Resources
- pentestpackage – github.com
A package of Pentest scripts
Tools
- JexBoss – Jboss Verify And Exploitation Tool – github.com
JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server.
- DVNA – github.com
Damn Vulnerable Node Application (DVNA) is a Node.js web application that is damn vulnerable. Its intended purpose is to teach secure coding concepts to web developers who use Node, and to explore web application vulnerabilities in a controlled class environment or to serve as a cyber range for capture the flag events.
- fREedom – github.com
fREedom is a primitive attempt to provide an IDA Pro independent means of extracting disassembly information from executables for use with binnavi
- Binwalk – github.com
The binwalk v2.1.1 release includes many improvements
Techniques
- 12 Days of HaXmas: Advanced Persistent Printer – community.rapid7.com
Year after year we have been discussing the risk of Multi-Function Printers (MFP) in the corporate environment and how a malicious actor can easily leverage these devices to carry out attacks, including extraction of Windows Active Directory credentials via LDAP and abusing the “Scan to File” and “Scan to E-mail” features.
- Using WPScan: Finding WordPress Vulnerabilities – blog.sucuri.net
When using WPScan you can scan your WordPress website for known vulnerabilities within the core version, plugins, and themes. You can also find out if any weak passwords, users, and security configuration issues are present.
Vulnerabilities
- Juniper backdoor
Researchers from two security firms have uncovered the password guarding one of the backdoors discovered in Juniper Networks’ ScreenOS, the operating system behind its NetScreen enterprise-grade firewalls.- Juniper Backdoor Password Goes Public – threatpost.com
- Juniper Backdoor Picture Getting Clearer – threatpost.com
- Some Analysis of the Backdoored Backdoor – rpw.sh
- On the Juniper backdoor – blog.cryptographyengineering.com
- Vulnerable Joomla! Installation under active attack – www.symantec.com
A Core Remote Code Execution Vulnerability (CVE-2015-8562) in the popular content management system (CMS) Joomla! was recently discovered. The vulnerability affects all versions of Joomla! prior to 3.4.6, and while updating the CMS to the latest version will patch the bug, there are still plenty of unpatched targets out there and Symantec has observed attackers actively scanning for and attacking vulnerable servers.
- ScanNow DLL Search Order Hijacking Vulnerability and Deprecation – community.rapid7.com
In combination with a preexisting compromise or other vulnerabilities, and in the absence of sufficient mitigating measures, a system with ScanNow can allow a malicious party to execute code of their choosing leading to varying levels of additional compromise. In order to protect the small community of users who may still be using ScanNow, Rapid7 has made the decision to remove ScanNow and advises any affected users to remove ScanNow from any system that still has it.
- Introducing EvilAbigail – blog.gdssecurity.com
Tis the season to be jolly… or so they say; but it is also the season to be wary and vigilant. At GDS we were recently discussing cold boot attacks against full disk encryption on Linux systems
Leave A Comment