Mistica – An Open Source Swiss Army Knife For Arbitrary Communication Over Application Protocols
Mística is a tool that allows to embed data into application layer protocol fields, with the goal of establishing a...
Year: 2020
Twitter Hack: Three Arrested in the Bitcoin Scam
Graham Clark, a resident of Tampa Florida has been arrested under charges of being involved in July’s Twitter hack that...
DeimosC2 – A Golang Command And Control Framework For Post-Exploitation
DeimosC2 is a post-exploitation Command & Control (C2) tool that leverages multiple communication methods in order to control machines that...
EternalBlueC – EternalBlue Suite Remade In C/C++ Which Includes: MS17-010 Exploit, EternalBlue Vulnerability Detector, DoublePulsar Detector And DoublePulsar Shellcode & DLL Uploader
EternalBlue suite remade in C which includes: MS17-010 Exploit, EternalBlue/MS17-010 vulnerability detector, DoublePulsar detector and DoublePulsar UploadDLL & Shellcode ms17_vuln_status.cpp...
Florida Teen Responsible for Hijacking High Profile Twitter Accounts Arrested, Faces 30 Felony Charges
US police authorities in a press conference on Friday said they had arrested the main accused and two other suspects...
IBM announces 1000 STEM internship opportunities for students
Petrarch once said, "Sameness is the mother of disgust, variety the cure". And we as a society believe quite strongly...
CWFF – Create Your Custom Wordlist For Fuzzing
CWFF is a tool that creates a special High quality fuzzing/content discovery wordlist for you at the highest speed possible...
Cloudsplaining – An AWS IAM Security Assessment Tool That Identifies Violations Of Least Privilege And Generates A Risk-Prioritized Report
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report.Example...
Avoid these PayPal phishing emails
For the last few weeks, there’s been a solid stream of fake PayPal emails in circulation, twisting FOMO (fear of...
Telegram Takes Down Islamist Propaganda on its Platform, Extremist Groups Struggle
The social networks and US military have imposed high regulations to control Islamist propaganda on social media and have been...
WastedLocker: technical analysis
The use of crypto-ransomware in targeted attacks has become an ordinary occurrence lately: new incidents are being reported every month,...
Kubei – A Flexible Kubernetes Runtime Scanner
Kubei is a vulnerabilities scanning tool that allows users to get an accurate and immediate risk assessment of their kubernetes...
dazzleUP – A Tool That Detects The Privilege Escalation Vulnerabilities Caused By Misconfigurations And Missing Updates In The Windows OS
A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems. dazzleUP...
Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902
Update as of 10:00 A.M. PST, July 30, 2020: Our continued analysis of the malware sample showed adjustments to the...
Malspam campaign caught using GuLoader after service relaunch
They say any publicity is good publicity. But perhaps this isn’t true for CloudEye, an Italian firm that claims to...
Online Michigan Bar Exam Hit by a Distributed Denial of Service (DDoS) Attack
The recently conducted online Michigan bar exam was briefly taken down as it was hit by a rather "sophisticated" cyberattack. The...
uDork – Tool That Uses Advanced Google Search Techniques To Obtain Sensitive Information In Files Or Directories, Find IoT Devices, Detect Versions Of Web Applications, And So On
uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files...
Open Source Security Meetup (OSSM): Virtual Edition
The Rapid7 Metasploit team is taking a page from DEF CON’s “SAFE MODE” operations this year, hosting our annual Open...
Cloud Best Practices Every Security Professional Should Know
In part one of this two-part series on the cloud and cloud security for security professionals, we dove into everything...
Oralyzer – Tool To Identify Open Redirection
Oralyzer, a simple python script, capable of identifying the open redirection vulnerability in a website. It does that by fuzzing...
Botnet abuses Docker servers and crypto blockchain to deliver Doki backdoor
As user organizations move more of their business infrastructure off premises, cybercriminals become increasingly motivated to target Linux-based cloud environments,...
Cloud workload security: Should you worry about it?
Due to the increasing use of the cloud, organizations find themselves dealing with hybrid environments and nebulous workloads to secure....
COVID-19 used as a lure for Cyber Attacks: Report suggest massive increase in Phishing Trends
Since the starting of the year, 2020 has been a bearer of bad news and Covid seems like a bad...
Google Banned 29 Android Apps Containing Adware
A research discovered that almost all the malware are designed to target android users and in order to prevent users...
