Multiscanner – Modular File Scanning/Analysis Framework
MultiScanner is a file analysis framework that assists the user in evaluating a set of files by automatically running a...
hacking
Election Security: What You Need to Know
Usually, when we write a "What you need to know" post on the Rapid7 blog, it's generally a rapid response...
Tishna – Complete Automated Pentest Framework For Servers, Application Layer To Web Security
Complete Automated pentest framework for Servers, Application Layer to Web SecurityInterfaceSoftware have 62 Options with full automation and can be...
AWS Report – Tool For Analyzing Amazon Resources
AWS Report is a tool for analyzing amazon resources.FeaturesSearch iam users based on creation dateSearch buckets publicSearch security group with...
WindowsFirewallRuleset – Windows Firewall Ruleset Powershell Scripts
About WindowsFirewallRulesetWindows firewall rulles organized into individual powershell scripts according to:Rule groupTraffic directionIP version (IPv4 / IPv6)Further sorted according to...
S3Tk – A Security Toolkit For Amazon S3
A security toolkit for Amazon S3Another day, another leaky Amazon S3 bucket— The Register, 12 Jul 2017Don’t be the... next......
SysWhispers – AV/EDR Evasion Via Direct System Calls
SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls.All core syscalls are supported...
Kamerka GUI – Ultimate Internet Of Things/Industrial Control Systems Reconnaissance Tool
Ultimate Internet of Things/Industrial Control Systems reconnaissance tool.Powered by Shodan - Supported by Binary Edge & WhoisXMLAPIwriteup - https://medium.com/@woj_ciech/hack-the-planet-with-%EA%93%98amerka-gui-ultimate-internet-of-things-industrial-control-systems-5ff7d9686b29Demo -...
XSpear v1.3 – Powerfull XSS Scanning And Parameter Analysis Tool
XSpear is XSS Scanner on ruby gemsKey featuresPattern matching based XSS scanningDetect alert confirm prompt event on headless browser (with...
AVCLASS++ – Yet Another Massive Malware Labeling Tool
AVCLASS++ is an appealing complement to AVCLASS , a state-of-the-art malware labeling tool.OverviewAVCLASS++ is a labeling tool for creating a...
7 Vulnerability Risk Management Resolutions To Consider in the New Year
It’s that time of year again, when people start making personal resolutions to better themselves in the new year. We...
SQLMap v1.4 – Automatic SQL Injection And Database Takeover Tool
SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and...
Turbolist3r – Subdomain Enumeration Tool With Analysis Features For Discovered Domains
Turbolist3r is a fork of the sublist3r subdomain discovery tool. In addition to the original OSINT capabilties of sublist3r, turbolist3r...
Cheers to a New Year! Rapid7’s 2020 Security Predictions
Happy New Year, everyone! While it’s ever-so-tempting to begin this blog post with an already overused “2020 vision” cliche, I...
Oh, Behave! Who Made It to Rapid7 Labs’ Naughty List(s) in 2019?
We all know jolly ol’ St. Nick just loves lists, which is an attribute he shares with the researcher elves...
Memorable Metasploit Moments of 2019
Happy HaXmas, friends and foes (substitute your nouns of choice here). The Metasploit team kicked off 2019 with the release...
Top 20 Most Popular Hacking Tools in 2019
As last year, this year we made a ranking with the most popular tools between January and December 2019.Topics of...
Pown.js – A Security Testing An Exploitation Toolkit Built On Top Of Node.js And NPM
Pown.js is a security testing and exploitation toolkit built on top of Node.js and NPM. Unlike traditional security tools like...
RansomCoin – A DFIR Tool To Extract Cryptocoin Addresses And Other Indicators Of Compromise From Binaries
Extracting metadata and hardcoded Indicators of Compromise from ransomware, in a scalable, efficient, way with cuckoo integrations. Ideally, is it...
nmapAutomator – Tool To Automate All Of The Process Of Recon/Enumeration
nmapAutomatorA script that you can run in the background!SummaryThe main goal for this script is to automate all of the...
Quark-Engine – An Obfuscation-Neglect Android Malware Scoring System
An Obfuscation-Neglect Android Malware Scoring SystemConceptsAndroid malware analysis engine is not a new story. Every antivirus company has their own...
Malwinx – Just A Normal Flask Web App To Understand Win32Api With Code Snippets And References
A normal flask web app to learn win32api with code snippets and references.PrerequisiteYou need to download the following package before...
PAKURI – Penetration Test Achieve Knowledge Unite Rapid Interface
What's PAKURIIn Japanese, imitating is called “Pakuru”.ぱくる (godan conjugation, hiragana and katakana パクる, rōmaji pakuru)eat with a wide open mouthsteal...
Pylane – An Python VM Injector With Debug Tools, Based On GDB
Pylane is a python vm injector with debug tools, based on gdb and ptrace. Pylane uses gdb to trace python...
