Microsoft Malware Protection Engine Remote Code Execution Vulnerability (CVE-2017-0290) Vulnerability identify CVE-2017-0290 Vulnerability Finder Natalie Silvanovich and Tavis Ormandy of Google Project Zero Vulnerability An attacker who successfully exploited this vulnerability could execute arbitrary code under the LocalSystem account and control the system. An attacker could install a program; Read more
Intel chips Vulnerability A vulnerability in Intel chips that went undiscovered for almost a decade allows hackers to remotely gain full control over affected Windows PCs without needing a password. The “critical”-rated bug, disclosed by Intel last week, lies in a feature of Intel’s Active Management Technology (more commonly known Read more
Hacking Windows using EternalBlue & DoublePulsar via Metasploit
WordPress Potential Unauthorized Password Reset On 3 May, WordPress was exposed there is a security risk. A new vulnerability (CVE-2017-8295) was found to exist in all WordPress versions. The vulnerability from WordPress in the creation of password reset e-mail will use the client to send the contents of the SERVER_NAME variable Read more
Exploiting Apache Struts S2-045 (CVE-2017-5638) vulnerability Apache Struts is an open source project maintained by the Apache Software Foundation, an open source MVC framework for creating enterprise Java Web applications, offering two versions of the framework products: Struts 1 and Struts 2. Struts2 is a MVC design based on the Read more
Zero Day Vulnerability In Microsoft Security Researchers Detected Zero Day Vulnerability in Microsoft Security Companies McAfee and FireEye detects Microsoft Zero-day Bug in Office 2016 which is running on Windows 10. A scenario of this Zero day vulnerability attack is Malicious document file E-mailing to victim contains an embedded OLE2link Read more
XPath Injection Similar to SQL injection, XPath injection occurs when the site uses the information entered by the user to construct the request for XML data. An attacker sends specially constructed information to the site to explore how the XML used by the site is constructed, and even to obtain Read more
Information Gathering acccheck ace-voip Amap Automater bing-ip2hosts braa CaseFile CDPSnarf cisco-torch Cookie Cadger copy-router-config DMitry dnmap dnsenum dnsmap DNSRecon dnstracer dnswalk DotDotPwn enum4linux enumIAX Fierce Firewalk fragroute fragrouter Ghost Phisher GoLismero goofile hping3 InTrace iSMTP lbd Maltego Teeth masscan Metagoofil Miranda Nmap ntop p0f Parsero Recon-ng SET smtp-user-enum snmp-check sslcaudit Read more
What is Buffer overflow? Buffer overflow, in the presence of a buffer overflow security vulnerabilities in the computer, the attacker can exceed the normal length of the number of characters to fill a domain, usually the memory address. In some cases, these excess characters can be run as “executable” code. Read more