Pentest-Tools
Perform Online Security Assessments We provide you with more than 20 tools trusted by millions of users
read more »Author Archives: Pentester
VulDB
Number 1 vulnerability database worldwide with more than 108000 entries available. Our specialists work with the crowd-based community to document the latest vulnerabilities on a daily basis since 1970. Besides technical details there are additional threat intelligence information like current risk levels and exploit price forecasts provided. https://vuldb.com/
read more »
Offensive Security’s Exploit Database Archive
The Exploit Database – ultimate archive of Exploits, Shellcode, and Security Papers. New to the site? Learn about the Exploit Database. https://www.exploit-db.com/
read more »
Rapid7 Vulnerability Database
The Rapid7 Vulnerability Database is a list of 70,000 vulnerabilities for security analyst and researchers to identify and address known security issues through vulnerability management solutions. Each vulnerability has links to relevant groups like Mitre and other CVE Numbering Authorities as well as additional technical documentation. These vulnerabilities are utilized by our vulnerability management tool Nexpose and […]
read more »
CVE Details
www.cvedetails.com provides an easy to use web interface to CVE vulnerability data. You can browse for vendors, products and versions and view cve entries, vulnerabilities, related to them. You can view statistics about vendors, products and versions of products. CVE details are displayed in a single, easy to use page, see a sample here. CVE vulnerability data […]
read more »
NATIONAL VULNERABILITY DATABASE
NVD is the U.S. government repository of standards based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance. NVD includes databases of security checklists, security related software flaws, misconfigurations, product names, and impact metrics. NVD is a product of the NIST Computer Security Division, Information Technology Laboratory and is sponsored by […]
read more »
Google Finds 7 Security Flaws in Widely Used Dnsmasq Network Software
Security researchers have discovered not one or two, but a total of seven security vulnerabilities in the popular open source Dnsmasq network services software, three of which could allow remote code execution on a vulnerable system and hijack it. Dnsmasq is a widely used lightweight network application tool designed to provide DNS (Domain Name System) […]
read more »
Custom Metasploit payload with UAC bypass
The machine I am attacking has anti-virus installed. I have managed to use Veil Framework in order to create an initial reverse shell payload that is undetected by the AV. However, UAC is enabled on the Windows 7 target. I am trying to use Metasploit’s exploit/windows/local/ask in order to prompt the user, in the hope that they click yes […]
read more »
PWK and OSCP my experience
Hello people,So today I passed the OSCP exam. It was a long road but totally worth it, so I decided to share the story about this lovely journey to get the OSCP certificate and some of the mistakes I made and hope that you won’t make the same mistakes :). The first thing I want […]
read more »
I tried harder | My experience with the OSCP certification
Sometimes, there comes a point in your life where you feel that you’re stuck in a routine, drowning in boredom and useless stress, your career is becoming dull, and you just feel that you’re no longer learning anything new; even worse, you’re no longer working on what you’re good at, you’re losing the skills you worked hard for, and there’s […]
read more »