DependencyTrack 4.11.1 – Bug Fixes, Security Improvements, And Changelog Highlights
For official releases, refer to Dependency Track Docs >> Changelogs for information about improvements and upgrade notes.If additional details are required, consult the closed issues for this release milestone. # SHA1 aa3d8ffc6b8f9d15a801148a93275ebeba922010 dependency-track-apiserver.jar c57f1b8c003d95daa871096cbc37a6c03cd08907 dependency-track-bundled.jar # SHA256 ed08e60e0761ced93454c14194da02be5950805911dbc7f7c611bdf0e753b437 dependency-track-apiserver.jar e7613d6654083ab6e2c4ae24459444efe4d83df5d2c4d27e58a94bc809e2627a dependency-track-bundled.jar # SHA512 75f4fcd203ccbbf494047b5866942b7a08fd1f97e98f40cd5aac57dd3401fcb2dc0e2e8953d54035dd3dd96e28c4df563ecee52df05769e8e530dc27e3e72f9b dependency-track-apiserver.jar 10e590eb849e1179688c787c3f52a5e333f20962c8f2ab4cec0b6a3f872991ff7d9f80748439bb33281e615c0bcd8ed65530abcc34f018f8b7f171c104e5caf5 dependency-track-bundled.jar What's Changed Bug Fixes Backport: Fix failing JSON BOM validation when specVersion is not one of the...
HikvisionExploiter – Automated Exploitation And Surveillance Utility For Hikvision Cameras
HikvisionExploiter is a Python-based utility designed to automate exploitation and directory accessibility checks on Hikvision network cameras exploiting the Web interface Version 3.1.3.150324. It downloads snapshots and compiles them into videos for efficient surveillance monitoring, Then retrieves the camera device info and downloads the "configurationFile" to all the registered Users Creds. Table Of Contents Features Requirements Installation Usage Configuration Finding Targets License Features Automated Directory Accessibility Checks for Hikvision...
RedFlag : AI-Powered Risk Assessment And Workflow Automation
RedFlag leverages AI to determine high-risk code changes. Run it in batch mode to scope manual security testing of release candidates, or run it in your CI pipelines to flag PRs and add the appropriate reviewers. Despite being a security tool, RedFlag can be leveraged for almost any team as it's configuration makes it infinitely flexible. RedFlag is able to...
Installation Instructions And Folder Setup For Gcpwn On Kali Linux
If you want to use docker to run the tool, you can use the existing Dockerfile to create a container with the tool and all dependencies installed. It will then drop you into a venv inside the docker container when starting allowing you to run "python3 main.py". Note because it is docker, unless you mount volumes with -v, your data...
Dependency-Track 4.11.2 : Enhancements, Fixes, And Security Updates
For official releases, refer to Dependency Track Docs >> Changelogs for information about improvements and upgrade notes.If additional details are required, consult the closed issues for this release milestone. # SHA1 174956bf3cd2dab16cfd36e7ab1b5d7001b99160 dependency-track-apiserver.jar af75c903b033418ea6326cbb4e6885afba99ee94 dependency-track-bundled.jar # SHA256 135cf4361bbbc65f488796bf196c8d2d3cbebec931b249e037551c6fbbae2ed7 dependency-track-apiserver.jar 5020ac51158038439b7482d5c5fec151773162724dce1779249bf73053456d34 dependency-track-bundled.jar # SHA512 2002e27260b5cd4f96384828ef57f753916faab5ad06e0299958c3ab3e328045f2e805d0b1c3c56c85b4602d473c10d2c23d1098c94a4db93af0959c45b6ede8 dependency-track-apiserver.jar 262b582bd2dcbbb8966acd5dae3df88bc318590da0e66a7ac11f2197ccdca89b773013f317b5fe945650f16a48d2c4601356df10d77c10666d899917755cc0c8 dependency-track-bundled.jar What's Changed Bug Fixes Backport: Handle breaking change in Trivy server API by @nscuro in #3785 Backport: Fix project name not showing in Jira...
Dependency-Track 4.11.4 : Enhancements, Bug Fixes, And Security Updates
For official releases, refer to Dependency Track Docs >> Changelogs for information about improvements and upgrade notes.If additional details are required, consult the closed issues for this release milestone. # SHA1 19531d4f02cccf26478b3a63feba355da8726b3f dependency-track-apiserver.jar 3c4bb658783157ae9c408b8323e25e55c9ab25fd dependency-track-bundled.jar # SHA256 9a09259ba4c19d02b81a39fb5894df758f19ff1bb43538d4b999b4a5789a9d9b dependency-track-apiserver.jar 73fc867d347da8a8af14f8c6812e13b870037a28d7de83e2837db9c27d840100 dependency-track-bundled.jar # SHA512 a357be2617e9da6d4eaf19120316927ccddbc1290b9f0179287619864ffe2f6a349c9cab729853469425e273662e64cb49a4ede5498da937817b3cda01997af9 dependency-track-apiserver.jar 13fbf6477f2820b0926ad082063332e9f34de622e64b11cfe0fa4574ba5d2d9f41c06c791740ddb69a34fc71e21b6456f20c36018eb2b52e0664fdc47a41645f dependency-track-bundled.jar What's Changed Enhancements Backport: Support ingestion of CycloneDX v1.6 BOMs by @nscuro in #3863 Bug Fixes Backport: Fix inverted "show inactive" filter in...
Dependency-Track 4.11.5 : Updates And Changes
For official releases, refer to Dependency Track Docs >> Changelogs for information about improvements and upgrade notes.If additional details are required, consult the closed issues for this release milestone. # SHA1 8fd45ea6ae725e8e7dac59ec9d471fcdaeb42c6d dependency-track-apiserver.jar eba6cbaa6c2da9ffb295da83ed39af68ff4130a8 dependency-track-bundled.jar # SHA256 c39c15849cbb7dd19833ea689c20aaf92bc9f6965b758961e1d2a01a2b09f86f dependency-track-apiserver.jar 7ebb11573b2a59084ed98fe92d363240c910dc7b5aa7ebeda64bee7d47089d9a dependency-track-bundled.jar # SHA512 5c885c595687f20da1792393a161e30f23bb3fdfd9deb31c6010be3da86e839a046d2ba854a52f1148ba38fd368c084c911910a90ea384391cf6cad5e52bc1cd dependency-track-apiserver.jar eb0e56faa86bae2cb7d81b77e95fa6f809eaa55e7ed8a412dcb15cb4491490ae8398812752e460a07d12ca03b08a0951567be60accd48462c73263388dcd21ef dependency-track-bundled.jar What's Changed Bug Fixes Backport: Fix BOM_CONSUMED and BOM_PROCESSED notifications being dispatched with wrong scope for BOM processing V2 by @nscuro in #3941 Backport: Set license name instead...
OWASP Noir – A Comprehensive Guide To Advanced Source Code Analysis And Security Testing
The cutting-edge tool designed to enhance security testing through deep source code analysis. OWASP Noir supports multiple programming languages and seamlessly integrates with popular offensive security tools. Whether you're analyzing APIs, integrating into DevOps, or conducting vulnerability assessments, OWASP Noir delivers precise and actionable insights to bolster your security framework. Key Features Identify API endpoints and parameters from source code. Support various...
WAF Bypass Tool – A Comprehensive Guide To Enhancing Web Application Security
WAF bypass Tool is an open source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads. Check your WAF before an attacker does. WAF Bypass Tool is developed by Nemesida WAF team with the participation of community. How To Run It is forbidden to use for illegal and illegal purposes. Don't...
Shwmae – Exploiting Windows Hello Security Protocols
Shwmae (shuh-my) is a Windows Hello abuse tool that was released during DEF CON 32 as part of the Abusing Windows Hello Without a Severed Hand talk. The purpose of the tool is to abuse Windows Hello from a privileged user context. Shwmae Copyright (C) 2024 Shwmae enum (Default Verb) Enumerate Windows...