trustedsec/trevorc2

Releases16

Frequency2 months 2 weeks

Last Release over 5 years ago

Stars1.33K

TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-18850 ↗	Dec 4, 2019Wednesday, 4 December 2019, 13:15	7.5 HIGH	5 MEDIUM
TrevorC2 v1.1/v1.2 fails to prevent fingerprinting primarily via a discrepancy between response headers when responding to different HTTP methods, also via predictible responses when accessing and interacting with the "SITE_PATH_QUERY".