Mythic – A Collaborative, Multi-Platform, Red Teaming Framework
A cross-platform, post-exploit, red teaming framework built with python3, docker, docker-compose, and a web browser UI. It's designed to provide...
hacking
HoneyCreds – Network Credential Injection To Detect Responder And Other Network Poisoners
HoneyCreds network credential injection to detect responder and other network poisoners. RequirementsRequires Python 3.6+ (tested on Python 3.9)smbprotocolcffisplunk-sdk Installationgit clone https://github.com/Ben0xA/HoneyCreds.gitcd...
Crackonosh Monero miner made $2M after infecting 222,000 Win systems
Researchers have discovered a strain of cryptocurrency-mining malware, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection. Researchers from Avast...
Security Affairs newsletter Round 320
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Hackers target Cisco ASA devices after a PoC exploit code was published online
Experts warn of attacks against Cisco ASA devices after researchers have published a PoC exploit code on Twitter for a...
Mercedes-Benz data breach impacted roughly 1000 individuals
Mercedes-Benz USA disclosed a data breach that impacted 1.6 million customers, exposed data includes financial data and social security numbers...
SharpHook – Tool Tath Uses Various API Hooks In Order To Give Us The Desired Credentials
SharpHook is inspired by the SharpRDPThief project, It uses various API hooks in order to give us the desired credentials....
CamRaptor – Tool That Exploits Several Vulnerabilities In Popular DVR Cameras To Obtain Network Camera Credentials
CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain network camera credentials. FeaturesExploits vulnerabilities in...
Microsoft: Russia-linked SolarWinds hackers breached three new entities
Microsoft discovered that Russia-linked SolarWinds hackers, tracked as Nobelium, have breached the network of three new organizations. Microsoft revealed on...
New ransomware group Hive leaks Altus group sample files
On June 14th, Altus Group, a commercial real estate software solutions firm, disclosed a security breach, now Hive ransomware gang...
Epsilon Red – our research reveals more than 3.5 thousand servers are still vulnerable
CyberNews researchers analyzed the recently discovered Epsilon Red operations and found that more than 3.5K servers are still vulnerable Several...
Marketo Marketplace – Cybercriminals are targeting major law firms
Cybercriminals published for sale in Dark Web 58GB of data stolen from Hollingsworth LLP. One of the emerging underground marketplaces...
Hackers exploit 3-years old flaw to wipe Western Digital devices
Threat actors are wiping many Western Digital (WD) My Book Live and My Book Live Duo NAS devices likely exploiting...
BlobHunter – Find Exposed Data In Azure With This Public Blob Scanner
An opensource tool for scanning Azure blob storage accounts for publicly opened blobs. BlobHunter is a part of "Hunting Azure...
RomBuster – A Router Exploitation Tool That Allows To Disclosure Network Router Admin Password
RomBuster is a router exploitation tool that allows to disclosure network router admin password. FeaturesExploits vulnerabilities in most popular routers...
Flaws in FortiWeb WAF expose Fortinet devices to remote hack
Fortinet has recently fixed a high-severity vulnerability affecting its FortiWeb web application firewall (WAF) that can be exploited by remote...
Clop gang members recently arrested laundered over $500M in payments
The Clop ransomware members that were recently arrested laundered over $500M in ransomware payments for several malicious actors. The members of...
Flaws in Dell BIOSConnect feature affect 128 device models
Flaws affecting the BIOSConnect feature of Dell Client BIOS could be exploited by a privileged attacker to execute arbitrary code...
Fully-Homomorphic-Encryption – Libraries And Tools To Perform Fully Homomorphic Encryption Operations On An Encrypted Data Set
This repository contains open-source libraries and tools to perform fully homomorphic encryption (FHE) operations on an encrypted data set.About Fully...
Shreder – A Powerful Multi-Threaded SSH Protocol Password Bruteforce Tool
Shreder is a powerful multi-threaded SSH protocol password brute-force tool. FeaturesVery fast password guessing, just one password in 0.1 second....
VMware releases patches for critical flaw in Carbon Black App Control
VMware released security patches to address an authentication bypass vulnerability in VMware Carbon Black App Control (AppC) for Windows. VMware...
Zyxel warns customers of attacks on its enterprise firewall and VPN devices
Networking equipment giant Zyxel warns customers of a series of attacks that have been targeting some of its enterprise firewall...
ChaChi, a GoLang Trojan used in ransomware attacks on US schools
A new Trojan written in the Go programming language, tracked as ChaChi, was involved in ransomware attacks against government agencies...
John McAfee found dead in prison cell ahead of extradition to US
One of the fathers of antivirus software, the entrepreneur John McAfee has been found dead in a Barcelona prison cell...
