Bypass Antivirus & Exploit Windows Using PowerShell Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Affected Version Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows Read more…
Web Vulnerability Scan (WMAP) Introduce The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its best-known sub-project is the open source[2] Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Read more…
smb-vuln-ms17-010.nse nmap nse script description Attempts to detect if a Microsoft SMBv1 server is vulnerable to a remote code execution vulnerability (ms2017-010). The script connects to the $IPC tree, executes a transaction on FID 0 and checks if the error “STATUS_INSUFF_SERVER_RESOURCES” is returned to determine if the target is not patched against Read more…
Linux kernel flaw can local privilege escalation CVE-2017-2636 An old Linux kernel vulnerability was exposed! The vulnerabilities can be traced back to 2009, linux distributions affected include Red Hat, Debian, Fedora, OpenSUSE and Ubuntu. The number of Linux vulnerability CVE-2017-2636 , in accordance with CVSS v3 standard vulnerability score Read more…
Exploit Windows Machine Shadow Brokers shocked the world once again leaked a confidential document, which contains a number of beautifully Windows remote exploits that can cover a large number of Windows servers, Windows servers almost all across the board overnight exposure to risk. What is MS-17-10? Remote code execution Read more…
Web vulnerability scanning modules in Metasploit Information gathering web server scanning module Module auxiliary/scanner/http/http_version Module auxiliary/scanner/http/open_proxy Module auxiliary/scanner/http/robots_txt Module auxiliary/scanner/http/frontpage_login Module auxiliary/admin/http/tomcat_administration Module auxiliary/admin/http/tomcat_utf8_traversal Module auxiliary/scanner/http/options Module auxiliary/scanner/http/drupal_views_user_enum Module auxiliary/scanner/http/scraper Module auxiliary/scanner/http/svn_scanner Module auxiliary/scanner/http/trace Module auxiliary/scanner/http/vhost_scanner Module auxiliary/scanner/http/webdav_internal_ip Module auxiliary/scanner/http/webdav_scanner Module auxiliary/scanner/http/webdav_website_content File directory scan module Module auxiliary/dos/http/apache_range_dos Read more…
SQL Vulnerability Scanner Whitewidow Whitewidow is an open source automated SQL vulnerability scanner, that is capable of running through a file list, or can scrape Google for potential vulnerable websites. It allows automatic file formatting, random user agents, IP addresses, server information, multiple SQL injection syntax, ability to launch sqlmap Read more…
WPSeku – WordPress Vulnerability Scanner WordPress is a free and open-source, highly customizable content management system (CMS) that is being used by millions around the world to run blogs and fully functional websites. Because it is the most used CMS out there, there are so many potential WordPress security issues/vulnerabilities Read more…
Hacking Windows using EternalBlue & DoublePulsar via Metasploit on Kali Linux 2017 This exploit is combination of two tools Eternal Blue which is use as backdooring in windows and Doublepulsar which is used for injecting dll file with the help of payload. So we will manually add this exploit Read more…
Apache Struts2 arbitrary code execution vulnerability (S2-045, CVE-2017-5638) Apache Struts is an open source project maintained by the Apache Software Foundation, an open source MVC framework for creating enterprise Java Web applications. CVE Identifier CVE-2017-5638 Introduction to Vulnerability Struts uses Jakarta to resolve file upload requests inappropriate when a Read more…