:: Deepquest ::

BeEF, the Browser Exploitation Framework is a professional security tool provided for lawful research and testing purposes. It allows the experienced penetration tester or system administrator additional attack vectors when assessing the posture of a target.

WebSploit is an open source project which is used to scan and analysis remote system in order to find various type of vulnerabilities. This tool is very powerful and support multiple vulnerabilities.

Proof of concept crash exploit for Safari on iOS that leverage a denial of service vulnerability.

Zero Day Initiative Advisory 12-078 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Apple QuickTime handles file with the Sorenson v3 Codec

Zero Day Initiative Advisory 12-077 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the QuickTimeVR.qtx component

Zero Day Initiative Advisory 12-076 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple’s QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Zero Day Initiative Advisory 12-075 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application decodes video samples encoded with the RLE codec

Intercepter-NG [Console Edition] is a sniffer that offers various capabilities including sniffing for password hashes related to ORACLE/MYSQL/VNC/NNTP/CVS/WWW/HTTP/SOCKS/MRA/FTP/POP3/SMTP/IMAP/LDAP/AIM. It works on NT/Linux/BSD/IOS/Android and is optimized for screen size 80×30 or higher.

Apple Security Advisory 2012-05-15-1 – QuickTime 7.7.2 is now available and addresses multiple security issues. Multiple stack overflows existed in QuickTime’s handling of TeXML files. A heap overflow existed in QuickTime’s handling of text tracks.

Apple Quicktime does not properly parse .pct media files, which causes a corruption in module DllMain by opening a malformed file with an invalid value located in PoC repro01.pct at offset 0x20E. Quicktime Player version 7.7.1 (1680.42) on Windows XP SP 3 – PT_BR is confirmed affected.