FinDOM-XSS – A Fast DOM Based XSS Vulnerability Scanner With Simplicity
FinDOM-XSS is a tool that allows you to finding for possible and/ potential DOM based XSS vulnerability in a fast...
Security
ParamSpider – Mining Parameters From Dark Corners Of Web Archives
ParamSpider : Parameter miner for humans.Key Features : Finds parameters from web archives of the entered domain. Finds parameters from...
New Mirai Variant Expands Arsenal, Exploits CVE-2020-10173
By Augusto Remillano II and Jemimah Molina We discovered a new Mirai variant (detected as IoT.Linux.MIRAI.VWISI) that exploits nine vulnerabilities,...
Threat spotlight: WastedLocker, customized ransomware
WastedLocker is a new ransomware operated by a malware exploitation gang commonly known as the Evil Corp gang. The same...
Google Loses Control Over Blogspot.in, Millions of Sites Inaccessible
Google-owned 'blogspot.in', a blogging website also known as "Blogger" has become inaccessible to Indian users as Google appears to have...
OWASP Threat Dragon – Cross-Platform Threat Modeling Application
Threat Dragon is a free, open-source, cross-platform threat modeling application including system diagramming and a rule engine to auto-generate threats/mitigations....
GIVINGSTORM – Infection Vector That Bypasses AV, IDS, And IPS
The beginnings of a C2 framework. Currently without all the C2 stuff so far. Generates a dual stage VBS infection...
The Russian Prime Minister spoke about the growth of cybercrime activity in Russia
Russian Prime Minister Mikhail Mishustin said that this spring there was an increase in cybercrime activity. The Prime Minister said...
Citrix releases patch for 11 major vulnerabilities
Citrix Software Inc., a multinational American software company whose products are used by 99% of Fortune 100 companies recently released...
A gift for a hacker: experts name the easiest passwords to hack
Experts have conducted research and found out an algorithm that can be used to calculate the password to log in...
Converting MBOX to Outlook Easily
Mail transfer is a common search query. Most commonly, users may migrate due to personal preferences, corporate policies, or support...
Unsealed indictment alleges Kazakh man is behind Fxmsp hacking group
Federal prosecutors have indicted Andrey Turchin, a 37-year-old citizen of Kazakhstan, on five criminal counts related to his alleged involvement...
WordListGen – Super Simple Python Word List Generator For Fuzzing And Brute Forcing In Python
Super Simple Python Word List Generator for Password Cracking (Hashcat)!I know what your are thinking. Why create another word list...
dorkScanner – A Typical Search Engine Dork Scanner Scrapes Search Engines With Dorks That You Provide In Order To Find Vulnerable URLs
A typical search engine dork scanner that scrapes search engines with queries that you provide in order to find vulnerable...
Small Business in a Big World (Wide Web): What You Should Know to Stay Secure
While the COVID-19 pandemic has made online stores increasingly valuable, some small businesses may not have had the experience around...
Hidden purpose of Mac ‘ransomware’ EvilQuest is data exfiltration, say researchers
Researchers have developed a decryption tool for the recently discovered EvilQuest ransomware program designed to target Mac machines. But several...
We found yet another phone with pre-installed malware via the Lifeline Assistance program
We have discovered, yet again, another phone model with pre-installed malware provided from the Lifeline Assistance program via Assurance Wireless...
Hackers Attack Online Stores Stealing Credit Card Data, Experts Allege North Korea
According to the recent findings, there has been an incident of web skimming attacks on the European and American online...
Redirect auction
We’ve already looked at links under old YouTube videos or in Wikipedia articles which at some point turned bad and...
Harbian-Audit – Hardened Debian GNU/Linux Distro Auditing
Hardened Debian GNU/Linux and CentOS 8 distro auditing.The main test environment is in debian GNU/Linux 9/10 and CentOS 8, and...
Shhgit – Find GitHub Secrets In Real Time
Shhgit finds secrets and sensitive files across GitHub code and Gists committed in near real time by listening to the...
Seeing Value From Day One: What You Need to Know About Cloud SIEM Deployment and Configuration
In our modern threat landscape, many organizations face challenges that remain difficult to decipher, let alone resolve. In a fast-paced...
Mac ThiefQuest malware may not be ransomware after all
Editor’s note: The original name for the malware, EvilQuest, has been changed due to a legitimate game of the same...
Lock and Code S1Ep10: Pulling apart the Internet of Things with JP Taggart
This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the...
