Latest Exploits / Tools

Latest Exploits

  • Fri, 28 Aug 2015 23:46:53 +0000: Pluck CMS 4.7.3 CSRF / XSS / LFI / Code Execution - Exploit Files ≈ Packet Storm
    Pluck CMS version 4.7.3 suffers from code execution, cross site request forgery, cross site scripting, and local file inclusion vulnerabilities.
  • Fri, 28 Aug 2015 23:45:15 +0000: freeSSHd 1.3.1 Denial Of Service - Exploit Files ≈ Packet Storm
    freeSSHd version 1.3.1 suffers from a denial of service vulnerability.
  • Fri, 28 Aug 2015 23:39:36 +0000: WordPress Captain Slider 1.0.6 Cross Site Scripting - Exploit Files ≈ Packet Storm
    WordPress Captain Slider plugin version 1.0.6 suffers from a stored cross site scripting vulnerability.
  • Fri, 28 Aug 2015 22:04:38 +0000: Apple OS X Entitlements Rootpipe Privilege Escalation - Exploit Files ≈ Packet Storm
    This Metasploit module exploits the rootpipe vulnerability and bypasses Apple's initial fix for the issue by injecting code into a process with the 'admin.writeconfig' entitlement.
  • Fri, 28 Aug 2015 16:11:41 +0000: QEMU Programmable Interrupt Timer Controller Heap Overflow - Exploit Files ≈ Packet Storm
    The programmable interrupt timer (PIT) controller in QEMU does not correctly validate the channel number when performing IO writes to the device controller, allowing both an information disclosure and a heap overflow within the context of the host.
  • Fri, 28 Aug 2015 16:08:27 +0000: Photo Transfer 2 1.0 Denial Of Service - Exploit Files ≈ Packet Storm
    Photo Transfer 2 version 1.0 suffers from a denial of service vulnerability.
  • Fri, 28 Aug 2015 16:06:25 +0000: PayPal Stored Cross Site Scripting - Exploit Files ≈ Packet Storm
    A stored cross site scripting vulnerability existed in the SecurePayment page on PayPal.
  • Fri, 28 Aug 2015 07:22:22 +0000: WordPress Responsive Thumbnail Slider 1.0 Shell Upload - Exploit Files ≈ Packet Storm
    WordPress Responsive Thumbnail Slider plugin version 1.0 suffers from a remote shell upload vulnerability.
  • Thu, 27 Aug 2015 14:02:22 +0000: WordPress Navis DocumentCloud 0.1 Cross Site Scripting - Exploit Files ≈ Packet Storm
    WordPress Navis DocumentCloud plugin version 0.1 suffers from a cross site scripting vulnerability.
  • Thu, 27 Aug 2015 11:11:11 +0000: FENIX 0.92 Buffer Overflow - Exploit Files ≈ Packet Storm
    FENIX versions 0.92 and below suffer from a buffer overflow vulnerability.
  • Thu, 27 Aug 2015 10:11:11 +0000: LinuxOptic CMS 2009 Authentication Bypass - Exploit Files ≈ Packet Storm
    LinuxOptic CMS 2009 suffers from an authentication bypass vulnerability.
  • Thu, 27 Aug 2015 10:01:11 +0000: WordPress Private Only 3.5.1 CSRF / Cross Site Scripting - Exploit Files ≈ Packet Storm
    WordPress Private Only plugin version 3.5.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
  • Thu, 27 Aug 2015 07:22:22 +0000: BSIGN 0.4.5 Buffer Overflow - Exploit Files ≈ Packet Storm
    BSIGN versions 0.4.5 and below suffer from a buffer overflow vulnerability.
  • Thu, 27 Aug 2015 04:04:44 +0000: Dogma India dogmaindia CMS Authentication Bypass - Exploit Files ≈ Packet Storm
    Dogma India dogmaindia CMS suffers from an authentication bypass vulnerability.
  • Thu, 27 Aug 2015 00:10:11 +0000: Windows Script Host UAC Bypass - Exploit Files ≈ Packet Storm
    The Windows Script Host executables suffer from a vulnerability due to a missing embedded manifest. Using another exploit, the combination of "wusa.exe" and "makecab.exe" files can be copied to the Windows folder. Copies of a manifest and the script host allow to execute the copied script host and bypass UAC warning messages in case the UAC settings are default. Both ZDI and Microsoft are aware of this issue, expectedly ZDI didn't accept the admission because it's not a remote vulnerability. Surprisingly Microsoft didn't accept the vulnerability because "UAC isn't considered a security boundary". Only Windows 7 is vulnerable, Windows 8 has a embedded manifest and Windows 10 is untested.
  • Wed, 26 Aug 2015 23:50:11 +0000: WordPress YouTube Embed 3.3.2 Cross Site Scripting - Exploit Files ≈ Packet Storm
    WordPress YouTube Embed plugin version 3.3.2 suffers from a stored cross site scripting vulnerability.
  • Wed, 26 Aug 2015 04:44:44 +0000: ZSNES 1.51 Stack-Based Buffer Overflow - Exploit Files ≈ Packet Storm
    ZSNES version 1.51 suffers from a buffer overflow vulnerability.
  • Wed, 26 Aug 2015 00:22:22 +0000: WordPress Car Rental System SQL Injection - Exploit Files ≈ Packet Storm
    WordPress Car Rental System plugin versions prior to 3.1 suffer from a remote SQL injection vulnerability.
  • Wed, 26 Aug 2015 00:03:33 +0000: Magento Add Administrator Account - Exploit Files ≈ Packet Storm
    Magento shoplift exploit that adds an administrator account. Flaw originally discovered by CheckPoint.
  • Tue, 25 Aug 2015 01:23:05 +0000: Microsoft Office 2007 OneTableDocumentStream Invalid Object - Exploit Files ≈ Packet Storm
    Microsoft Office 2007 suffers from a OneTableDocumentStream invalid object vulnerability.

Latest Tools

  • Wed, 26 Aug 2015 01:52:14 +0000: Fwknop Port Knocking Utility 2.6.7 - Security Tool Files ≈ Packet Storm
    fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
  • Tue, 25 Aug 2015 01:33:44 +0000: OpenSSH 7.1p1 - Security Tool Files ≈ Packet Storm
    This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
  • Sun, 23 Aug 2015 20:17:09 +0000: Faraday 1.0.13 - Security Tool Files ≈ Packet Storm
    Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
  • Tue, 18 Aug 2015 23:56:14 +0000: oclHashcat For NVidia 1.37 - Security Tool Files ≈ Packet Storm
    oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. NVidia version.
  • Tue, 18 Aug 2015 23:46:49 +0000: oclHashcat for AMD 1.37 - Security Tool Files ≈ Packet Storm
    oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. AMD version.
  • Tue, 18 Aug 2015 22:39:56 +0000: Viproy VoIP Penetration / Exploitation Kit 2.99.1 - Security Tool Files ≈ Packet Storm
    Viproy Voip Penetration and Exploitation Kit is developed to improve quality of SIP penetration testing. It provides authentication and trust analysis features that assists in creating simple tests.
  • Thu, 13 Aug 2015 05:48:18 +0000: Wireshark Analyzer 1.12.7 - Security Tool Files ≈ Packet Storm
    Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
  • Thu, 13 Aug 2015 04:55:55 +0000: NetRipper Smart Traffic Sniffer - Security Tool Files ≈ Packet Storm
    NetRipper is a post exploitation tool targeting Windows systems which uses API hooking in order to intercept network traffic and encryption related functions from a low privileged user, being able to capture both plain-text traffic and encrypted traffic before encryption/after decryption.
  • Thu, 13 Aug 2015 00:01:46 +0000: OpenSSH 7.0p1 - Security Tool Files ≈ Packet Storm
    This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
  • Tue, 11 Aug 2015 01:16:16 +0000: Mandos Encrypted File System Unattended Reboot Utility 1.7.0 - Security Tool Files ≈ Packet Storm
    The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
  • Mon, 10 Aug 2015 19:22:46 +0000: Simple Packet Sender 4.3 - Security Tool Files ≈ Packet Storm
    Simple Packet Sender (SPS) is a Linux packet crafting tool. It supports IPv4, IPv6 (but not extension headers yet), and tunneling IPv6 over IPv4. Written in C on Linux with GUI built using GTK+. Both source and binaries are included. Features include packet crafting and sending one, multiple, or flooding packets of type TCP, ICMP, or UDP. All values within ethernet frame can be modified arbitrarily. Supports TCP, ICMP and UDP data as well, with input from either keyboard as UTF-8/ASCII, keyboard as hexadecimal, or from file. Various other features exist as well.
  • Mon, 10 Aug 2015 19:13:22 +0000: Maligno 2.4 - Security Tool Files ≈ Packet Storm
    Maligno is an open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission.
  • Mon, 10 Aug 2015 18:19:33 +0000: mrtparse MRT Parsing Tool 1.3 - Security Tool Files ≈ Packet Storm
    mrtparse is a module to read and analyze the MRT format data. The MRT format data can be used to export routing protocol messages, state changes, and routing information base contents, and is standardized in RFC6396. Programs like Quagga / Zebra, BIRD, OpenBGPD and PyRT can dump the MRT format data. Written in Python.
  • Wed, 05 Aug 2015 19:32:22 +0000: Maligno 2.3 - Security Tool Files ≈ Packet Storm
    Maligno is an open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission.
  • Wed, 05 Aug 2015 19:32:22 +0000: Pcapteller 0.2 - Security Tool Files ≈ Packet Storm
    Pcapteller is a tool designed for simple traffic manipulation and replay. The tool allows you to recreate a recorded network traffic scenario that occurred in a foreign network, as it really happened in yours. Basically, the tool reads network packets from a PCAP file, and it replaces a given IP address with one that fits your needs. Afterwards, the manipulated packets are injected into the network. The tool is useful if you want to recreate scenarios where computer attacks or malware infections occurred. Using such scenarios as a base, Pcapteller will make it look like everything is really happening in your network. Pcapteller can help you improving your blue team's network security monitoring skills, or creating network decoys during red team operations.
  • Wed, 05 Aug 2015 15:55:55 +0000: Zed Attack Proxy 2.4.1 Mac OS X Release - Security Tool Files ≈ Packet Storm
    The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.
  • Wed, 05 Aug 2015 03:33:33 +0000: PortDog Network Anomaly Detector - Security Tool Files ≈ Packet Storm
    PortDog is a network anomaly detector aimed at identifying portscanning attacks. It is entirely written in python and has an easy-to-use interface.
  • Tue, 04 Aug 2015 18:35:44 +0000: Zed Attack Proxy 2.4.1 Windows Installer - Security Tool Files ≈ Packet Storm
    The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Windows installer.
  • Tue, 04 Aug 2015 18:31:40 +0000: Zed Attack Proxy 2.4.1 Linux Release - Security Tool Files ≈ Packet Storm
    The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Linux release.
  • Tue, 04 Aug 2015 04:44:44 +0000: Shellcode Helper - Security Tool Files ≈ Packet Storm
    Shellcode Helper is a python script designed to act as an x86 little endian stack converter.

@Risk Exploits

  • : SANSFIRE 2011 - @RISK: The Consensus Security Alert
    SANSFIRE 2011

ExploitDB