:: Deepquest ::

A bash script to launch a Soft AP, configurable with a wide variety of attack options. Includes a number of index.html and server php scripts. It Can act as multi-client captive portal using php and iptables. Launches classic exploits such as evil-PDF.

Webapp-Exploit-Payloads is a collection of payloads for common webapps. For example Joomla and WordPress. From the hundreds of different Web Application Vulnerabilities that can be found on any website, only a smallpercentage gives the intruder a direct way for executing operating system commands. And if we keepdigging into that group we‟ll identify only one or two […]

BeEF, the Browser Exploitation Framework is a professional security tool provided for lawful research and testing purposes. It allows the experienced penetration tester or system administrator additional attack vectors when assessing the posture of a target.

The WiFi Protected Setup protocol is vulnerable to a brute force attack that allows an attacker to recover an access point’s WPS pin, and subsequently the WPA/WPA2 passphrase, in just a matter of hours. Usage is simple; just specify the target BSSID and the monitor mode interface to use:             […]

WebSploit is an open source project which is used to scan and analysis remote system in order to find various type of vulnerabilities. This tool is very powerful and support multiple vulnerabilities.

HULK is a Python script, that generates randomly crafted, unique HTTP requests, generating a fair load on a web server, eventually exhausting it of resources. It uses various techniques to make the requests dynamic and thus more difficult to detect, such as randomising both User-Agent and Referer fields.

Proof of concept crash exploit for Safari on iOS that leverage a denial of service vulnerability.

Military judge refuses to drop 10 counts against Bradley Manning in … msnbc.com FORT MEADE, Md.

Zero Day Initiative Advisory 12-078 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Apple QuickTime handles file with the Sorenson v3 Codec

Zero Day Initiative Advisory 12-077 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the QuickTimeVR.qtx component