Search the Community

Showing results for tags 'vulnerability'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
    • Moderators
    • Administration
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Cracking Zone
  • Security & Anonymity
  • Operating Systems | Hardware | Programs
  • Graphic Design
  • vBCms Comments
  • live stream tv
  • Marketplace
  • Premium Accounts
  • Modders Section
  • PRIV8-Section
  • Cracking Zone PRIV8
  • Carding Zone PRIV8

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location


Interests


Occupation


TeamViewer


Twitter


Facebook


Youtube


Google+


Tox

Found 41 results

  1. Introduction WPScan is a free and automated black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their sites. You can use it to remotely scan WordPress installations, to find vulnerabilities within the core version, plugins, and themes. It’s maintained by the WPScan Team. v3.7.8 Fixed Issue with CF-Connecting-IP header provided in CLI which was also sent to VulnAPI - #1451 [HIDE][Hidden Content]]
  2. Host Header Attack Vulnerability Demonstration | POC | Penetration Testing Video Tutorial [Hidden Content]
  3. WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites. v3.7.7 Fixed rare crash due to conflict between slugs and API endpoints Fixed Incorrect RDF URLs detection [HIDE][Hidden Content]]
  4. Introduction WPScan is a free and automated black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their sites. You can use it to remotely scan WordPress installations, to find vulnerabilities within the core version, plugins, and themes. It’s maintained by the WPScan Team. WPScan is a black box WordPress vulnerability scanner. Changelog v3.7.6 Status code from responses are now displayed as interesting entries for KnownLocation finders Code updated to be compatible with ruby 2.7+ [HIDE][Hidden Content]]
  5. Descripción Simple Vulnerability Manager es la herramienta perfecta para cualquier analista de vulnerabilidades, ya que con tan solo un par de clicks se podrán tanto realizar completos análisis sobre las debilidades de un sistema como generar informes sobre los mismos que ayudarán a comprender y solucionar los distintos problemas que estas vulnerabilidades puedan estar causando. Esta aplicación incluye una base de datos que contiene la gran mayoría de vulnerabilidades que un equipo puede sufrir, organizadas en Web Scanners, Service Scanners, Static Scanners y Mobile. Dentro de estas secciones, junto a la vulnerabilidad pertinente, los usuarios podrán encontrar una breve descripción en la que se especifica que es lo que crea el problema, el impacto que este tiene sobre el sistema y los pasos que se han de seguir para solucionarla. Una de las características más interesantes de Simple Vulnerability Manager es la posibilidad de crear y gestionar proyectos a los clientes a los que se estén realizando seguimientos. Estos proyectos servirán para añadir comentarios personalizados y capturas de pantalla que servirán como prueba individual para cada una de las vulnerabilidades que hayan sido detectadas en las web y direcciones IP. Add - Se agregado Drag And Drop para agregar las imágenes en la evidencia y el screenshot del Proyecto. BugFix - Arreglado al generar el Reporte en Word si el nombre del proyecto tenia un carácter no permitido como nombre de archivo valido. [HIDE][Hidden Content]]
  6. Vulnx is An Intelligent Bot Auto Shell Injector that detect vulnerabilities in multiple types of Cms, fast cms detection,informations gathering and vulnerabilitie Scanning of the target like subdomains, ipaddresses, country, org, timezone, region, ans and more ... Instead of injecting each and every shell manually like all the other tools do, VulnX analyses the target website checking the presence of a vulnerabilitie if so the shell will be Injected.searching urls with dorks Tool. Features Detect cms (wordpress, joomla, prestashop, drupal, opencart, magento, lokomedia) Target informations gatherings Target Subdomains gathering Multi-threading on demand Checks for vulnerabilities Auto shell injector Exploit dork searcher Ports Scan High Level Dns-Servers Dump Input multiple target to scan. Dorks Listing by Name& by ExploitName. Export multiple target from Dorks into a logfile. v1.9 Add Vulnx−Mode interactive mode Add Command Line Interface Class cli Add Dork Functionnality to Vulnx−Mode Fix DNSDUMP Functionnality [HIDE][Hidden Content]]
  7. BlueKeep CVE-2019-0708 is a critical Remote Code Execution vulnerability in Microsoft’s RDP service. This only targets Windows 2008 R2 and Windows 7 SP1. [Hidden Content]
  8. 0x1

    Trivy

    A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI. Abstract Trivy (tri pronounced like trigger, vy pronounced like envy) is a simple and comprehensive vulnerability scanner for containers. A software vulnerability is a glitch, flaw, or weakness present in the software or in an Operating System. Trivy detects vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc.) and application dependencies (Bundler, Composer, npm, yarn etc.). Trivy is easy to use. Just install the binary and you're ready to scan. All you need to do for scanning is to specify an image name of the container. It is considered to be used in CI. Before pushing to a container registry, you can scan your local container image easily. Features Detect comprehensive vulnerabilities OS packages (Alpine, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, Debian, Ubuntu, Amazon Linux and Distroless) Application dependencies (Bundler, Composer, Pipenv, Poetry, npm, yarn and Cargo) Simple Specify only an image name Easy installation apt-get install, yum install and brew install is possible No pre-requisites such as installation of DB, libraries, etc. (The exception is that you need rpm installed to scan images based on RHEL/CentOS. This is automatically included if you use our installers or the Trivy container image.) High accuracy Especially Alpine Linux and RHEL/CentOS Other OSes are also high DevSecOps Suitable for CI such as Travis CI, CircleCI, Jenkins, etc. Gif Demo More info && Download [hide][Hidden Content]]
  9. WPScan is a black box WordPress vulnerability scanner. Changelog v3.7.4 Fixed Incorrect wp-content detected from links in homepage – Ref #1412 Fixed exception raised by old version of activesupport in some cases – Ref #1419 WPScan can now run on Windows, thanks @Reelix – Ref wpscanteam/CMSScanner#114 Adds detection of WP, Plugins, Themes, Main Themes and their versions from 404 [HIDE][Hidden Content]]
  10. ITWSV is an automated penetration testing tool that performs information gathering, auditing, and reporting. TOOLS USED FOR PENTEST WHOIS DNSWALK FIERCE DNSRecon DNSenum NMAP DMitry theHarvester LBD SSLScan SSLYze WhatWeb Automater Grabber Parsero Uniscan Metagoofil A2SV WPScan Droopescan WPSeku XssPy Spaghetti sublist3r WAFW00F nslookup nslookup dirsearch OWASP Joomscan Spaghetti Globuster Grabber OTHER TOOLS Pureblood Wapiti Lscript Trity RED_HAWK [HIDE][Hidden Content]]
  11. Traxss Automated Vulnerability Scanner for XSS | Written in Python3 | Utilizes Selenium Headless DEMO Background Traxss is a Hacktoberfest Project! If you are looking for a place to make contribute, please feel free. Traxss is an automated framework to scan URLs and webpages for XSS Vulnerabilities. It includes over 575 Payloads to test with and multiple options for robustness of tests. View the gif above to see a preview of the fastest type of scan. Download: [Hidden Content]
  12. Automated Vulnerability Scanner for XSS | Written in Python3 | Utilizes Selenium Headless Traxss is a Hacktoberfest Project! If you are looking for a place to make contribute, please feel free. Traxss is an automated framework to scan URLs and webpages for XSS Vulnerabilities. It includes over 575 Payloads to test with and multiple options for robustness of tests. View the gif above to see a preview of the fastest type of scan. [HIDE][Hidden Content]]
  13. WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites. Changelog v3.7.3 Fixed Incorrect parsing of theme data when new lines before/after comments were stripped from the CSS file – Ref #1404 Improved passive detection of WordPress Default wp-content location is now checked regardless of the detection mode choose, if the directory could not be detected passively Fixed empty username returned in some cases when detected via Author ID brute forcing. Fixed an issue where some plugins/themes were not detected when using he --scope option Fixed incorrect detection of the wp-content folder in some cases – Ref #1411 [HIDE][Hidden Content]]
  14. [Hidden Content]
  15. 0x1

    Vuls - VULnerability Scanner

    Vulnerability scanner for Linux/FreeBSD, agentless, written in golang. Agent-less vulnerability scanner for Linux, FreeBSD, Container Image, Running Container, WordPress, Programming language libraries, Network devices For a system administrator, having to perform security vulnerability analysis and software update on a daily basis can be a burden. To avoid downtime in a production environment, it is common for a system administrator to choose not to use the automatic update option provided by the package manager and to perform update manually. This leads to the following problems. The system administrator will have to constantly watch out for any new vulnerabilities in NVD (National Vulnerability Database) or similar databases. It might be impossible for the system administrator to monitor all the software if there are a large number of software packages installed in the server. It is expensive to perform analysis to determine the servers affected by new vulnerabilities. The possibility of overlooking a server or two during analysis is there. Vuls is a tool created to solve the problems listed above. It has the following characteristics. Informs users of the vulnerabilities that are related to the system. Informs users of the servers that are affected. Vulnerability detection is done automatically to prevent any oversight. A report is generated on a regular basis using CRON or other methods. to manage vulnerability. More info & Download [hide][Hidden Content]] Demo ascii [hide][Hidden Content]]
  16. WPScan is a black box WordPress vulnerability scanner. Changelog v3.6.3 Fixed unhandled error when performing password attack against wp-login.php and a 302 response only contained one cookie – Ref #1378 [HIDE][Hidden Content]]
  17. dEEpEst

    Web Vulnerability Scanners

    [Hidden Content]
  18. pocsuite3 pocsuite3 is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the Knownsec 404 Team. It comes with a powerful proof-of-concept engine, many powerful features for the ultimate penetration testers and security researchers. Features PoC scripts can running with attack,verify, shell mode in different way Plugin ecosystem Dynamic loading PoC script from any where (local file, redis , database, Seebug …) Load multi-target from any where (CIDR, local file, redis , database, Zoomeye, Shodan …) Results can be easily exported Dynamic patch and hook requests Both command line tool and python package import to use IPV6 support Global HTTP/HTTPS/SOCKS proxy support Simple spider API for PoC script to use Integrate with Seebug (for load PoC from Seebug website) Integrate with ZoomEye (for load target from ZoomEye Dork) Integrate with Shodan (for load target from Shodan Dork) Integrate with Ceye (for verify blind DNS and HTTP request) Friendly debug PoC scripts with IDEs More … Changelog version 1.4.6 Fix problems with -v Fix problems that may occur when loading multiple pocs [HIDE][Hidden Content]]
  19. WPScan is a black box WordPress vulnerability scanner. Changelog v3.5.5 Secunia Reference URL updated (via CMSScanner 0.5.3) Fixes an issue with the Password Attack via XMLRPC, where the Interface could be found as active when it was disabled – #1365 [HIDE][Hidden Content]]
  20. vulnx v1.7 - CMS-Detector and Vulnerability Scanner & exec automatic exploit process Vulnx is An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms, fast cms detection, information gathering and vulnerabilities Scanning of the target like subdomains, IP addresses, country, org, timezone, region, and more … Instead of injecting each and every shell manually like all the other tools do, VulnX analyses the target website checking the presence of vulnerability if so the shell will be Injected.searching urls with dorks Tool. Features Detect cms (wordpress, joomla, prestashop, drupal, opencart, magento, lokomedia) Target informations gatherings Target Subdomains gathering Multi-threading on demand Checks for vulnerabilities Auto shell injector Exploit dork searcher Ports Scan High Level Dns-Servers Dump Input multiple targets to scan. Dorks Listing by Name& by ExploitName. Export multiple targets from Dorks into a log file. Changelog v1.7 Update Dockerfile [HIDE][Hidden Content]]
  21. Pompem - Exploit and Vulnerability Finder Pompem is an open source tool, designed to automate the search for Exploits and Vulnerability in the most important databases. Developed in Python, has a system of advanced search, that help the work of pentesters and ethical hackers. In the current version, it performs searches in PacketStorm security, CXSecurity, ZeroDay, Vulners, National Vulnerability Database, WPScan Vulnerability Database ... Screenshots Source code You can download the latest tarball by clicking here or latest zipball by clicking here. You can also download Pompem directly from its Git repository: $ git clone [Hidden Content] Dependencies Pompem works out of the box with Python 3.5 on any platform and requires the following packages: Requests 2.9.1+ Installation Get Pompem up and running in a single command: $ pip3.5 install -r requirements.txt You may greatly benefit from using virtualenv, which isolates packages installed for every project. If you have never used it, simply check [this tutorial] ([Hidden Content]) . Usage To get the list of basic options and information about the project: $ python3.5 pompem.py -h Options: -h, --help show this help message and exit -s, --search <keyword,keyword,keyword> text for search --txt Write txt File --html Write html File Examples of use: $ python3.5 pompem.py -s Wordpress $ python3.5 pompem.py -s Joomla --html $ python3.5 pompem.py -s "Internet Explorer,joomla,wordpress" --html $ python3.5 pompem.py -s FortiGate --txt $ python3.5 pompem.py -s ssh,ftp,mysql Download: [HIDE][Hidden Content]]
  22. This is a quick-and-dirty scanner for the CVE-2019-0708 vulnerability in Microsoft Remote Desktop. Right now, there are about 900,000 machines on the public Internet vulnerable to this vulnerability, so many are to expect a worm soon like WannaCry and notPetya. Therefore, scan your networks and patch (or at least, enable NLA) on vulnerable systems. This is a command-line tool. You can download the source and compile it yourself, or you can download one of the pre-compiled binaries for Windows or macOS from the link above. [HIDE][Hidden Content]]
  23. Seccubus automates regular vulnerability scans with various tools and aids security people in the fast analysis of its output, both on the first scan and on repeated scans. On repeated scan delta reporting ensures that findings only need to be judged when they first appear in the scan results or when their output changes. Seccubus 2.x is the only actively developed and maintained branch and all support for Seccubus V1 has officially been dropped. Seccubus V2 works with the following scanners: Nessus OpenVAS Skipfish Medusa (local and remote) Nikto (local and remote) NMap (local and remote) OWASP-ZAP (local and remote) SSLyze Medusa Qualys SSL labs testssl.sh (local and remote) [Hidden Content]
  24. Yaazhini is a free vulnerability scanner for android APK and API. It is a user-friendly tool that you can easily scan any APK and API of android application and fin the vulnerabilities. Yaazhini includes vulnerability scan of API, the vulnerability of APK and reporting section to generate a report. System Requirements Operating Systems Mac OSX(64bit), Windows(64bit & 32bit) RAM Minimum Usage 4GB of available memory. 16GB required for larger Android Apps Storage 10GB of available disk space Dependancy Software Java 1.8+ Advantages of Yaazhini Scan Android APK by just one click Scan Android Application REST API (emulator, device) Generate report Free to use Easy to use How to use Yaazhini Android Application APK Scanner [HIDE][Hidden Content]]