what you don't know can hurt you
Showing 101 - 125 of 1,038 RSS Feed

Python Files

SnappingTurtle: A Web Exploitation Tool
Posted Mar 24, 2016
Authored by John Leitch

This is a cross platform web exploitation tool written in Aphid and compiled into Python. Currently supports exploitation of PHP local file inclusion and SQL injection with more on the way.

tags | tool, web, local, php, sql injection, python, file inclusion
systems | unix
MD5 | 3c787629c70598ece396bcbe1b3e750d
Fortigate Backdoor Password Calculator
Posted Mar 24, 2016
Authored by Rishabh Dangwal

Simple python exploit that can be used to calculate the Fortigate backdoor password.

tags | exploit, python
MD5 | 14cbed01c741cedd301f5304e7b425c5
Red Hat Security Advisory 2016-0505-01
Posted Mar 24, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0505-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Security Fix: An open-redirect flaw was found in the way Django's django.utils.http.is_safe_url() function filtered authentication URLs. An attacker able to trick a victim into visiting a crafted URL could use this flaw to redirect that victim to a malicious site.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2016-2512, CVE-2016-2513
MD5 | 1a56f3ca3fef375e922ce5b38c84a5a4
Red Hat Security Advisory 2016-0504-01
Posted Mar 24, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0504-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Security Fix: An open-redirect flaw was found in the way Django's django.utils.http.is_safe_url() function filtered authentication URLs. An attacker able to trick a victim into visiting a crafted URL could use this flaw to redirect that victim to a malicious site.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2016-2512, CVE-2016-2513
MD5 | 9c22d20743acb817877401173d9fadaa
Red Hat Security Advisory 2016-0503-01
Posted Mar 24, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0503-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Security Fix: An open-redirect flaw was found in the way Django's django.utils.http.is_safe_url() function filtered authentication URLs. An attacker able to trick a victim into visiting a crafted URL could use this flaw to redirect that victim to a malicious site.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2016-2512, CVE-2016-2513
MD5 | 052700df92125e75c51290d5ca8da758
Red Hat Security Advisory 2016-0506-01
Posted Mar 24, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0506-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Security Fix: An open-redirect flaw was found in the way Django's django.utils.http.is_safe_url() function filtered authentication URLs. An attacker able to trick a victim into visiting a crafted URL could use this flaw to redirect that victim to a malicious site.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2016-2512, CVE-2016-2513
MD5 | 5ae39742b015b291f8fba96077a61cc1
Red Hat Security Advisory 2016-0502-01
Posted Mar 24, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0502-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Security Fix: An open-redirect flaw was found in the way Django's django.utils.http.is_safe_url() function filtered authentication URLs. An attacker able to trick a victim into visiting a crafted URL could use this flaw to redirect that victim to a malicious site.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2016-2512, CVE-2016-2513
MD5 | aa5838d0be7d78891a67c08d35ead275
Apache Qpid Proton 0.12.0 SSL Failure
Posted Mar 23, 2016
Authored by M. Farrellee

Messaging applications using the Proton Python API to provision an SSL/TLS encrypted TCP connection may actually instantiate a non-encrypted connection without notice if SSL support is unavailable. This will result in all messages being sent in the clear without the knowledge of the user. Apache Qpid Proton python API versions starting at 0.9 and up to 0.12.0 are affected.

tags | advisory, tcp, python
advisories | CVE-2016-2166
MD5 | 027fbe7b9c88dfd3e93b88750fb08319
Red Hat Security Advisory 2016-0360-01
Posted Mar 8, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0360-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. An information-exposure flaw was found in the Django date filter. If an application allowed users to provide non-validated date formats, a malicious end user could expose application-settings data by providing the relevant applications-settings key instead of a valid date format.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2015-8213
MD5 | 9ee24064654311e09feb88813853a282
Debian Security Advisory 3499-1
Posted Feb 29, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3499-1 - Multiple security vulnerabilities have been found in Pillow, a Python imaging library, which may result in denial of service or the execution of arbitrary code if a malformed FLI, PCD or Tiff files is processed.

tags | advisory, denial of service, arbitrary, vulnerability, python
systems | linux, debian
advisories | CVE-2016-0740, CVE-2016-0775, CVE-2016-2533
MD5 | 62153e3ca7a79d7351dac73cd3be2814
Htcap Analysis Tool Beta 1.0
Posted Feb 26, 2016
Authored by Filippo Cavallarin

Htcap is a web application analysis tool for detecting communications between javascript and the server. It crawls the target application and maps ajax calls, dynamically inserted scripts, websockets calls, dynamically loaded resources and some interesting elements. The generated report is meant to be a good starting point for a manual web application security audit. Htcap is written in python and uses phantomjs to load pages injecting a probe that analyzes javascript behaviour. Once injected, the probe, overrides native javascript methods in order to intercept communications and DOM changes. It also simulates user interaction by firing all attached events and by filling html inputs.

Changes: Major code rewrite and many features were added.
tags | tool, web, javascript, sniffer, python
MD5 | 09bdd3514bd444e411a87140b8bd28c2
pyClamd 0.3.17
Posted Feb 17, 2016
Authored by Alexandre Norman | Site xael.org

pyClamd is a python interface to Clamd (Clamav daemon). By using pyClamd, you can add virus detection capabilities to your python software in an efficient and easy way. Instead of pyClamav which uses libclamav, pyClamd may be used by a closed source product.

Changes: Various updates.
tags | tool, virus, python
systems | unix
MD5 | 701e63618e04f94d956e99e43372cf84
Red Hat Security Advisory 2016-0158-01
Posted Feb 10, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0158-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. An information-exposure flaw was found in the Django date filter. If an application allowed users to provide non-validated date formats, a malicious end user could expose application-settings data by providing the relevant applications-settings key instead of a valid date format.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2015-8213
MD5 | 66cef5b36cc3630b2141823fcc8493a9
Red Hat Security Advisory 2016-0157-01
Posted Feb 10, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0157-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. An information-exposure flaw was found in the Django date filter. If an application allowed users to provide non-validated date formats, a malicious end user could expose application-settings data by providing the relevant applications-settings key instead of a valid date format.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2015-8213
MD5 | 1d1f4dce9ace349f9908cb1a0e1d55b6
Red Hat Security Advisory 2016-0156-01
Posted Feb 10, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0156-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. An information-exposure flaw was found in the Django date filter. If an application allowed users to provide non-validated date formats, a malicious end user could expose application-settings data by providing the relevant applications-settings key instead of a valid date format.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2015-8213
MD5 | 2db399f9c3bdc9974fb381ff590e13d9
Red Hat Security Advisory 2016-0129-01
Posted Feb 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0129-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. An information-exposure flaw was found in the Django date filter. If an application allowed users to provide non-validated date formats, a malicious end user could expose application-settings data by providing the relevant applications-settings key instead of a valid date format.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2015-8213
MD5 | c870df21e45859eed6520a7c00f99e87
Oracle 9i XDB FTP Pass Overflow
Posted Feb 3, 2016
Authored by MC, Tom Ryans

Oracle 9i XDB FTP PASS overflow for win32. Ported to python from the oracle9i_xdb_ftp_pass.rb exploit.

tags | exploit, overflow, python
systems | windows
advisories | CVE-2003-0727, OSVDB-2449
MD5 | c9100f7f6b673af76fc1c9cdb47b8cdb
smod Modbus Assessment Framework 1.0.1
Posted Jan 24, 2016
Authored by Farzin

smod is a modular framework with every kind of diagnostic and offensive feature you could need in order to pentest the modbus protocol. It is a full modbus protocol implementation using Python and Scapy. This software can be run on Linux/OSX under python 2.7.x.

Changes: Updated modbus implementation and added sniffer and dos modules.
tags | tool, protocol, python
systems | linux, unix, apple
MD5 | 77bf8e36ce7c8d7a915c404d38f55487
Python 3.5.1 DLL Hijacking
Posted Jan 16, 2016
Authored by Stefan Kanthak

Python version 3.5.1 installers suffer from a DLL hijacking vulnerability.

tags | exploit, python
systems | windows
MD5 | ccb6ca2b351b40417d24a426aedae613
smod Modbus Assessment Framework
Posted Jan 14, 2016
Authored by Farzin

smod is a modular framework with every kind of diagnostic and offensive feature you could need in order to pentest the modbus protocol. It is a full modbus protocol implementation using Python and Scapy. This software can be run on Linux/OSX under python 2.7.x.

tags | tool, protocol, python
systems | linux, unix, apple
MD5 | ca6cd416bd7b5b1b22357b36745154c7
Maligno 2.5
Posted Jan 4, 2016
Authored by Juan J. Guelfo | Site encripto.no

Maligno is an open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission.

Changes: Proxy basic authentication support for non-Windows platforms, bug fixes and minor adjustments.
tags | tool, web, scanner, shellcode, python
systems | unix
MD5 | 5e4d83ab881eb626b15718b4c7fcb66b
Debian Security Advisory 3425-1
Posted Dec 17, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3425-1 - Cedric Krier discovered a vulnerability in the server-side of Tryton, an application framework written in Python. An authenticated malicious user can write arbitrary values in record fields due missed checks of access permissions when multiple records are written.

tags | advisory, arbitrary, python
systems | linux, debian
advisories | CVE-2015-0861
MD5 | 15469e8756c90d96d805afd2a07d2a30
mrtparse MRT Parsing Tool 1.4
Posted Dec 14, 2015
Authored by Nobuhiro ITOU, Tetsumune KISO, Yoshiyuki YAMAUCHI | Site github.com

mrtparse is a module to read and analyze the MRT format data. The MRT format data can be used to export routing protocol messages, state changes, and routing information base contents, and is standardized in RFC6396. Programs like Quagga / Zebra, BIRD, OpenBGPD and PyRT can dump the MRT format data. Written in Python.

Changes: Various updates and bug fixes.
tags | tool, protocol, python
systems | unix
MD5 | a70c5088b7487b835b73e0874444bc80
Windows Null-Free WinExec Shellcode
Posted Dec 11, 2015
Authored by B3mB4m

This is a tool written in python to generate shellcode to use on Microsoft Windows.

tags | shellcode, python
systems | windows
MD5 | 73b1e30b9d83d6b74340662c27c7375d
Mobius Forensic Toolkit 0.5.24
Posted Dec 3, 2015
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Many updates to the C++ and python APIs. Various other improvements.
tags | tool, python, forensics
MD5 | 900c5272996e4ade4536231c8b72ebc5
Page 5 of 42
Back34567Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close