A brief write up discussing disclosure of internal IPs and hostnames from Apple bots leveraging Via and X-Forwarded-For headers.
55aef9cbf06435171aad139605e96ea9This is a brief write up noting javascript backdoors left in common PHP shells.
465a8584e9016e457c0c418a061e0cceThis is a brief write up that discusses NULL page mitigations on Windows 8 and includes a piece of proof of concept code.
73e524a4ddc4355c68f3fdb4ff3a21efThis is a brief write up discussing exploitation of the cross site request forgery vulnerability discovered in the Cisco EPC3925 router.
6c2e7a9baecf07b4701344e74d2cdf35This is a brief write up discussing a root cause analysis of why spawning calc.exe triggered a stack overflow.
6cf6663c4ae9aadd82ad553d36e41a07This is a brief write up that provides a shell script for passwording a shell bound with netcat.
51e9b10d4fe378456c10d15d7eae41e1McAfee Web Gateway and Squid Proxy version 3.1.19 suffers from a bypass vulnerability due to putting trust in Host headers. Proof of concept tool included. Squid is only vulnerable to the attacks if the filtered site is using SSL.
2a72aa39ac2270394d6cad78bd6d074aProxy Check is a tool that includes a website to automate testing for web proxy content filtering. It has a battery of tests that includes looking for typically malicious URLs, several PDF exploits, and more.
262f80ad85d00dbf3981777636d6d463This is a brief write up discussing Google V8 server-side javascript (SSJS) injection.
527af13953c1ae84cb4320287a31dcd6This is a brief write up discussing time-based NoSQL injection attacks using javascript.
91d28ae50067e7a25392529916fe2966This is a brief write up discussing how to leverage cross site scripting and shell upload vulnerabilities in eyeOS versions prior to 1.9.0.3.
a7dfc57edaa98567723a299e7e28878fThis is a brief write up with examples on how to perform DNS spoofing using Scapy. Written in Indonesian.
e982013f0c40b4c923c48be85dec0b98Proxyroll.com Clone PHP Script suffers from an insecure cookie handling vulnerability that allows for price manipulation.
571ded1de6ea27947ec0113d18b516ccThis Metasploit module exploits a stack overflow in Proxy-Pro Professional GateKeeper 4.7. By sending a long HTTP GET to the default port of 3128, a remote attacker could overflow a buffer and execute arbitrary code.
236e4cbd21b904c274d433570efd4292This is a brief write up discussing blind SQL injection attacks. Written in French.
aafae831b86f6848c01eef65c9a18f3eProxy List Script suffers from a cross site scripting vulnerability.
656f6399433d5be010185acae3e5302bProxy Harvesting tool that uses google and evaluates the sites.
41ea51a7d61f68c5ff44eaaa07ff9887proxyScan.pl is a security penetration testing tool to scan for hosts and ports through a Web proxy server. Features include various HTTP methods such as GET, CONNECT, HEAD as well as host and port ranges.
d188669d4f40454a187abe673f3e9b86ProxyStrike is an active Web Application Proxy and is a tool designed to find vulnerabilities while browsing an application. It current has SQL injection and cross site scripting modules. This is the Windows version. Written in Python.
bd80bf552c714af9a119ea7644e9f236ProxyStrike is an active Web Application Proxy and is a tool designed to find vulnerabilities while browsing an application. It current has SQL injection and cross site scripting modules. This is the Linux / Mac OSX version. Written in Python.
c21708cc21671b83f1bd286f0407e4bbThis is a simple proxy tool that checks for the HTTP CONNECT method and grabs verbose output from a webserver. It is primarily useful when verifying false positives from automated vulnerability assessment tools.
fb11bbbc4ef1b48fa160f60a2e846ef9Proxy Anket version 3.0.1 suffers from a SQL injection vulnerability.
43e7d044756aa211fec8f5615c1443c3proxyScan.pl is a security penetration testing tool to scan for hosts and ports through a Web proxy server. Features include various HTTP methods such as GET, CONNECT, HEAD as well as host and port ranges.
8bfa5e39fa502b98dde95206b5b9bfc8proxyScan.pl is a security penetration testing tool to scan for hosts and ports through a Web proxy server. Features include various HTTP methods such as GET, CONNECT, HEAD as well as host and port ranges.
db9451d3fae8cc6c831acdaba82e22d5ProxyFuzz is a man-in-the-middle non-deterministic network fuzzer written in Python. ProxyFuzz randomly changes (fuzzes) contents on the network traffic. It supports TCP and UDP protocols and can also be configured to fuzz only one side of the communication. ProxyFuzz is protocol agnostic so it can randomly fuzz any network communication.
16335167eec8447d244ca48ab1ae1b2aHTTP proxy checking utility.
bb262c9d1c79b5fdca42a57931d7f5b8
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed