trimstray / massh-enum
Licence: GPL-3.0 license
OpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).
Stars: ✭ 136
Projects that are alternatives of or similar to massh-enum
Cve Check Tool
Original Automated CVE Checking Tool
Stars: ✭ 172 (+26.47%)
Mutual labels: vulnerability, cve
Writeups
This repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: ✭ 61 (-55.15%)
Mutual labels: enumeration, cve
Linuxflaw
This repo records all the vulnerabilities of linux software I have reproduced in my local workspace
Stars: ✭ 140 (+2.94%)
Mutual labels: vulnerability, cve
Vulnix
Vulnerability (CVE) scanner for Nix/NixOS.
Stars: ✭ 161 (+18.38%)
Mutual labels: vulnerability, cve
Payloadsallthethings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+24097.79%)
Mutual labels: enumeration, vulnerability
Vulnerability Data Archive
With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
Stars: ✭ 63 (-53.68%)
Mutual labels: vulnerability, cve
Vulnogram
Vulnogram is a tool for creating and editing CVE information in CVE JSON format
Stars: ✭ 103 (-24.26%)
Mutual labels: vulnerability, cve
cve-2016-1764
Extraction of iMessage Data via XSS
Stars: ✭ 52 (-61.76%)
Mutual labels: vulnerability, cve
Wprecon
WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.
Stars: ✭ 135 (-0.74%)
Mutual labels: vulnerability, cve
CVE-2019-8449
CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
Stars: ✭ 66 (-51.47%)
Mutual labels: vulnerability, cve
Cve 2018 20555
Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555
Stars: ✭ 78 (-42.65%)
Mutual labels: vulnerability, cve
Js Vuln Db
A collection of JavaScript engine CVEs with PoCs
Stars: ✭ 2,087 (+1434.56%)
Mutual labels: vulnerability, cve
Ossf Cve Benchmark
The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.
Stars: ✭ 71 (-47.79%)
Mutual labels: vulnerability, cve
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+180.88%)
Mutual labels: enumeration, vulnerability
Cve 2017 0065
Exploiting Edge's read:// urlhandler
Stars: ✭ 15 (-88.97%)
Mutual labels: vulnerability, cve
Labs
Vulnerability Labs for security analysis
Stars: ✭ 1,002 (+636.76%)
Mutual labels: vulnerability, cve
accounts-material-ui
Material-ui integration with std:accounts-ui
Stars: ✭ 17 (-87.5%)
Mutual labels: accounts, users
MeteorCandy-meteor-admin-dashboard-devtool
The Fast, Secure and Scalable Admin Panel / Dashboard for Meteor.js
Stars: ✭ 50 (-63.24%)
Mutual labels: accounts, users
+----------------+ | massh-enum 1.0 | +----------------+ OpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473) This script contains Matthew Daley Python script <https://bugfuzz.com/stuff/ssh-check-username.py> License: GPLv3, <http://www.gnu.org/licenses/> Description OpenSSH versions 2.3 up to 7.4 suffer from a username enumeration vulnerability. The attacker can try to authenticate a user with a malformed packet (for example, a truncated packet), and: - if the user is invalid (it does not exist), then userauth_pubkey() returns immediately, and the server sends an SSH2_MSG_USERAUTH_FAILURE to the attacker; - if the user is valid (it exists), then sshpkt_get_u8() fails, and the server calls fatal() and closes its connection to the attacker. More information about this vulnerability: * https://nvd.nist.gov/vuln/detail/CVE-2018-15473 * http://seclists.org/oss-sec/2018/q3/124 How it works? # ./bin/massh-enum --hosts 10.240.20.0/28 --users wordlists/users › Generating a list of hosts › Username Enumeration host: 10.240.20.1 (p:22), found user: root host: 10.240.20.1 (p:22), found user: supervisor host: 10.240.20.2 (p:22), found user: root Requirements - Bash (testing on 4.4.19) - Python (testing on 2.7) - Nmap (testing on 7.70)
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].