Kali
Ivanti has just put out a warning about CVE-2023-38035. The vulnerability has been added to CISA KEV and is called an authentication bypass in the Ivanti Sentry user interface. This new flaw comes after a flaw in Ivanti EPMM (CVE-2023-35078) that was already being used in the wild. In this post, we’ll look closely at …
Continue reading “CVE-2023-38035 – Arbitrary Command Execution As The Root user On Ivanti Sentry”
KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems. It scans both runtime K8s clusters and CI/CD pipelines for enhanced software supply …
Continue reading “Kubei : A Flexible Kubernetes Runtime Scanner”
Snort is a widely used open-source Network Intrusion Detection System (NIDS) that can analyze network traffic and detect potential security threats. It works by analyzing network traffic in real time and comparing it against a set of rules, which the user or administrator defines. It can detect various attacks, such as port scans, buffer overflows, …
Continue reading “How to Use the Snort IDS/IPS Complete Practical Guide”
Security has two difficult tasks: designing smart ways of getting new information, and keeping track of findings to improve remediation efforts. With Faraday, you may focus on discovering vulnerabilities while we help you with the rest. Just use it in your terminal and get your work organized on the run. Faraday was made to let …
Continue reading “Faraday : Open Source Vulnerability Management Platform”
Today, with the spread of information technology systems, investments in the field of cyber security have increased to a great extent. Vulnerability management, penetration tests and various analyzes are carried out to accurately determine how much our institutions can be affected by cyber threats. With Tenable Nessus, the industry leader in vulnerability management tools, an …
CVE-2022-27254 is a PoC for vulnerability in Honda’s Remote Keyless System(CVE-2022-27254). Summary This is a proof of concept for CVE-2022-27254, wherein the remote keyless system on various Honda vehicles send the same, unencrypted RF signal for each door-open, door-close, boot-open and remote start(if applicable). This allows for an attacker to eavesdrop on the request and conduct …
Continue reading “CVE-2022-27254 : PoC For Vulnerability In Honda’s Remote Keyless System”
Log4J-Detect is a script “log4j-detect.py” developed in Python 3 is responsible for detecting whether a list of URLs are vulnerable to CVE-2021-44228. To do so, it sends a GET request using threads (higher performance) to each of the URLs in the specified list. The GET request contains a payload that on success returns a DNS …
PeTeReport (PenTest Report) is an open-source application vulnerability reporting tool designed to assist pentesting/redteaming efforts, by simplifying the task of writing and generation of reports. Focused in product security, the tool help security researchers and pentesters to provide detailed findings, appendix, attack paths and manage a finding template database to avoid wasting time spent in the …
Continue reading “PeTeReport : An Open-Source Application Vulnerability Reporting Tool”
The most popular penetration testing distro Kali linux announced a new version that included extended support for OpenSSL, new Tools, Live VM Support, and support for smartwatch. The Kali Linux 2021.3 is the third release of the year, now it is available for ready download or users can update to the latest version. What’s New …
Continue reading “Kali Linux 2021.3 Released for NetHunter Smartwatch and With New Hacking Tools”
Ronin is a Ruby platform for vulnerability research and exploit development. Ronin allows for the rapid development and distribution of code, Exploits, Payloads, Scanners, etc, via Repositories. Console Ronin provides users with a powerful Ruby Console, pre-loaded with powerful convenience methods. In the Console one can work with data and automate complex tasks, with greater …
Continue reading “Ronin : A Ruby Platform For Vulnerability Research & Exploit Development”
.png)
