RiskAssessmentFramework – Static Application Security Testing
The OWASP Risk Assessment Framework consist of Static application security testing and Risk Assessment tools, Eventhough there are many SAST...
hacking
MassDNS – A High-Performance DNS Stub Resolver For Bulk Lookups And Reconnaissance (Subdomain Enumeration)
MassDNS is a simple high-performance DNS stub resolver targetting those who seek to resolve a massive amount of domain names...
Metasploit Team Announces Beta Sign-Up for AttackerKB
When a new vulnerability prompts discussion on Twitter or hits media outlets, the security community collectively participates in a familiar...
S3Enum – Fast Amazon S3 Bucket Enumeration Tool For Pentesters
s3enum is a tool to enumerate a target's Amazon S3 buckets. It is fast and leverages DNS instead of HTTP,...
See-SURF – Python Based Scanner To Find Potential SSRF Parameters
A Python based scanner to find potential SSRF parameters in a web application.MotivationSSRF being one of the critical vulnerabilities out...
How the Innocent Lives Foundation Uses OSINT to Uncover Online Predators
On our latest episode of Security Nation, we spoke with a true hero: Chris Hadnagy, founder of the Innocent Lives...
Blinder – A Python Library To Automate Time-Based Blind SQL Injection
Blidner is a small python library to automate time-based blind SQL injection by using a pre defined queries as a...
Obfuscapk – A Black-Box Obfuscation Tool For Android Apps
Obfuscapk is a modular Python tool for obfuscating Android apps without needing their source code, since apktool is used to...
R7-2019-40: Bloomsky SKY2 Weather Camera Station Data Authenticity and Exposure Vulnerabilities
A number of information leak vulnerabilities are present in the Bloomsky SKY2 network, obtainable via JSON queries intended to work...
Kali Linux 2020.1 Release – Penetration Testing and Ethical Hacking Linux Distribution
We are incredibly excited to announce the first release of 2020, Kali Linux 2020.1.2020.1 includes some exciting new updates:Non-Root by...
PythonAESObfuscate – Obfuscates A Python Script And The Accompanying Shellcode
Pythonic way to load shellcode. Builds an EXE for you too!UsagePlace a payload.bin raw shellcode file in the same directory....
ApplicationInspector – A Source Code Analyzer Built For Surfacing Features Of Interest And Other Characteristics To Answer The Question ‘What’S In It’ Using Static Analysis With A Json Based Rules Engine
Microsoft Application Inspector is a software source code analysis tool that helps identify and surface well-known features and other interesting...
An update on trade
In light of recent activity on US trade agreements, here is a quick update on developments with regard to US-China,...
CredNinja – A Multithreaded Tool Designed To Identify If Credentials Are Valid, Invalid, Or Local Admin Valid Credentials Within A Network At-Scale Via SMB, Plus Now With A User Hunter
This tool is intended for penetration testers who want to perform an engagement quickly and efficiently. While this tool can...
Mimir – Smart OSINT Collection Of Common IOC Types
Smart OSINT collection of common IOC types.OverviewThis application is designed to assist security analysts and researchers with the collection and...
How to Analyze Your Log Data Using the Log Search API in InsightIDR
InsightIDR’s Log Search interface allows you to easily query and visualize your log data from within the product, but sometimes...
Socialscan – Check Email Address And Username Availability On Online Platforms With 100% Accuracy
socialscan offers accurate and fast checks for email address and username usage on online platforms.Given an email address or username,...
Aircrack-ng 1.6 – Complete Suite Of Tools To Assess WiFi Network Security
Aircrack-ng is a complete suite of tools to assess WiFi network security.It focuses on different areas of WiFi security:Monitoring: Packet...
Memhunter – Live Hunting Of Code Injection Techniques
Memhunter is an endpoint sensor tool that is specialized in detecing resident malware, improving the threat hunter analysis process and...
AgentSmith-HIDS – Open Source Host-based Intrusion Detection System (HIDS)
Technically, AgentSmith-HIDS is not a Host-based Intrusion Detection System (HIDS) due to lack of rule engine and detection function. However,...
Hershell – Multiplatform Reverse Shell Generator
Simple TCP reverse shell written in Go.It uses TLS to secure the communications, and provide a certificate public key fingerprint...
Check-LocalAdminHash – A PowerShell Tool That Attempts To Authenticate To Multiple Hosts Over Either WMI Or SMB Using A Password Hash To Determine If The Provided Credential Is A Local Administrator
Check-LocalAdminHash is a PowerShell tool that attempts to authenticate to multiple hosts over either WMI or SMB using a password...
SharpStat – C# Utility That Uses WMI To Run “cmd.exe /c netstat -n”, Save The Output To A File, Then Use SMB To Read And Delete The File Remotely
C# utility that uses WMI to run "cmd.exe /c netstat -n", save the output to a file, then use SMB...
KsDumper – Dumping Processes Using The Power Of Kernel Space
I always had an interest in reverse engineering. A few days ago I wanted to look at some game internals...
