Andr01d Magic Dumper is a perl script that lets you search for 3rd party passwords, dump the call log, dump contacts, dump wireless configuration, and more.
b1d05072f80cc1941ef505cf754cd3cc
T50 Sukhoi PAK FA Mixed Packet Injector (f.k.a. F22 Raptor) is a tool designed to perform "Stress Testing". It is a powerful and an unique packet injection tool. The author has added in some anti-kiddo tricks.
eb9995a2116e6ba94b8d9b1eeee982d9
whCMS version 0.115 Alpha suffers from a cross site request forgery vulnerability.
af9a5fbae4f946b6d23904fbc6bb881e
ACROS Security Problem Report #2011-01-11-1 - A binary planting vulnerability in F-Secure Internet Security 2010 and 2011, F-Secure Anti-Virus 2010 and 2011 and multiple other F-Secure products allows local or remote (even Internet-based) attackers to deploy and execute malicious code on Windows machines in the context of logged-on users.
dee2a167591f88e931bb5832b4ba9394
Witchxtool is a perl script that consists of a port scanner, LFI scanner, MD5 bruteforcer, dork SQL injection scanner, fresh proxy scanner, and a dork LFI scanner.
3b6c6053b0ed272e9ff62a3f124660ba
Energine version 2.3.8 suffers from cross site request forgery, path disclosure, and remote SQL injection vulnerabilities.
54db57f01814918820f00ae2ddc5df24
VaM Shop version 1.6 suffers from cross site request forgery and cross site scripting vulnerabilities.
8ef317a31eb9a092490050e07019aacc
Diafan CMS version 4.3 suffers from cross site request forgery and cross site scripting vulnerabilities.
2dbf4f14081fbd3b8c78e6f1294af1d2
Cambio version 0.5a suffers from a cross site request forgery vulnerability.
ea72fe49f889fd8a48fb7df806bbd287
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
1c0e8954e8b205915ad9bb698b43611f
Phorensix is a post-login VoIP forensics tool created for Asterisk (tested on Asterisk 1.4.5 to be exact). Phorensix takes a look at a rogue host connecting to a vulnerable account. Who is connecting, where are they coming from, what are they doing to my PBX, what are they doing ON MY PBX.
c5e2ddc4a07de0e44f07d16113d2e5ce
W-Agora versions 4.2.1 and below suffer from cross site scripting, denial of service, and remote SQL injection vulnerabilities.
a6867add24118c147f5618e831811d70
Nokia Multimedia Player version 1.0 SEH unicode exploit.
133f53ba8fc4253f27023a46c3311dba
Mono/Moonlight suffers from a local privilege escalation vulnerability.
4fef8c8b15a8470b1f9d1cb8e1091a68
This archive has a pcap file that demonstrates the Wireshark ZigBee ZCL dissector infinite loop denial of service vulnerability.
75231ee6a0e2607fa6e98d5749e43806
GMER versions 1.0.15.15087 and below suffer from a pointer dereference vulnerability. Both an advisory and exploit are included in this archive.
f71e128393844ff362a71dc6a1cc58f9
Secunia Security Advisory - Multiple vulnerabilities have been discovered in Newv SmartClient NewvCommon ActiveX control, which can be exploited by malicious people to manipulate certain data and compromise a user's system.
eebc4aa5904e7c4dc9fc18df24a3c64e
Tomcat/JBoss .nse script for nmap that also includes a short dictionary attack for Tomcat's /manager/html basic-auth.
490c966b50c98007ed3ea6e775a0d8cd
aidSQL SQL injection detection and exploitation tool is a modular PHP scanner that allows you to develop your own plugins for use.
d1f8609032260a76620dc0a2ee66448d
Secunia Security Advisory - Slackware has issued an update for php. This fixes a weakness, which can be exploited by malicious people to cause a DoS (Denial of Service).
5958d459a9348da8d5006451e0ccb3bd
Secunia Security Advisory - John Leitch has discovered a vulnerability in Wing FTP Server, which can be exploited by malicious people to conduct cross-site request forgery attacks.
1a9fc99150536dbedd7877da7aeae88e
Secunia Security Advisory - High-Tech Bridge SA has discovered multiple vulnerabilities in VaM Shop, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
1eb7be2ac745491144c2a7371f1a3e6a
Secunia Security Advisory - Ubuntu has issued an update for linux and linux-ec2. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose system information and potentially sensitive information, cause a DoS (Denial of Service), and gain escalated privileges, and by malicious people to disclose potentially sensitive information.
b2e0b3cd77d669e51f23cc82c8794c5f
Secunia Security Advisory - A vulnerability has been discovered in LotusCMS, which can be exploited by malicious people to disclose sensitive information.
2d37146f9d02b683481e96eda0e71eae
Secunia Security Advisory - Two vulnerabilities have been reported in Microsoft Data Access Components, which can be exploited by malicious people to compromise a user's system.
0ead0f0c85338db57c9cf1a1c2df467c