This Metasploit module takes advantage of a command injection vulnerability in the path parameter of the ajax archive file functionality within the rConfig web interface in order to execute the payload. Valid credentials for a user with administrative privileges are required.
However, this...
This is a fake DNS server that allows you to stealthily extract files from a victim machine through DNS requests.
Below are a couple of different images showing examples of multiple file transfer and single verbose file transfer:
Support for multiple files
Gzip compression supported
Now...
The Tails team is happy to publish Tails 4.5, the first version of Tails to support Secure Boot.
This release also fixes many security vulnerabilities. You should upgrade as soon as possible.
New features
Secure Boot
Tails now starts on computers with Secure Boot enabled.
If your Mac displays...
The Open Source Security Events Metadata (OSSEM) is a community-led project that focuses primarily on the documentation and standardization of security event logs from diverse data sources and operating systems. Security events are documented in a dictionary format and can be used as a reference...
HikPwn, a simple scanner for Hikvision devices with basic vulnerability scanning capabilities written in Python 3.8. This project was born out of curiosity while I was capturing and watching network traffic generated by some of Hikvision's software and devices.
Download...
