[Canvas] D2 Elliot 1.10, November 21 2017
DSquare Security
sales at d2sec.com
Tue Nov 21 12:24:50 UTC 2017
D2 Elliot has been updated with 12 new web exploits and 3 new workflows.
Payloads and workflows have also been improved.
This release includes the result of our partnership with Risk Based Security
(https://www.riskbasedsecurity.com/) We built a workflow to identify
technologies on a target website and find potential vulnerabilities via
VulnDB API. A demo video is available here: https://youtu.be/i0M6MCULQbc
D2 Elliot is updated at least each two months with new modules and enhanced
features.
Don't forget to follow us: https://twitter.com/d2sec
D2 Elliot Web Exploitation Framework is regularly updated with new exploits
and tools to keep a high level of efficiency. If you need customized exploits
or tools please contact us at info at d2sec.com
For sales inquiries and orders, please contact sales at d2sec.com
--
DSquare Security, LLC
Website: https://www.d2sec.com
Twitter: https://twitter.com/d2sec
YouTube: https://www.youtube.com/user/dsquaresecurity
Changelog:
Exploits - Added:
E-593 - WordPress RegistrationMagic-Custom Registration Forms SQL Injection
E-594 - WordPress EZ SQL Reports Shortcode Widget and DB Backup SQL Injection
E-595 - WordPress SQL Shortcode SQL Injection
E-596 - WordPress EZ SQL Reports Shortcode Widget and DB Backup RCE
E-597 - Trend Micro Data Loss Prevention File Disclosure
E-598 - TYPO3 Restler File Disclosure
E-599 - Trend Micro Mobile Security for Enterprise SQL Injection
E-600 - NETGEAR DGN1000/DGN2200 RCE
E-601 - Apache Struts 2 Struts 1 Plugin ActionMessage < 2.3.32 RCE
E-602 - CiviCRM SQL Injection
E-603 - WordPress Polls Widget SQL Injection
E-604 - WordPress Ultimate Form Builder Lite SQL Injection
Workflows added:
W-52 - Parser DefenseCode Web Security Scanner
W-53 - Parser Outpost24
W-54 - VulnDB Website Analyzer
More information about the Canvas
mailing list