need to be performed manually and this is intended. Features Some of the checks/functionalities that are performed by the tool. Misconfigurations Dangerous Binaries Vulnerable versions of sudo – CVEs Dangerous Environment Variables Credential Harvesting Writable directories where scripts reside Binaries that might be replaced Identify missing scripts What version 2 of SK includes: New checks and/or scenarios CVE-2019-14287 – runas No CVE yet – sudoedit – absolute path CVE-2019-18634 – pwfeedback User Impersonation list of users in sudo group Performance improved Bugs corrected (checks, export, report,…) Continous improvement of the way output presented New videos will be added soon Annonying password input several time removed New functionality: offline mode – ability to extract the required info from audited system and run SK on host. Testing environment : A docker to play with the tool and different scenarios, you can also train on PE. [hide][Hidden Content]]
-
- 1
-
- sudo_killer
- v2.0.7
-
(and 8 more)
Tagged with: