Clik here to view.
What You Need to Know About the Apache Struts Vulnerability by Gilad David...
Apache Struts is a popular open-source framework, used to create web apps. Due to its popularity, Apache Struts attracts a large number of attackers. The framework has a considerable number of...
View ArticleClik here to view.
CTFTOOL - Interactive CTF Exploration Tool
This is ctftool, an interactive command line tool to experiment with CTF, a little-known protocol used on Windows to implement Text Services. This might be useful for studying Windows internals,...
View ArticleClik here to view.
Manul - fuzzer for open-source and blackbox binaries on Windows, Linux and MacOS
Manul is a coverage-guided parallel fuzzer for open-source and black-box binaries on Windows, Linux and macOS (beta) written in pure Python. Manul Quick Start pip3 install psutil git clone...
View ArticlePowerZure - PowerShell script to interact with Azure
PowerZure is a PowerShell script written to assist in assessing Azure security. Functions are broken out into their context as well as the role needed to run them. Help Function Description Role...
View ArticleClik here to view.
Fuzzowski - the Network Protocol Fuzzer that we will want to use
The idea behind Fuzzowski, was to create the Network Protocol Fuzzer that we will want to use. The aim of this tool is to assist during the whole process of fuzzing a network protocol, allowing to...
View ArticlePypykatz - Mimikatz implementation in pure Python
Pypykatz is a mimikatz implementation in pure Python. At least a part of it :) Runs on all OS's which support python>=3.6 Installing Install it via pip or by cloning it from github. The installer...
View ArticleClik here to view.
IT Certification Roadmap by CompTIA
In the world of IT certification, knowing where to start is the most more crucial information. Whether you’ve had some hands on experience or are completely new to the world of information technology,...
View ArticleClik here to view.
How to Protect & Fight Back Against Firmware Attacks by Richard LeCount
In recent years, we have seen malicious attacks increasingly targeting the lower parts of the computing stack, below the operating systems. These threats seek to modify or input malware into a systems...
View ArticleClik here to view.
Dumping Firmware With the CH341a Programmer | by Rick Wisser
Note: This blog will also be a lab for any of the upcoming Wild West Hackin’ Fest Conferences. During a recent engagement, I came across an issue. The issue I encountered was that the SPI chip I was...
View Articlenray - free and sophisticated port scanner built from scratch
Nray is a free, platform and architecture independent port and application layer scanner. Apart from regular targets (list of hosts/networks), it supports dynamic target selection, based on source like...
View ArticleClik here to view.
RANKED: The Countries Most at Risk of Cyber-Crime
⇒ Machines in the Netherlands are most likely to encounter cybercrimes; Ireland is least likely, ⇒ 10.17% of machines in Belarus encounter malware every month, making them the least cyber-secure...
View ArticleClik here to view.
Jaeles - The Swiss Army knife for automated Web Application Testing
Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner. Installation Download precompiled version here. If you have a Go environment,...
View ArticleClik here to view.
KILLSHOT - A penetration testing framework, information gathering tool &...
Killshot is a penetration testing framework, information gathering tool & website vulnerability scanner. You can use this tool to spider your website and get important information and gather...
View ArticleClik here to view.
Ethical Hacking Best Practices: 9 Excellent Hacking Tools Used by...
Ethical hacking is increasingly becoming a famous phrase used in the IT industry. The security vulnerabilities are getting exposed each passing day, and protecting data and tools from potential...
View ArticleClik here to view.
SUDO_KILLER - A tool to identify and exploit sudo rules' misconfigurations...
SUDO_KILLER is a tool that can be used for privilege escalation on linux environment by abusing SUDO in several ways. The tool helps to identify misconfiguration within sudo rules, vulnerability within...
View ArticleUpdog is a replacement for Python's SimpleHTTPServer.
Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use HTTP basic auth. Installation Install using pip: pip3...
View ArticleClik here to view.
Protecting IoT With EDR Cyber Security by Gilad David Maayan
Internet of Things (IoT) technology covers a wide range of systems and devices, starting with consumer IoT like smart TVs, and commercial IoT like smart health systems and pacemakers. IoT can also be...
View ArticleClik here to view.
Metabigor - Intelligence tool but without API key
What is Metabigor? Metabigor is Intelligence tool, its goal is to do OSINT tasks and more but without any API key. Installation go get -u github.com/j3ssie/metabigor Main features Discover IP Address...
View ArticleClik here to view.
Configuring Snort IDS [FREE COURSE CONTENT]
In this video from our Snort IDS Blast Course we will show you how to go about configuring Snort IDS. The course and the video are a few years old, but some things never change! The skills you learn...
View ArticleClik here to view.
Simple Remote Code Execution Vulnerability Examples for Beginners | by Ozgur Alp
Simple Remote Code Execution Vulnerability Examples for Beginners Especially when I talk with newbie security researchers/bug bounty hunters, they always make me feel as not thinking theirselves...
View Article