Sql Injection Tool V1.0 Beta
Username guessing tool for use against the default Solaris ftp service and GNU inetutils ftpd. Recent changes are detailed in the CHANGELOG. Download ftp-user-enum v1.0 here. SHA1sum: 2fbd86dba9f701627d415ed76100b2768b271862 MD51sum: c19ec3eb1eab6282a16514b51eb5f1c6 User documentation are also avaialble in PDF format.
sql injection tool v1.0 beta
Username guessing tool primarily for use against the default Solaris finger service. Also supports relaying of queries through another finger server. Recent changes are detailed in the CHANGELOG. Download finger-user-enum v1.0 here. SHA1sum: 017e214e786df5a25336291acd3b9c8a46b3bd7b MD51sum: f18832f9d2b5210e5f51bd89f44abeee User documentation is also available in PDF format.
The software entered beta in May and has since seen significant results. GitHub scanned more than 12,000 repositories 1.4 million times and found around 20,000 security flaws. Some of the issues it uncovered included remote code execution (RCE), SQL injection, and cross-site scripting (XSS) vulnerabilities. Developers have already fixed 72% of the reported errors within 30 days.
The pyenv tool is great for managing different versions of Python on your system, and you can use it to install Python 3.11 beta if you like. It comes with two different versions, one for Windows and one for Linux and macOS. Choose your platform with the switcher below:
Kaseya has shared their own detection tool. From their report, "The new Compromise Detection Tool was rolled out last night to almost 900 customers who requested the tool." That detection tool checks for the presence of a "userfiltertablerpt.asp" file included their public web root. As we have examined the file, we can see there is a number of potential SQL injection vulnerabilities, and we are actively reviewing the pertinent files for other potential attack vectors.
Projects, the flexible tool for planning and tracking work on GitHub Enterprise Server, is now available as a beta. A project is an adaptable spreadsheet that integrates issues and pull requests to help users plan and track work effectively. Users can create and customize multiple views, and each view can filter, sort, and group issues and pull requests. Users can also define custom fields to track the unique metadata for a team or project, allowing customization for any needs or processes. This feature is subject to change. For more information, see "About Projects."
The last tool we will look at today is XSStrike. It is a dedicated suite for detecting cross-site scripting vulnerabilities that includes an intelligent payload generator, a fuzzer, a crawler, WAF detection, and more. XSStrike is currently in beta.