TSEC NEWS: 06.05.21 Cron-Job Fehlerhaft nach PHP Update + PWA mobile + Desktop / 04.05.21 - Android App von TSECURITY 28.04.21 - NEUER SERVER // 26.04.21 ++ Download the Electron-App für tsecurity.de // Über 550 Feed-Quellen


❈ Pentest Tools Framework - A Database Of Exploits, Scanners And Tools For Penetration Testing

IT Security Nachrichten feedproxy.google.com




Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities.

NEWS Modules PTF UPDATE
PTF OPtions
        -------------------------------------------------------------------------------------
| Global Option |
-------------------------------------------------------------------------------------
| Command Description |
|-----------------------------------------------------------------------------------|
| show modules | Look this modules |
| show options | Show Current Options Of Selected Module |
| ipconfig | Network Informasion |
| shell | Execution Command Shell >[ctrl+C exit shell ] |
| use | Select Tipe Module For Use |
| set | Select Modules For Use |
| run | Excute modules |
| update | Update Pentest Framework |
| banner | PTF Banner |
| about | Informasion Tools |
| credits | Credits && Thanks |
| clear | Clean Pentest input/output |
| exit | Exit the progam |
-------------------------------------------------------------------------------------
Modules
        +-----------------------------------------------------------------------------------------------------------------------------------+
| EXPLOITS |
-------------------------------------------------------------------------------------------------------------------------------------
| COMMANDS Rank Description |
-------------------------------------------------------------------------------------------------------------------------------------
| exploit/abrt_privilege_escalation | normal | ABRT - sosreport Privilege Escalation |
| exploit/web_delivery | good | Script Web Delivery |
| exploit/apache | good | Apache exploit |
| exploit/shellshock | good | cgi-bin/vulnerable shellshock |
| exploit/davtest | good | Testing tool for webdav server |
| exploit/auto_sql | good | auto with sqlmap |
| exploit/ldap_buffer_overflow | normal | Apache module mod_rewrite LDAP protocol Buffer Overflow |
| exploit/vbulletin_rce | good | vBulletin 5.x 0day pre-quth RCE exploit |
| exploit/cmsms_showtime2_rce | normal | CMS Made Simple (CM SMS) Showtime2 File Upload RCE |
| exploit/awind_snmp_exec | good | AwindInc SNMP Service Command Injection |
| exploit/webmin_packageup_rce | excellent | Webmin Package Updates Remote Command Execution |
| exploit/samsung_knox_smdm_url | good | Samsung Galaxy KNOX Android Browser RCE |
| exploit/cisco_dcnm_upload_2019 | excellent | Cisco Data Center Network Manager Unauthenticated Remote Code Execution |
| exploit/zenworks_configuration | excellent | Novell ZENworks Configuration Ma nagement Arbitrary File Upload |
| exploit/cisco_ucs_rce | excellent | Cisco UCS Director Unauthenticated Remote Code Execution |
| exploit/sonicwall | normal | Sonicwall SRA <= v8.1.0.2-14sv remote exploit |
| exploit/bluekeep | good | cve 2019 0708 bluekeep rce |
| exploit/eternalblue | good | MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption |
| exploit/inject_html | normal | Inject Html code in all visited webpage |
| exploit/robots | normal | robots.txt Detected |
| exploit/jenkins_script_console | good | Jenk ins-CI Script-Console Java Execution |
| exploit/php_thumb_shell_upload | good | php shell uploads |
| exploit/cpanel_bruteforce | normal | cpanel bruteforce |
| exploit/cms_rce | normal | CMS Made Simple 2.2.7 - (Authenticated) Remote Code Execution |
| exploit/joomla_com_hdflayer | manual | joomla exploit hdflayer |
| exploit/wp_symposium_shell_upload | good | symposium shell upload |
| exploit/joomla0day_com_myngallery | good | exploits com myngallery |
| exploit/jm_auto_change_pswd | normal | vulnerability |
| exploit/android_remote_access | expert | Remote Acces Administrator (RAT) |
| exploit/power_dos | manual | Denial Of Service |
| exploit/tp_link_dos | normal | TP_LINK DOS, 150M Wireless Lite N Router, Model No. TL-WR740N |
| exploit/joomla_com_foxcontact | high | joomla foxcontact |
| exploit/joomla_simple_shell | high | joomla simple shell |
| exploit/joomla_comfields_sqli_rce | high | Joomla Component Fields SQLi Remote Code Execution |
| exploit/inj ect_javascript | normal | Inject Javascript code in all visited webpage |
| exploit/dns_bruteforce | high | Dns Bruteforce with nmap |
| exploit/dos_attack | normal | hping3 dos attack |
| exploit/shakescreen | high | Shaking Web Browser content |
| exploit/bypass_waf | normal | bypass WAf |
| exploit/enumeration | high | simple enumeration |
| exploit/restrict_anonymous | normal | obtain credentials |< br/> | exploit/openssl_heartbleed | high | dump openssl_heartbleed |
| exploit/samba | good | Samba EXploits |
| exploit/smb | good | Albitary samba exploit |
| exploit/webview_addjavascriptinterface | good | Android Browser and WebView addJavascriptInterface Code Execution |
-------------------------------------------------------------------------------------------------------------------------------------

        +------------------------------------------------------------------------------------------------------------------------------------+
| SCANNERS |
--------------------------------------------------------------------------------------------------------------------------------------
| COMMANDS Rank Description |
--------------------------------------------------------------------------------------------------------------------------------------
| scanner/enumiax | good | protocol username enumeration |
| scanner/wordpress_user_dislosure | normal | wordpress 5.3 User Disclosu re |
| scanner/botnet_scanning | normal | Bootnet Scanning, first need to find the botnet IP |
| scanner/check_ssl_certificate | normal | SSL Certificate |
| scanner/http_services | normal | Gather page titles from HTTP services |
| scanner/dnsrecon | normal | Record enumeration |
| scanner/sslscan | normal | SSL Scanner |
| scanner/ssl_cert | normal | Nmap script ssl-cert |
| scanner/dns_zone_transfer | normal | Dns Zone transfer |
| scanner/dns_bruteforce | normal | Dns Bruteforce |
| scanner/zone_walking | normal | Zone walking |
| scanner/web_services | normal | Get HTTP headers of web services |
| scanner/http_enum | normal | Find web apps from known paths |
| scanner/ddos_reflectors | normal | Scan for UDP DDOS reflectors |
| scanner/grabbing_detection | normal | Lighter banner grabbing detection |
| scanner/discovery | normal | Scan selected ports - ignore discovery |
| scanner/bluekeep | good | CVE-2019-0708 BlueKeep Microsoft Remote Desktop RCE Check |
| scanner/drupal_scan | good | drupal scanner |
| scanner/eternalblue | good | SMB RCE Detection |
| scanner/header | good | header Scanner with nmap |
| scanner/firewalk | good | firewalk |
| scanner/whois | high | whois |
| scanner/dmitry | good | Information Gathering Tool |
| scanner/admin_finder | normal | Admin finder |
| scanner/heartbleed | normal | heartbleed scanner vulnerability |
| scanner/wordpress_scan | normal | wordpress scanner |
| scanner/ssl_scanning | good | SSL Vulnerability Scanning |
| scanner/dns_bru teforce | normal | dns bruteforce |
| scanner/nmap_scanner | normal | port scanners nmap |
| scanner/https_discover | normal | https discover |
| scanner/smb_scanning | good | scan vulnerable SMB server |
| scanner/joomla_vulnerability_scanners | high | vulnerability |
| scanner/mysql_empty_password | good | mysql empty password Detected |
| scanner/joomla_scanners_v.2 | good | joomla scaning |
| scanner/joomla_scanners_v3 | normal | joomla scaning |
| scanner/jomscan_v4 | good | scan joomla |
| scanner/webdav_scan | normal | webdav scan vulnerable |
| scanner/joomla_sqli_scanners | high | vulnerability scanners |
| scanner/lfi_scanners | good | lfi bug scan |
| scanner/port_scanners | manual | port scan |
| scanner/dir_search | high | directory webscan |
| scanner/dir_bruteforce | good | directory Scanning |
| scanner/wordpress_user_scan | good | get wordpress username |
| scanner/cms_war | high | FULL SCAN ALL WEBSITES |
| scanner/usr_pro_wordpress_auto_find | norma | find user vulnerability |
| scanner/nmap_vuln | normal | vulnerability Scanner |
| scanner/xss_scaner | normal | Detected vulnerabilit y xss |
| scanner/spaghetti | high | Web Application Security Scanner |
| scanner/dnslookup | normal | dnslookup scan |
| scanner/reverse_dns | normal | Reverse Dns Lookup |
| scanner/domain_map | normal | scanner domain map |
| scanner/dns_report | normal | dns report |
| scanner/find_shared_dns | normal | find shared dns |
| scanner/golismero | norm al | scan vulnerability with golismero |
| scanner/dns_propagation | low | dns propagation |
| scanner/find_records | normal | find records |
| scanner/cloud_flare | normal | cloud flare |
| scanner/extract_links | normal | links extract |
| scanner/web_robot | normal | web robots scanner |
| scanner/enumeration | normal | http-enumeration |
| scanner/ip_locator | good | ip Detected LOcator |
--------------------------------------------------------------------------------------------------------------------------------------

        +----------------------------------------------------------------------------------------------------------+
| POST |
------------------------------------------------------------------------------------------------------------
| COMMANDS Rank Description |
------------------------------------------------------------------------------------------------------------
| post/enumeration | normal | http-enumeration |
| post/vbulletin | high | exploits |
| post/wordpress_user_scan | good | scanners |
| post/dir _search | high | scanners |
| post/cms_war | high | scanners |
| post/usr_pro_wordpress_auto_find | normal | scanners |
| post/android_remote_access | good | exploits |
| post/samba | good | exploits |
------------------------------------------------------------------------------------------------------------

        +----------------------------------------------------------------------------------------------------------+
| PASSWORD |
------------------------------------------------------------------------------------------------------------
| COMMANDS Rank Description |
------------------------------------------------------------------------------------------------------------
| password/base64_decode | good | base64 decode |
| password/md5_decrypt | good | md5 decrypt |
| password/sha1_decrypt | good | sha1 decrypt |
| password/ sha256_decrypt | good | sha256 decrypt |
| password/sha384_decrypt | good | sha384 decrypt |
| password/sha512_decrypt | good | sha512 decrypt |
| password/ssh_bruteforce | good | ssh password bruteforce |
------------------------------------------------------------------------------------------------------------

        +------------------------------------------------------------------------------------------------------------------------------------+
| LISTENERS MODULES |
--------------------------------------------------------------------------------------------------------------------------------------
| COMMANDS Rank Description |
--------------------------------------------------------------------------------------------------------------------------------------
| android_meterpreter_reverse_tcp | good | Android Meterpreter, Android Reverse TCP Stager |
| android_meterpreter_reverse_https | good | Android Meterpreter, Android Reverse HTTPS Stager |
| java_jsp_shell_reverse_tcp | good | Java JSP Command Shell, Reverse TCP Inline |
| linux_x64_meterpreter_reverse_https | good | linux/x64/meterpreter_reverse_https |
| linux_x64_meterpreter_reverse_tcp | good | Linux Meterpreter, Reverse TCP Inline |
| linux_x64_shell_reverse_tcp | good | Linux Command Shell, Reverse TCP Stager |
| osx_x64_meterpreter_reverse_https | good | OSX Meterpreter, Reverse HTTPS Inline |
| osx_x64_meterpreter_reverse_tcp | good | OSX Meterpreter, Reverse TCP Inline |
| php_meterpreter_reverse_tcp | good | PHP Meterpreter, PHP Reverse TCP Stager |
| python_meterpreter_reverse_https | good | Python Meterpreter Shell, Reverse HTTPS Inline |
| python_meterpreter_reverse_tcp | good | python/meterpreter_reverse_tcp |
| windows_x64_meterpreter_reverse_https | good | Windows Meterpreter Shell, Reverse HTTPS Inline (x64) |
| windows_x64_meterpreter_reverse_tcp | good | Windows Meterpreter Shell, Reverse TCP Inline x64 |
| cmd_windows_reverse_powershell | good | Windows Command Shell, Reverse TCP (via Powershell) |
+------------------------------------------------------------------------------------------------------------------------------------+

About Pentest Tools Framework
INFO: Pentest Tools Framework is a database of exploits, Scanners
and tools for penetration testing. Pentest is a powerful
framework includes a lot of tools for beginners. You can explore
kernel vulnerabilities, network vulnerabilities.

How to install PTF(Pentest Tools Framework)
[email protected]~# cd Pentest-Tools-Framework
[email protected]~# pip install -r requirements.txt
[email protected]~# python install.py
[email protected]~# PTF
INFO: After running install.py you should
select your backbox/kali linux /parrot Os , all computer OS,

About Pentest Tools Framework modules
Exploits
INFO: A computer program, piece of code,
or sequence of commands that exploit vulnerabilities
in software and are used to carry out an attack on a
computer system. The purpose of the attack can be as a
seizure of control over the system, and the violation
of its functioning!
Scanners
INFO: The program that scans the specified Internet resource,
archive or website. Also network scanners can scan open ports or
your local network and IPs!

Why Pentest Tools Framework?
Pentest Tools Framework is a free software
INFO: This is a good platform
to start exploring vulnerabilities!
Simple UX/UI interface for beginners
INFO: Pentest Tools Framework has simple UX/UI for beginners!
It is easy to understand and it will be easier
for you to master the Pentest Tools Framework.
A lot of tools for beginners
INFO: Pentest Tools Framework has еру following modules
exploits - scanners - password
This is enough for beginners.


...


Kompletten Artikel lesen (externe Quelle: http://feedproxy.google.com/~r/PentestTools/~3/Y6MNLlqvjcY/pentest-tools-framework-database-of.html)

Zur Startseite

➤ Weitere Beiträge von Team Security | IT Sicherheit (tsecurity.de)

Lockdoor Framework - A Penetration Testing Framework With Cyber Security Resources

vom 873.14 Punkte
Lockdoor Framework : A Penetration Testing Framework With Cyber Security Resources.09/2019 : 1.0Beta Information Gathring Tools (21) Web Hacking Tools(15) Reverse Engineering Tools (15) Exploitation Tools (6) Pentesting & Security Assessment Findings Report Temp

Pentest Tools Framework - A Database Of Exploits, Scanners And Tools For Penetration Testing

vom 775.93 Punkte
Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities.NEWS Modules PTF UPDATEPTF OPtions

Docker for Pentest - Image With The More Used Tools To Create A Pentest Environment Easily And Quickly

vom 693.03 Punkte
Docker for pentest is an image with the more used tools to create an pentest environment easily and quickly.FeaturesOS, networking, developing and pentesting tools installed.Connection to HTB (Hack the Box) vpn to access HTB machines.Popular wordlists i

Awesome Android Security - A Curated List Of Android Security Materials And Resources For Pentesters And Bug Hunters

vom 410.64 Punkte
A curated list of Android Security materials and resources For Pentesters and Bug Hunters.Blog AAPG - Android application penetration testing guide TikTok: three persistent arbitrary code executions and one theft of arbitrary files Persistent arbitrary code execution

EHTools Framework: A Framework Of Serious Penetration Tools And Wi-Fi Pentesting

vom 394.73 Punkte
About EHTools Framework   Wi-Fi tools keep getting more and more accessible to beginners, and the EHTools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used f

Lockdoor-Framework: A PenTesting Framework With Cyber Security Resources

vom 387.89 Punkte
About Lockdoor-Framework    Author: SofianeHamlaoui Github: SofianeHamlaoui Twitter: S0fianeHamlaoui Facebook: S0fianeHamlaoui    Tested on: Kali Linux, Ubuntu, Arch Linux, Fedora, OpenSuse and Windows (Cygwin)   LockDoor is a Framework

Command Injection Payload List

vom 314.26 Punkte
Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP header

Capsulecorp-Pentest - Vagrant VirtualBox Environment For Conducting An Internal Network Penetration Test

vom 307.75 Punkte
Vagrant VirtualBox Environment For Conducting An Internal Network Penetration Test.1. Capsulecorp PentestThe Capsulecorp Pentest is a small virtual network managed by vagrant and ansible. It contains five virtual machines, including one Linux attacking sys

.NET Framework May 2019 Security and Quality Rollup

vom 297.89 Punkte
Today, we are releasing the May 2019 Cumulative Update, Security and Quality Rollup, and Security Only Update. Security CVE-2019-0820 – Denial of Service Vulnerability A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings. An attacker who successfully explo

.NET Framework September 2019 Security and Quality Rollup

vom 285.66 Punkte
Today, we are releasing the September 2019 Cumulative Update, Security and Quality Rollup, and Security Only Update for .NET Framework. Security CVE-2019-1142– .NET Framework Elevation of Privilege Vulnerability An elevation of privilege vulnerability exists when the .NET Framework common language runtime (CLR) allows file creation in ar

Strelka - Scanning Files At Scale With Python And ZeroMQ

vom 282.27 Punkte
Strelka is a real-time file scanning system used for threat hunting, threat detection, and incident response. Based on the design established by Lockheed Martin's Laika BOSS and similar projects (see: related projects), Strelka's purpose is to perfor

.NET Framework May 2020 Security and Quality Rollup Updates

vom 280.53 Punkte
Today, we are releasing the May 2020 Security and Quality Rollup Updates for .NET Framework. Security CVE-2020-0605 – .NET Framework Remote Code Execution Vulnerability A remote code execution vulnerability exists in .NET software when the software

Team Security Diskussion über Pentest Tools Framework - A Database Of Exploits, Scanners And Tools For Penetration Testing