As we approach Pwn2Own 2018, I’m reminded of some of the exploits we saw at last year’s contest. Of course, the most...
POET is a simple post-exploitation tool to gain a remote shell on target machine. The client program runs on the target machine...
a Simple tool and not very special but this tool fast and easy create backdoor office exploitation using module metasploit packet. Like...
fuxploider is an open source penetration testing tool that automates the process of detecting and exploiting file upload forms flaws. This tool...
Commix (short for [comm]and [i]njection e[x]ploiter) is an automated tool that you can use to test web-based applications with the view to...
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android), multi-function RAT (Remote Administration Tool) and post-exploitation tool mainly written in python. It...
A FrameWork For NoSQL Scanning and Exploitation Framework Authored By Francis Alexander. Added Features: First Ever Tool With Added Support For Mongo,Couch,Redis,H-Base,Cassandra...
JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server and others Java Platforms, Frameworks, Applications, etc. Requirements Python...
The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. Requirements gnureadline requests paramiko beautifulsoup4 Installation sudo apt-get install python-requests...
DBC2 (DropboxC2) is a modular post-exploitation tool, composed of an agent running on the victim’s machine, a controler, running on any machine,...
The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site...
kernelpop is a framework for performing automated kernel exploit enumeration on Linux, Mac, and Windows hosts. Requirementspython3 Currently supported CVE’s: *CVE-2017-1000367 *CVE-2017-1000112...
Empire is a post-exploitation framework that includes a pure-PowerShell2.0 Windows agent, and a pure Python 2.6/2.7 Linux/OS X agent. The framework offers...
PRET is a new tool for printer security testing developed in the scope of a Master’s Thesis at Ruhr University Bochum. It...
Whenever I get a shell on a Windows system with VMware installed I feel a certain frustration at not being able to...
In this blog post we present new trivial vulnerabilities found on OnePlus One/X/2/3/3T OxygenOS & HydrogenOS. They affect the latest versions (4.1.3/3.0)...
Automated Mongo database and NoSQL web application exploitation tool http://www.nosqlmap.net DOWNLOAD NOSQL https://github.com/tcstool/NoSQLMap NoSQLMap NoSQLMap v0.7 Introduction NoSQLMap is an open source...
Just over one year ago (November 2015), I released WMIOps, a PowerShell script that enables a user to carry out different actions...
We are pleased to present our annual report Windows exploitation in 2016. In this latest version of our report, we offer a...
Commix, other wise known as [ comm ]and [ i ]njection e[ x ]ploiter is an automated tool written by that can...
Since a full proof of concept for CVE-2016-0189 vulnerability was published on GitHub, Zscaler ThreatLabZ has been closely tracking its proliferation. The...