News

[BeEF] Mapping your LAN from a web browser: Introducing the Network extension for BeEF [2016-06-08]

[SSRF Proxy] SSRF Proxy version 0.0.3 released [2016-05-29]

[BeEF] Text to Voice module [2016-05-14]

[Metasploit] Dell Kace K1000 unauthenticated remote root exploit [2016-04-13]

[Metasploit] D-Link DCS-931L File Upload exploit [2016-01-04]

[SSRF Proxy] SSRF Proxy version 0.0.2 released [2015-11-14]

[BeEF] Get Proxy Servers (WPAD) module [2015-10-11]

[Metasploit] ProjectSend Arbitrary File Upload exploit [2014-12-23]

[Metasploit] ActualAnalyzer 'ant' Cookie Command Execution exploit [2014-12-07]

[BeEF] Shell Shock Scanner (Reverse Shell) module [2014-10-30]

[Metasploit] CUPS Filter Bash Environment Variable Code Injection exploit [2014-10-20]

[Metasploit] HybridAuth install.php PHP Code Execution exploit [2014-08-17]

[Metasploit] SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write exploit [2014-02-25]

[Metasploit] Simple E-Document Arbitrary File Upload exploit [2014-01-24]

[BeEF] Redis inter-protocol module [2014-01-08]

[Metasploit] OpenSIS 'modname' PHP Code Execution exploit [2013-12-09]

[Metasploit] Kimai v0.9.2 'db_restore.php' SQL Injection exploit [2013-11-23]

[Metasploit] ProcessMaker Open Source Authenticated PHP Code Execution exploit [2013-10-29]

[Metasploit] Open Flash Chart v2 Arbitrary File Upload exploit [2013-10-24]

[Metasploit] WebTester 5.x Command Execution exploit [2013-10-17]

[Metasploit] VMware Hyperic HQ Groovy Script-Console Java Execution exploit [2013-10-10]

[Metasploit] FlashChat Arbitrary File Upload exploit [2013-10-05]

[Metasploit] MiniWeb (Build 300) Arbitrary File Upload exploit [2013-08-14]

[Metasploit] Open-FTPD 1.2 Writable Directory Traversal Execution exploit [2013-08-12]

[Metasploit] Glossword Arbitrary File Upload Vulnerability exploit [2013-02-24]

[Metasploit] Kordil EDMS File Upload Vulnerability exploit [2013-02-22]

[Metasploit] ZoneMinder Arbitrary Command Execution exploit [2013-01-22]

[Metasploit] php-Charts v1.0 PHP Code Execution exploit [2013-01-20]

[Metasploit] eXtplorer v2.1 Authentication Bypass exploit [2012-12-30]

[Metasploit] QNX QCOMM Command Execution exploit [2012-09-30]

[Metasploit] ZEN Load Balancer Filelog Command Execution exploit [2012-09-21]

[Metasploit] Openfiler v2.x NetworkCard Command Execution exploit [2012-09-09]

[Metasploit] WANem v2.3 Command Execution exploit [2012-09-08]

[Metasploit] TestLink v1.9.3 Arbitrary File Upload exploit [2012-08-13]

[Metasploit] Zenoss 'showDaemonXMLConfig' Command Execution exploit [2012-07-29]

[Metasploit] CuteFlow v2.11.2 Arbitrary File Upload exploit [2012-07-27]

[Metasploit] TFM MMPlayer (m3u/ppl File) Buffer Overflow exploit [2012-06-13]

[Research] ActiveX, Remote DoS and XSS [2012-04-13]

[Research] Privilege escalation and remote inter-protocol exploitation with EXTRACT 0.5.1 [2011-12-16]

[Research] Abusing browser news URL handlers [2011-09-18]

[Research] Bitcoin - fun, profit and anonymity on the wire - part 1 [2011-05-20]

[Tools] WhatWeb.net created [2010-09-19]

[Research] Fingerprinting Browsers Using Protocol Handlers [2010-03-29]

[Research] Escalating Wordpress 2.6 search XSS to Arbitrary File Upload [2008-08-27]