PRINT
PRINT
SEND MAIL
SEND MAIL
EXPLOIT-COLLECTOR

TestLink Open Source Test Management Code Execution

TestLink Open Source Test Management versions prior to 1.9.16 remote proof of concept code execution exploit.

MacMoodleMooscanNEW TOOLS

Mooscan – A Scanner For Moodle LMS

A scanning tool for Moodle LMS.Key BenefitsAllows administrators to determine exactly what is visible externally in their Moodle installation.A tool for penetration testers to find potential vulnerabilities in a Moodle installation by enumerating installed plugins, themes and libraries.Road MapTo be defined once the basic (MVP!) tool is released, functional and reliable.Download Mooscan

HTTP ScreenshotNEW TOOLSSSL/TLSWebscreenshot

Webscreenshot – A Simple Script To Screenshot A List Of Websites

A simple script to screenshot a list of websites, based on the url-to-image phantomjs script.FeaturesIntegrating url-to-image 'lazy-rendering' for AJAX resourcesFully functional on Windows and Linux systemsCookie and custom HTTP header definition supportMultiprocessing and killing of unresponding processes after a user-definable timeoutAccepts several format as input targetMaps useful options of phantomjs such as ignoring ssl error, proxy definition and proxy authentication, HTTP Basic AuthenticationUsagePut your targets in a text file and pass it to the script (-i).Screenshots will be available in your current ./screenshots/ directory…

EXPLOIT-COLLECTOR

ClipBucket beats_uploader Unauthenticated Arbitrary File Upload

This Metasploit module exploits a vulnerability found in ClipBucket versions before 4.0.0 (Release 4902). A malicious file can be uploaded using an unauthenticated arbitrary file upload vulnerability. It is possible for an attacker to upload a malicious script to issue operating system commands. This issue is caused by improper session handling in /action/beats_uploader.php file. This Metasploit module was tested on ClipBucket before 4.0.0 - Release 4902 on Windows 7 and Kali Linux.

BurpChrome ExtensionFirefox ExtensionInsecure LibrariesJavaScriptNEW TOOLSNode.jsOWASP ZAPRetire.jsScanSoftware Composition AnalysisVulnerable Libraries

Retire.Js – Scanner Detecting The Use Of JavaScript Libraries With Known Vulnerabilities

What you require you must also retireThere is a plethora of JavaScript libraries for use on the Web and in Node.JS apps out there. This greatly simplifies development,but we need to stay up-to-date on security fixes. "Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10 list of security risks and insecure libraries can pose a huge risk to your Web app. The goal of Retire.js is to help you detect the use of JS-library versions with known vulnerabilities.Retire.js can…