Creepy – A Geolocation OSINT Tool. Offers Geolocation Information Gathering Through Social Networking Platforms
This project is currently not maintained. I haven't put any work on it since 2016 and with the current state...
hacking
The number of ICS flaws in 2020 was 24,72% higher compared to 2019
The number of vulnerabilities discovered in industrial control system (ICS) products surged in 2020, security firm Claroty reports. According to...
Security Affairs newsletter Round 300
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Web developers SitePoint discloses a data breach
The website, and publisher of books, courses and articles for web developers, SitePoint discloses a data breach that impacted 1M...
Experts found critical flaws in Realtek Wi-Fi Module
Critical flaws in the Realtek RTL8195A Wi-Fi module could have been exploited to gain root access and take over devices’...
ExecuteAssembly – Load/Inject .NET Assemblies
ExecuteAssembly is an alternative of CS execute-assembly, built with C/C++ and it can be used to Load/Inject .NET assemblies by;...
GPOZaurr – Group Policy Eater Is A PowerShell Module That Aims To Gather Information About Group Policies
Group Policy Eater is a PowerShell module that aims to gather information about Group Policies but also allows fixing issues...
Watch out! ‘The Great Suspender’ Chrome extension contains Malware
Google removed the popular The Great Suspender from the official Chrome Web Store for containing malware and deactivated it from the...
Packaging giant WestRock is still working to resume after recent Ransomware Attack
Packaging giant WestRock revealed this week that the recent ransomware attack impacted the company’s IT and operational technology (OT) systems. American corrugated packaging company...
Forward Air Corporation says that December Ransomware attack caused a loss of $7.5M
Trucking and freight transportation logistics giant Forward Air Corporation said a December 2020 ransomware attack had $7.5M Impact. Trucking and...
Hackers abuse Plex Media servers for DDoS amplification attacks
Netscout experts warn of DDoS-for-hire services abusing Plex Media servers to bounce junk traffic and amplify DDoS attacks. Security researchers from...
Cloudlist – A Tool For Listing Assets From Multiple Cloud Providers
Cloudlist is a multi-cloud tool for getting Assets (Hostnames, IP Addresses) from Cloud Providers. This is intended to be used...
Geacon – Implement CobaltStrike’s Beacon In Go
Using Go to implement CobaltStrike's Beacon This project is for learning protocol analysis and reverse engineering only, if someone's rights...
TeamTNT group uses Hildegard Malware to target Kubernetes Systems
The TeamTNT hacker group has been employing a new piece of malware, dubbed Hildegard, to target Kubernetes installs. The hacking...
Fortinet addresses 4 vulnerabilities in FortiWeb web application firewalls
Security vendor Fortinet has addressed four vulnerabilities in FortiWeb web application firewalls, including a Remote Code Execution flaw. Fortinet has...
Google addresses Chrome zero-day flaw actively exploited in the wild
Google has addressed an actively exploited zero-day vulnerability, tracked as CVE-2021-21148, with the release of the Chrome 88.0.4324.150 version. Google released...
Matryosh DDoS botnet targets Android-Based devices via ADB
Netlab researchers spotted a new Android malware, dubbed Matryosh, that is infecting devices to recruit them in a distributed denial-of-service...
Satellite – Easy-To-Use Payload Hosting
Satellite is an web payload hosting service which filters requests to ensure the correct target is getting a payload. This...
Phpvuln – Audit Tool To Find Common Vulnerabilities In PHP Source Code
phpvuln is an open source OWASP penetration testing tool written in Python 3, that can speed up the the process...
Cisco Patches Recently Disclosed “sudo” Vulnerability (CVE-2021-3156) in Multiple Products
The “sudo” advisory is officially presented as “Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021” and affects pretty much...
Hackers accessed Stormshield data, including source code of ANSSI certified products
The provider of network security products Stormshield discloses data breach, threat actors stole information on some of its clients. Stormshield...
SonicWall released patch for actively exploited SMA 100 zero-day
SonicWall has released a security patch to address the zero-day flaw actively exploited in attacks against the SMA 100 series...
Cisco fixes critical remote code execution issues in SMB VPN routers
Cisco addressed multiple pre-auth remote code execution (RCE) flaws in small business VPN routers that allow executing arbitrary code as...
TIM’s Red Team Research (RTR) discovered 2 new zero-day vulnerabilities in WordPress Plugin Limit Login Attempts Reloaded
Researchers from TIM’s Red Team Research (RTR) discovered 2 new zero-day vulnerabilities in WordPress Plugin Limit Login Attempts Reloaded Italy...
