TIPS WORLD

Commando VM v1.3 – The First Full Windows-based Penetration Testing Virtual Machine Distribution

Welcome to CommandoVM – a fully customized, Windows-based security distribution for penetration testing and red teaming. Installation (Install Script) Requirements Windows 7 Service Pack 1 or Windows 10 60 GB Hard Drive 2 GB RAM Recommended Windows 10 80+ GB Hard Drive 4+ GB RAM 2 network adapters Enable Virtualization support for VM Instructions Create […]

CVE VULNERABILITIES

Vuln: Foreman CVE-2019-10198 Authorization Bypass Vulnerability

Foreman CVE-2019-10198 Authorization Bypass Vulnerability Bugtraq ID: 109151 Class: Access Validation Error CVE: CVE-2019-10198 Remote: Yes Local: No Published: Jul 12 2019 12:00AM Updated: Jul 12 2019 12:00AM Credit: The vendor reported this issue. Vulnerable: Foreman Foreman 0 Not Vulnerable:

CVE VULNERABILITIES

Vuln: Oracle July 2019 Critical Patch Update Multiple Vulnerabilities

Vulnerable: Oracle Weblogic Server 12.2.1.3.0Oracle Weblogic Server 12.1.3.0.0Oracle Weblogic Server 10.3.6.0.0Oracle WebCenter Sites 12.2.1.3.0Oracle VM VirtualBox 6.0.6Oracle VM VirtualBox 6.0.4Oracle VM VirtualBox 6.0.2Oracle VM VirtualBox 6.0Oracle VM VirtualBox 5.2.28Oracle VM VirtualBox 5.2.26Oracle VM VirtualBox 5.2.25Oracle VM VirtualBox 5.2.24Oracle VM VirtualBox 5.2.22Oracle VM VirtualBox 5.2.20Oracle Utilities Framework 4.4.0.0.0Oracle Utilities Framework 4.3.0.6.0Oracle Utilities Framework 4.3.0.5.0Oracle Utilities Framework […]

TIPS WORLD

Echidna – Ethereum Fuzz Testing Framework

Echidna is a weird creature that eats bugs and is highly electrosensitive (with apologies to Jacob Stanley) More seriously, Echidna is a Haskell library designed for fuzzing/property-based testing of EVM code. It supports relatively sophisticated grammar-based fuzzing campaigns to falsify a variety of predicates. Features Generates inputs tailored to your actual code Optional coverage guidance […]

CVE VULNERABILITIES

Vuln: Multiple F5 BIG-IP Products CVE-2019-6631 Denial of Service Vulnerability

Bugtraq ID: 109119 Class: Design Error CVE: CVE-2019-6631 Remote: Yes Local: No Published: Jul 02 2019 12:00AM Updated: Jul 11 2019 11:00AM Credit: The vendor reported this issue. Vulnerable: F5 BIG-IP WebAccelerator 11.6.4F5 BIG-IP WebAccelerator 11.6.3F5 BIG-IP WebAccelerator 11.6.2F5 BIG-IP WebAccelerator 11.6.1F5 BIG-IP WebAccelerator 11.6F5 BIG-IP WebAccelerator 11.5.9F5 BIG-IP WebAccelerator 11.5.8F5 BIG-IP WebAccelerator 11.5.7F5 BIG-IP […]

TIPS WORLD ВРАЗЛИВОСТІ

Cloud Security Audit – A Command Line Security Audit Tool For Amazon Web Services

A command line security audit tool for Amazon Web Services AboutCloud Security Audit is a command line tool that scans for vulnerabilities in your AWS Account. In easy way you will be able to identify unsecure parts of your infrastructure and prepare your AWS account for security audit.InstallationCurrently Cloud Security Audit does not support any […]

TIPS WORLD

WinObjEx64 – Windows Object Explorer 64-Bit

WinObjEx64 is an advanced utility that lets you explore the Windows Object Manager namespace. For certain object types, you can double-click on it or use the “Properties…” toolbar button to get more information, such as description, attributes, resource usage etc. WinObjEx64 let you view and edit object-related security information if you have required access rights. […]

CVE VULNERABILITIES

Vuln: Symantec Messaging Gateway CVE-2019-12751 Privilege Escalation Vulnerability

Vulnerable: Symantec Messaging Gateway 10.7Symantec Messaging Gateway 10.6.3Symantec Messaging Gateway 10.5.2Symantec Messaging Gateway 10.5.1Symantec Messaging Gateway 10.5Symantec Messaging Gateway 10.0.1Symantec Messaging Gateway 9.5.4Symantec Messaging Gateway 9.5.3Symantec Messaging Gateway 9.5.3-3Symantec Messaging Gateway 9.5.2Symantec Messaging Gateway 9.5.1Symantec Messaging Gateway 9.5Symantec Messaging Gateway 10.6.6Symantec Messaging Gateway 10.6.5Symantec Messaging Gateway 10.6.4Symantec Messaging Gateway 10.6.3-267Symantec Messaging Gateway 10.6.3-266Symantec Messaging Gateway […]

CVE VULNERABILITIES

Vuln: GitLab CVE-2018-19493 HTML Injection Vulnerability

GitLab CVE-2018-19493 HTML Injection Vulnerability Bugtraq ID: 109122 Class: Input Validation Error CVE: CVE-2018-19493 Remote: Yes Local: No Published: Jul 10 2019 12:00AM Updated: Jul 10 2019 12:00AM Credit: James Ritchey Vulnerable: Gitlab GitLab Enterprise Edition 11.5Gitlab GitLab Enterprise Edition 11.4Gitlab GitLab Enterprise Edition 11.3Gitlab GitLab Community Edition 11.5Gitlab GitLab Community Edition 11.4Gitlab GitLab Community […]

CVE VULNERABILITIES

Vuln: GitLab CVE-2018-19575 Security Vulnerability

GitLab CVE-2018-19575 Security Vulnerability Bugtraq ID: 109121 Class: Access Validation Error CVE: CVE-2018-19575 Remote: Yes Local: No Published: Jul 10 2019 12:00AM Updated: Jul 10 2019 12:00AM Credit: James Ritchey Vulnerable: Gitlab GitLab Enterprise Edition 11.5Gitlab GitLab Enterprise Edition 11.4Gitlab GitLab Enterprise Edition 11.3Gitlab GitLab Enterprise Edition 10.1Gitlab GitLab Community Edition 11.5Gitlab GitLab Community Edition […]