-
I seem to be getting a PhantomJS process spawn failure. Any idea where I could have an issue? I am installing it through gem on a Centos 7.
[*] Initializing...
[*] Preparing plugins...
[*] ... do…
-
Would you mind clarifying on this paragraph:
> While that concept is appealing, it also has security implications. We always say that security by obscurity is not security, but providing attackers …
-
I'm on Kali Rolling release. When I updated apt-get upgrade set, it said it was unpacking 7.2.3 but when running the version was listed as 7.2.2. I tried apt-get purge set and reinstalled but still re…
-
I have read through all the README. There are two parts where contain CVEs for java deserialization - `Exploits` and `Vulnerable apps`.
Why do you separate them info two parts? I think we can combine …
-
If possible, it would be better if certHostnames was always present. I would rather check the grade (and/or the cert issues bitfield) to definitively determine if a mismatch exists, and always have ce…
-
Howdy,
I've identified an interesting attack scenario against Jade/Pug. Not a vulnerability per se, but a bypass of the restricted namespace Pug implements. Take a gander at my full write-up:
htt…
-
To create a nmap style output for pentesters:
https://nmap.org/nsedoc/scripts/http-iis-short-name-brute.html
irsdl updated
8 years ago
-
## Expected Behavior
Framework should terminate without leaving traceback on terminal.
## Current Behavior
Program leaves a long traceback
## Possible Solution
Exit the program gracefull…
-
hi,
great work on the script.
any chance to have this script being somewhat more modular.
i think you're familier with lazykali, so maybe something along the lines of that.
thanks !
roy
-
As **OWTF** develops further, we need to have a distributed system with login functionality (+ collaboration across many pentesters in a team) and spreading scans through a number of nodes in a networ…