[Canvas] D2 Elliot 1.10, November 21 2017

DSquare Security sales at d2sec.com
Tue Nov 21 12:24:50 UTC 2017

D2 Elliot has been updated with 12 new web exploits and 3 new workflows. 
Payloads and workflows have also been improved. 

This release includes the result of our partnership with Risk Based Security
(https://www.riskbasedsecurity.com/) We built a workflow to identify 
technologies on a target website and find potential vulnerabilities via 
VulnDB API. A demo video is available here: https://youtu.be/i0M6MCULQbc

D2 Elliot is updated at least each two months with new modules and enhanced 

Don't forget to follow us: https://twitter.com/d2sec

D2 Elliot Web Exploitation Framework is regularly updated with new exploits 
and tools to keep a high level of efficiency. If you need customized exploits 
or tools please contact us at info at d2sec.com 

For sales inquiries and orders, please contact sales at d2sec.com

DSquare Security, LLC
Website: https://www.d2sec.com
Twitter: https://twitter.com/d2sec
YouTube: https://www.youtube.com/user/dsquaresecurity


Exploits - Added:
 E-593 - WordPress RegistrationMagic-Custom Registration Forms SQL Injection
 E-594 - WordPress EZ SQL Reports Shortcode Widget and DB Backup SQL Injection
 E-595 - WordPress SQL Shortcode SQL Injection
 E-596 - WordPress EZ SQL Reports Shortcode Widget and DB Backup RCE
 E-597 - Trend Micro Data Loss Prevention File Disclosure
 E-598 - TYPO3 Restler File Disclosure
 E-599 - Trend Micro Mobile Security for Enterprise SQL Injection
 E-600 - NETGEAR DGN1000/DGN2200 RCE
 E-601 - Apache Struts 2 Struts 1 Plugin ActionMessage < 2.3.32 RCE
 E-602 - CiviCRM SQL Injection
 E-603 - WordPress Polls Widget SQL Injection
 E-604 - WordPress Ultimate Form Builder Lite SQL Injection

Workflows added: 
 W-52 - Parser DefenseCode Web Security Scanner
 W-53 - Parser Outpost24
 W-54 - VulnDB Website Analyzer

More information about the Canvas mailing list