Browsing tag
A simple reverse shell written in python 3.7 just for fun. Actually it supports Windows and Linux OS and integrates some basic features like keylogging and AES encrypted communications. Supported operating systems: Windows Linux OSX Functions and characteristics: Reverse connection. AES encrypted communications. Multithreaded. Support multiple bots connected at the same time. Keylogger. Possibility […]
A new China-based campaign dubbed Nansh0u targets Windows MS-SQL and PHPMyAdmin servers worldwide. The attack campaign primarily targets servers belonging to the healthcare, telecommunications, media, and IT sectors. Guardicore Labs detected the campaign at the beginning of April, but the attacks found dating back to February 26. Throughout the campaign threat actors used 20 different […]
Why XSStrike? Every XSS scanner out there has a list of payloads, they inject the payloads and if the payload is reflected into the webpage, it is declared vulnerable but that’s just stupid. XSStrike on the other hand analyses the response with multiple parsers and then crafts payloads that are guaranteed to work. Here are […]
What is SSRF vulnerability? Server Side Request Forgery (SSRF) is a type of vulnerability class where attacker sends crafted request from a vulnerable web application, including the unauthorised access to the internal resources behind the firewall which are inaccessible directly from the external network. Installation git clone https://github.com/ariya/phantomjs.git cd phantomjs chmod +x build.py ./build.py Usage […]
Invoke-MacroCreator is a powershell Cmdlet that allows for the creation of an MS-Word document embedding a VBA macro with various payload delivery and execution capabilities. Description Basically the script supports three types of payload that you MUST specify using the -t argument: shellcode: any raw shellcode (for instance created with msfvenom). The shellcode is loaded into memory then […]
A Malware called Hworm Performing multiple Attacks including steal passwords from Firefox, Opera, and Chrome browsers, ability to log keystrokes, kill running process, capture a Screen by making use of the backdoor. This Malware initially identified June 2016 and keep observed by researchers and finally find it as it Emerged day by day. According to […]
[jpshare] MS word Document is on of the main Vector to easily spread the Macro viruses to the Victims. an undisclosed vulnerability has been Discovered in Microsoft Office RTF( Rich Text Format) Document. FireEye Security Researchers Said, This vulnerability allows a malicious actor to execute a Visual Basic script when the user opens a document containing an embedded exploit.This vulnerability found […]