Jump to content

Search the Community

Showing results for tags 'vulnerability'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

Found 8 results

  1. Hi all, i'm undertaking a project to determine which vulnerability scanning tools within Kali Linux are best suited for the job, there were three tools tested and these were, Nikto, Sparta and OpenVAS. The results that these scans returned when scanning metasploitable 2 with a Kali linux machine are as follows: Metasploitable 2 Nikto 15 Sparta 46 OpenVAS 144 These results are solely the number of vulnerabilities that were returned, OpenVAS seems to be the right cho
  2. Sometimes you discovering a vulnerability when you don’t search for and sometimes finally like this, it’s simply a false alert. More than 70 percents of vulnerabilities I’ve found in my life have no rapport with a security research, but simply due to chance, when doing administrator tasks for example. This day, I decide for a customer that have millions of hit on this website because of a holiday game, to put the content of his website directly in memory for not having iops problems anymore. For doing this i simply use a ramdisk and i make a synchronization from disk (where is stored the
  3. Faraday is the Integrated Multiuser Risk Environment you were looking for! It maps and leverages all the knowledge you generate in real time, letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the impact and risk being assessed by the audit in real-time without the need for a single email. Developed with a specialized set of functionalities that help users improve their own work, the main purpose is to re-use the available tools in the community taking advantage of them in a collaborative way! Check out the Faraday project in Github. Two years ago
  4. I've been seeking online for a complete tutorial that goes from finding if a computer is vulnerable to an exploit to getting a meterpreter session without the use of trojans. The things that are missing are... 1.the exact procedure of scanning a pc to find if it is vulnerable (and if it is possible a pc outside a local network and how is it possible to scan individual compuiters that are behind routers?) 2. Importing a new exploit that isnt already inside the metasploit framework. 3. setting a backdoor without the use of the persistance command of the meterpreter. 4. the procedure of the
  5. Is there any way for me to inject a payload into the duck that records keystrokes automatically, or at least run a software that i made, a keylogger, automatically upon insertion? If there is can you give the codes? Thank you.
  6. Have you guys read the recent news? http://thehackernews.com/2013/09/hacking-facebook-to-delete-any-account.html The researcher literally shares the single .php line to put into the URL that is needed to delete ANY facebook account, and even the ID data needed is publicly available too. It's an even more shame because the researcher turned this into Facebook (for those who know, Facebook pays those who find bugs in their system) and they won't even look at his submission. It's a shame
  7. Hi guys, so I recently accessed for the first time a wireless network with RADIUS username and password style instead of the traditional wifi PSK, got a bit curious and after a little research about it's way of functioning and vulnerabilities I read that it was possible to obtain the MD5 hash relating to the password and username, but there seems to be little information on anything more specific. Do you know how this works? Is the MD5 obtained by monitoring an authentication or can you fake simulate an authentication with a username and get the MD5 with the password? Cheers ;)
  8. Hello, I've been lurking in these forums every now and then to read up on random discussion (fresh account, first post), and I need some advice here. I'm attending a school to get my Associates Degree, and we have a sort of 'system' on campus that the students and staff use. I stumbled upon a way to exploit said system (not an issue of epic proportions, but still something that bothers me), and I would like to inform the I.T. staff so they can fix it. I just don't know how to approach them. Should I drop by in person, or email them? What if they don't care? What if they get pissed? Just, too
×
×
  • Create New...