-
[CVE-2021-41773] Bug Apache 2.4.49-50
Apache merupakan software aplikasi yang biasa digunakan oleh webserver untuk menghosting sebuah website selain nginx. Akan tetapi akhir-akhir ini di hebohkan dengan sebuah penemuan bug sederhana yang mempunyai dampak besar. — read more
-
ReconNote – Web Application Security Automation Framework
ReconNote:– Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters. — read more
-
V3n0M-Scanner – Free and Open-source Vuln Scanner in Python
Popular Pentesting scanner in Python3.6 for SQLi/ XSS / LFI/ RFI and other Vulns. Evolved from baltazar’s scanner, it has adapted several new features that improve functionality and usability. It is mostly experimental software . This program is for finding and executing various vulnerabilities. It scavenges the web using dorks and organizes the URLs it — read more
-
MicroBackdoor:– Small and convenient C2 tool for Windows targets.
Micro Backdoor is C2 tool for Windows targets with easy customizable code base and small footprint. Micro Backdoor consists from server, client and dropper. It wasn’t designed as replacement for your favorite post-exploitation tools but rather as really minimalistic thing with all of the basic features in less than 5000 lines of code, client DLL — read more
-
[CVE-2021-3493] Ubuntu LPE OverlayFS PE Exploit
Masalah khusus Ubuntu dalam sistem file overlayfs di kernel Linux yang tidak memvalidasi aplikasi kapabilitas sistem file dengan benar sehubungan dengan ruang nama pengguna. Penyerang lokal dapat menggunakan ini untuk mendapatkan hak istimewa yang lebih tinggi, karena tambalan yang dilakukan di Ubuntu untuk memungkinkan pemasangan overlay tanpa hak istimewa. — read more
-
[CVE-2021-22986] Server ID banyak yang VULN
Kerentanan ini memungkinkan penyerang yang tidak diautentikasi dengan akses jaringan ke antarmuka REST iControl, melalui antarmuka manajemen BIG-IP dan alamat IP sendiri, untuk menjalankan perintah ssebagai administrator(root), membuat atau menghapus file, dan menonaktifkan layanan. — read more
-
E-Mail Security Virtual Appliance (ESVA) Remote Execution.
ESVA (E-Mail Security Virtual Appliance) is a pre-built and semi-configured email scanning appliance that will run on VMware Workstation, Server, Player or ESX Server. -=+ Infected Files …./cgi-bin/learn-msg.cgi …./cgi-bin/release-msg.cgi Not found any strips/filter to metacharacters.. Attacker can easily execute command.. — read more