PRINT
PRINT
SEND MAIL
SEND MAIL

Vulmap – Web Vulnerability Scanning And Verification Tools

Vulmap is a vulnerability scanning tool that can scan for vulnerabilities in Web containers, Web servers, Web middleware, and CMS and other Web programs, and has vulnerability exploitation functions. Relevant testers can use vulmap to detect whether ...

Continue reading

Cloudsplaining – An AWS IAM Security Assessment Tool That Identifies Violations Of Least Privilege And Generates A Risk-Prioritized Report

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report.Example reportDocumentationFor full documentation, please visit the project on ReadTheDocs.InstallationChea...

Continue reading

Server Side Template Injection Payloads

Server-side template injection is when an attacker is able to use native template syntax to inject a malicious payload into a template, which is then executed server-side.Template engines are designed to generate web pages by combining fixed templates ...

Continue reading

AutoSploit v4.0 – Automated Mass Exploiter

As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets can be collected automatically through Shodan, Censys or Zoomeye. But options to add your custom targets and host lists have been included as well. The ...

Continue reading

Vulnado – Purposely Vulnerable Java Application To Help Lead Secure Coding Workshops

This application and exercises will take you through some of the OWASP top 10 Vulnerabilities and how to prevent them.Up and runningInstall Docker for MacOS or Windows. You'll need to create a Docker account if you don't already have one.git clone git:...

Continue reading

AutoSploit v3.0 – Automated Mass Exploiter

As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets can be collected automatically through Shodan, Censys or Zoomeye. But options to add your custom targets and host lists have been included as well. The ...

Continue reading

JSShell – An Interactive Multi-User Web JS Shell

An interactive multi-user web based javascript shell. It was initially created in order to debug remote esoteric browsers during experiments and research. This tool can be easily attached to XSS (Cross Site Scripting) payload to achieve browser remote ...

Continue reading

BYOB – Build Your Own Botnet

BYOB (Build Your Own Botnet)Disclaimer: This project should be used for authorized testing or educational purposes only.BYOB is an open-source project that provides a framework for security researchers and developers to build and operate a basic botnet...

Continue reading

AutoSploit v2.2 – Automated Mass Exploiter

As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets can be collected automatically through Shodan, Censys or Zoomeye. But options to add your custom targets and host lists have been included as well. The ...

Continue reading

HTTP.sys Denial of Service (MS15-034 /CVE-2015-1635) Simple Demo

    HTTP.sys Denial of Service (MS15-034 /CVE-2015-1635) Range Header Integer Overflow.   The vulnerability is due to crafted HTTP request by passing large value in Range header, IIS fails to validate the value properly leading to Denial...

Continue reading

©2021 By Cyber Sec Labs

   

CONTACT US

We're not around right now. But you can send us an email and we'll get back to you, asap.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account