Aggregator
CVE-2024-41732 | SAP NetWeaver Application Server ABAP 755/756/757/758 CSS code injection
CVE-2024-28799 | IBM QRadar Suite Software/Cloud Pak for Security Back-End Command invocation of process using visible sensitive information (XFDB-287173)
CVE-2024-27267 | IBM SDK/Java Technology Edition up to 7.1.5.18/8.0.8.26 Object Request Broker channel accessible (XFDB-284573)
CVE-2023-50315 | IBM WebSphere Application Server 8.5/9.0 certificate validation (XFDB-274714)
UnDisruptable27 Project Wants to Shore Up Critical Infrastructure Security
CVE-2014-1990 | Toshibatec E-studio-232 Change Password cross-site request forgery (EDB-29570)
WordPress.org to require 2FA for plugin developers by October
Adobe fixes Acrobat Reader zero-day with public PoC exploit
针对程序猿的新型骗局,黑客借招聘Python传播恶意软件
Invoke-Maldaptive: LDAP Obfuscation, Deobfuscation & Detection
MaLDAPtive MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation, and detection. Its foundation is a 100% custom-built C# LDAP parser that handles tokenization and syntax tree parsing along with numerous custom properties...
The post Invoke-Maldaptive: LDAP Obfuscation, Deobfuscation & Detection appeared first on Penetration Testing Tools.
DFIR Toolkit: CLI tools for forensic investigation of Windows artifacts
DFIR Toolkit CLI tools for forensic investigation of Windows artifacts Overview of timelining tools Install cargo install dfir-toolkit Tool cleanhive merges logfiles into a hive file xx evtx2bodyfile Example evtxanalyze Analyze evtx...
The post DFIR Toolkit: CLI tools for forensic investigation of Windows artifacts appeared first on Penetration Testing Tools.
CVE-2018-5247 | ImageMagick 7.0.7-17 Q16 coders/rla.c ReadRLAImage resource management (Issue 928 / Nessus ID 106221)
JNDI-Injection-Exploit-Plus: generating workable JNDI links and providing background services
JNDI-Injection-Exploit-Plus JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and providing background services by starting the RMI, LDAP, and HTTP servers. Using this tool allows you to get JNDI links, you can insert these...
The post JNDI-Injection-Exploit-Plus: generating workable JNDI links and providing background services appeared first on Penetration Testing Tools.