WiFiBroot - A Wireless Pentest/Cracking Tool for 4-way Handshake & PMKID
DESCRIPTION WiFiBroot is built to provide clients all-in-one facility for cracking WiFi (WPA/WPA2) networks. It heavily depends on scapy, a well-featured packet manipulation library in Python. Almost...
View ArticleClik here to view.
Is Multi-Factor Authentication Enough to Protect Remote Workers? by Anas Chbib
As organizations rely more and more on remote workers, one of their primary focuses has to be security. The days of secure air-gapped networks are long gone, and a large number of employees are now...
View ArticleClik here to view.
Fuzzing with Metasploit [FREE COURSE CONTENT]
In this free video from our course called The Art of Wi-Fi Fuzzing, we will learn how to perform fuzzing with Metasploit. You can see how it's done in under 5 minutes! The growing Internet of Things...
View ArticleClik here to view.
DNSrr - a tool written in bash, used to enumerate stuff from DNS records
DNSrr is a tool written in bash, used to enumerate all the juicy stuff from DNS records, it uses different techniques like DNS Forward Bruteforce DNS Reverse Bruteforce DNS Cache Snooping DNS Zone...
View ArticleClik here to view.
DELTA – SDN security evaluation framework
What is DELTA? DELTA is a penetration testing framework that regenerates known attack scenarios for diverse test cases. This framework also provides the capability of discovering unknown security...
View ArticleClik here to view.
Kyverno vs. OPA: Modernizing Your Kubernetes Policy Management by Ritesh Patel
Ever since Kubernetes emerged as a top-contender for multi-cloud container management, automation and security challenges have been holding back the adoption of this innovative solution. This is...
View ArticleClik here to view.
Echidna – Ethereum smart contract fuzzer
Echidna is a weird creature that eats bugs and is highly electrosensitive (with apologies to Jacob Stanley) More seriously, Echidna is a Haskell program designed for fuzzing/property-based testing of...
View ArticleClik here to view.
Exegol - a fully featured and community-driven hacking environment
TL;DR: Exegol is a community-driven hacking environment, powerful and yet simple enough to be used by anyone in day to day engagements. Exegol is a fully configured docker with many useful additional...
View ArticleCORS vulnerability
The vulnerability is a mechanism for accessing data of other origins through AJAX[1] requests. Sites use CORS to bypass the SOP[2] and access other ORIGIN resources. If CORS is not implemented...
View ArticleClik here to view.
Orbitaldump - a simple multi-threaded distributed SSH brute-forcing tool...
A simple multi-threaded distributed SSH brute-forcing tool written in Python. How it Works When the script is executed without the --proxies switch, it acts just like any other multi-threaded SSH...
View ArticleBackstab - a tool to kill antimalware protected processes
Kill EDR Protected Processes Have these local admin credentials but the EDR is standing in the way? Unhooking or direct syscalls are not working against the EDR? Well, why not just kill it? Backstab is...
View ArticleClik here to view.
Dystopia - a low to medium multithreaded Ubuntu Core honeypot coded in Python
Low to medium Ubuntu Core honeypot coded in Python. Quick Guide Installation Arguments dstat Features Optional login prompt Logs who connects and what they do Capture session to pcap file Automatically...
View ArticleClik here to view.
The 10 Commandments of Cybersecurity That Work by Kitson Pereira
It is difficult to put a proper estimate on the cost of cybersecurity breaches. Several studies put the current value of cyber breaches at around $6 trillion per year and are expected to grow to more...
View ArticleClik here to view.
ppmap - a scanner/exploitation tool written in GO, which leverages Prototype...
A simple scanner/exploitation tool written in GO which automatically exploits known and existing gadgets (checks for specific variables in the global context) to perform XSS via Prototype Pollution....
View ArticleClik here to view.
How to Detect Suspicious IP Addresses by Oğuzhan Öztürk
One of the most important talents a cybersecurity expert must have is the ability to detect and block a suspicious IP address. What is an IP address? IP address (also known as the Internet Protocol...
View ArticleClik here to view.
gimmeSH - a tool that generates a custom cheatsheet for Reverse Shell, File...
For pentesters who don't wanna leave their terminals. Few Words gimmeSH, is a tool that generates a custom cheatsheet for Reverse Shell, File Transfer and Msfvenom within your terminal, you just need...
View ArticleNebula - Cloud C2 Framework, which offers reconnaissance, enumeration,...
Nebula is a Cloud and (hopefully) DevOps Penetration Testing framework. It is build with modules for each provider and each functionality. As of April 2021, it only covers AWS, but is currently an...
View ArticleClik here to view.
Terraguard - create and destroy your own VPN service using WireGuard
About The Project This project's goal is to be simple to create and destroy your own VPN service using WireGuard. Prerequisites Terraform >= 1.0.0 Ansible >= 2.10.5 How to Deploy Terraform Run...
View ArticleClik here to view.
pyWhat - identify anything
What is this? Imagine this: You come across some mysterious text 0x52908400098527886E0F7030069857D2E4169EE7 or dQw4w9WgXcQ and you wonder what it is. What do you do? Well, with what all you have to do...
View ArticleClik here to view.
Top 10 Tools to Consider for Penetration Testing in 2022 by Ankit Pahuja
If you're serious about your application's security, then you may be well acquainted with penetration testing. Whether it's a desktop app, a web app, or a mobile app, penetration testing should be a...
View Article