Aggregator

KrbRelayEx KrbRelayEx is a tool designed for performing Man-in-the-Middle (MitM) attacks by relaying Kerberos AP-REQ tickets. It listens for incoming SMB connections and forwards the AP-REQ to the target host, enabling access to SMB...

The post KrbRelayEx: Kerberos Relay and Forwarder for (Fake) SMB MiTM Server appeared first on Penetration Testing Tools.

subparse Subparse is a modular framework developed by Josh Strochein, Aaron Baker, and Odin Bernstein. The framework is designed to parse and index malware files and present the information found during the parsing in...

The post subparse: Modular malware analysis artifact collection and correlation framework appeared first on Penetration Testing Tools.

Spyre Spyre is a simple host-based IOC scanner built around the YARA pattern matching engine and other scan modules. The main goal of this project is the easy operationalization of YARA rules and other indicators of...

The post spyre: simple YARA-based IOC scanner appeared first on Penetration Testing Tools.

Наука не остановилась даже в год глобальной турбулентности.

蓝色起源新格伦火箭首次发射前启动关键测试； 小米卢伟冰回应「REDMI 汽车」： 完全没计划；华为之后全球第二家，三星三折叠屏曝光； 特朗普隔空喊话救 TikTok，法律人士表示不容乐观

小米汽车亮相一周年官宣：交付量达 13 万辆12 月 28 日，小米汽车宣布，截至目前，小米 SU7 全年交付量已超过 13 万辆，已提前完成全年所有目标。据小米汽车透露，今年来，小米汽车持续布局销售

手机上安装了一个年度倒计时的软件，安装的时候距离年末还剩200多天，仿佛还是昨天发生的事情，结果一眨眼2024就要结束了。2024年，和朋友一起

A vulnerability was found in Mozilla Thunderbird up to 1.4 and classified as problematic. This issue affects some unknown processing. The manipulation leads to numeric error. The identification of this vulnerability is CVE-2009-2535. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

This post first appeared on blog.netwrix.com and was written by Dirk Schrader.
Many common password attack methods are quite straightforward — much like trying various physical keys to open the lock on a door. For example, in brute force attacks, adversaries systematically guess passwords until they find the correct one. Or instead of simply guessing, they can use a list of username/password combinations leaked from other breaches … Continued

A vulnerability was found in MikroTik RouterOS 5.15. It has been rated as critical. This issue affects some unknown processing in the library roteros.dll. The manipulation leads to configuration. The identification of this vulnerability is CVE-2012-6050. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in VMware View up to 5.1.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Tunnel-Server. The manipulation leads to path traversal. This vulnerability is handled as CVE-2012-5978. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Cisco Prime Network Control System and classified as problematic. This vulnerability affects unknown code of the component Login Page. The manipulation leads to cross site scripting. This vulnerability was named CVE-2012-5990. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in FreeSSHD 1.2.1/1.2.2/1.2.6 on Windows. Affected is an unknown function of the file freeSSHd.exe of the component Authentication Handler. The manipulation leads to improper authentication. This vulnerability is traded as CVE-2012-6066. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to disable the affected component.

A vulnerability has been found in Fedorahosted cronie 1.4.8 and classified as problematic. This vulnerability affects unknown code of the component crontab. The manipulation leads to information disclosure. This vulnerability was named CVE-2012-6097. The attack can be initiated remotely. There is no exploit available.