[Canvas] D2 Elliot 1.10, November 21 2017

DSquare Security sales at d2sec.com
Tue Nov 21 12:24:50 UTC 2017


D2 Elliot has been updated with 12 new web exploits and 3 new workflows. 
Payloads and workflows have also been improved. 

This release includes the result of our partnership with Risk Based Security
(https://www.riskbasedsecurity.com/) We built a workflow to identify 
technologies on a target website and find potential vulnerabilities via 
VulnDB API. A demo video is available here: https://youtu.be/i0M6MCULQbc


D2 Elliot is updated at least each two months with new modules and enhanced 
features.

Don't forget to follow us: https://twitter.com/d2sec


D2 Elliot Web Exploitation Framework is regularly updated with new exploits 
and tools to keep a high level of efficiency. If you need customized exploits 
or tools please contact us at info at d2sec.com 

For sales inquiries and orders, please contact sales at d2sec.com

--
DSquare Security, LLC
Website: https://www.d2sec.com
Twitter: https://twitter.com/d2sec
YouTube: https://www.youtube.com/user/dsquaresecurity


Changelog:

Exploits - Added:
 E-593 - WordPress RegistrationMagic-Custom Registration Forms SQL Injection
 E-594 - WordPress EZ SQL Reports Shortcode Widget and DB Backup SQL Injection
 E-595 - WordPress SQL Shortcode SQL Injection
 E-596 - WordPress EZ SQL Reports Shortcode Widget and DB Backup RCE
 E-597 - Trend Micro Data Loss Prevention File Disclosure
 E-598 - TYPO3 Restler File Disclosure
 E-599 - Trend Micro Mobile Security for Enterprise SQL Injection
 E-600 - NETGEAR DGN1000/DGN2200 RCE
 E-601 - Apache Struts 2 Struts 1 Plugin ActionMessage < 2.3.32 RCE
 E-602 - CiviCRM SQL Injection
 E-603 - WordPress Polls Widget SQL Injection
 E-604 - WordPress Ultimate Form Builder Lite SQL Injection

Workflows added: 
 W-52 - Parser DefenseCode Web Security Scanner
 W-53 - Parser Outpost24
 W-54 - VulnDB Website Analyzer
  


More information about the Canvas mailing list