R7-2019-40: Bloomsky SKY2 Weather Camera Station Data Authenticity and Exposure Vulnerabilities
A number of information leak vulnerabilities are present in the Bloomsky SKY2 network, obtainable via JSON queries intended to work...
tools
Kali Linux 2020.1 Release – Penetration Testing and Ethical Hacking Linux Distribution
We are incredibly excited to announce the first release of 2020, Kali Linux 2020.1.2020.1 includes some exciting new updates:Non-Root by...
PythonAESObfuscate – Obfuscates A Python Script And The Accompanying Shellcode
Pythonic way to load shellcode. Builds an EXE for you too!UsagePlace a payload.bin raw shellcode file in the same directory....
ApplicationInspector – A Source Code Analyzer Built For Surfacing Features Of Interest And Other Characteristics To Answer The Question ‘What’S In It’ Using Static Analysis With A Json Based Rules Engine
Microsoft Application Inspector is a software source code analysis tool that helps identify and surface well-known features and other interesting...
An update on trade
In light of recent activity on US trade agreements, here is a quick update on developments with regard to US-China,...
CredNinja – A Multithreaded Tool Designed To Identify If Credentials Are Valid, Invalid, Or Local Admin Valid Credentials Within A Network At-Scale Via SMB, Plus Now With A User Hunter
This tool is intended for penetration testers who want to perform an engagement quickly and efficiently. While this tool can...
Mimir – Smart OSINT Collection Of Common IOC Types
Smart OSINT collection of common IOC types.OverviewThis application is designed to assist security analysts and researchers with the collection and...
How to Analyze Your Log Data Using the Log Search API in InsightIDR
InsightIDR’s Log Search interface allows you to easily query and visualize your log data from within the product, but sometimes...
Socialscan – Check Email Address And Username Availability On Online Platforms With 100% Accuracy
socialscan offers accurate and fast checks for email address and username usage on online platforms.Given an email address or username,...
Aircrack-ng 1.6 – Complete Suite Of Tools To Assess WiFi Network Security
Aircrack-ng is a complete suite of tools to assess WiFi network security.It focuses on different areas of WiFi security:Monitoring: Packet...
Memhunter – Live Hunting Of Code Injection Techniques
Memhunter is an endpoint sensor tool that is specialized in detecing resident malware, improving the threat hunter analysis process and...
AgentSmith-HIDS – Open Source Host-based Intrusion Detection System (HIDS)
Technically, AgentSmith-HIDS is not a Host-based Intrusion Detection System (HIDS) due to lack of rule engine and detection function. However,...
Hershell – Multiplatform Reverse Shell Generator
Simple TCP reverse shell written in Go.It uses TLS to secure the communications, and provide a certificate public key fingerprint...
Check-LocalAdminHash – A PowerShell Tool That Attempts To Authenticate To Multiple Hosts Over Either WMI Or SMB Using A Password Hash To Determine If The Provided Credential Is A Local Administrator
Check-LocalAdminHash is a PowerShell tool that attempts to authenticate to multiple hosts over either WMI or SMB using a password...
SharpStat – C# Utility That Uses WMI To Run “cmd.exe /c netstat -n”, Save The Output To A File, Then Use SMB To Read And Delete The File Remotely
C# utility that uses WMI to run "cmd.exe /c netstat -n", save the output to a file, then use SMB...
KsDumper – Dumping Processes Using The Power Of Kernel Space
I always had an interest in reverse engineering. A few days ago I wanted to look at some game internals...
Discover the New BMC Remedy ITSM Plugin for InsightConnect
In any IT environment, documentation of work performed by IT is critical and necessary to maintain order when providing resolutions...
YARASAFE – Automatic Binary Function Similarity Checks with Yara
SAFE is a tool developed to create Binary Functions Embedding developed by Massarelli L., Di Luna G.A., Petroni F., Querzoni...
AlertResponder – Automatic Security Alert Response Framework By AWS Serverless Application Model
AlertResponder is a serverless framework for automatic response of security alert.OverviewAlertResponder receives an alert that is event of interest from...
Vulnerability Management in the Cloud: Addressing the AWS Shared Responsibility Model
If you’re operating in the cloud, you may be familiar with the shared responsibility model. We often hear people say...
TAS – A Tiny Framework For Easily Manipulate The Tty And Create Fake Binaries
A tiny framework for easily manipulate the tty and create fake binaries.How it works?The framework has three main functions, tas_execv,...
Corsy v1.0 – CORS Misconfiguration Scanner
Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations.RequirementsCorsy only works with Python 3 and...
Better Together: How to Collaborate to Drive Vulnerability Remediation Among Security, IT, and DevOps Teams
If you feel anxious about the amount of time it takes your organization to remediate vulnerabilities or find yourself spending...
TeleGram-Scraper – Telegram Group Scraper Tool (Fetch All Information About Group Members)
Telegram Group Scraper Tool. Fetch All Information About Group Members• How To Install & Setup API ( Termux )• API...
