EvtMute – Apply A Filter To The Events Being Reported By Windows Event Logging
This is a tool that allows you to offensively use YARA to apply a filter to the events being reported...
tools
XSS-Scanner – XSS Scanner That Detects Cross-Site Scripting Vulnerabilities In Website By Injecting Malicious Scripts
Cross-Site Scripting (XSS) is one of the most well known web application vulnerabilities. It even has a dedicated chapter in...
Shifting Security Right: How Cloud-Based SecOps Can Speed Processes While Maintaining Integrity
When it comes to offloading security controls to the cloud, it may seem counterintuitive to the notion of “securing” things....
MOSINT – OSINT Tool For Emails
MOSINT is an OSINT Tool for emails. It helps you gather information about the target email. Features:Verification Service { Check...
Urlhunter – A Recon Tool That Allows Searching On URLs That Are Exposed Via Shortener Services
urlhunter is a recon tool that allows searching on URLs that are exposed via shortener services such as bit.ly...
Byp4Xx – Simple Bash Script To Bypass “403 Forbidden” Messages With Well-Known Methods Discussed In #Bugbountytips
byp4xx.sh __ __ __ / /_ __ ______ / // / _ ___ __ / __ / / / /...
HyperDbg – The Source Code Of HyperDbg Debugger
HyperDbg is designed with a focus on using modern hardware technologies to provide new features to the reverse engineering world....
HaXmas Hardware Hacking
BinwalkWhen mucking about with firmware (the packaged operating system and applications that makes IoT devices go), Binwalk from Refirm Labs...
Predicting the Unpredictable: What Will the Cybersecurity Space Look Like in 2021?
Not to start off another blog post about how insane this year has been, but let’s just take a moment...
Oblivion – Data Leak Checker And OSINT Tool
Oblivion is a tool focused in real time monitoring of new data leaks, notifying if the credentials of the user...
RogueWinRM – Windows Local Privilege Escalation From Service Account To System
RogueWinRM is a local privilege escalation exploit that allows to escalate from a Service account (with SeImpersonatePrivilege) to Local System...
Metasploit 2020 Wrap-Up
2020 was certainly an interesting year. There were quite a few newsworthy events and some fantastic exploit content released. Let’s...
Top 20 Most Popular Hacking Tools in 2020
Although 2020 has been the worst year since 1945, as last year, this year we made a ranking with the...
Taking Inspiration from our Security Nation in an Otherwise Uninspiring Year
Well, what a year it has been. I won’t waste your time by recapping the many, many difficulties that 2020...
Wynis – Audit Windows Security With Best Practice
Just a powershell scripts for auditing security with CIS BEST Practices Windows 10 and Window Server 2016 You just need...
Proxify – Swiss Army Knife Proxy Tool For HTTP/HTTPS Traffic Capture, Manipulation, And Replay On The Go
Swiss Army Knife Proxy for rapid deployments. Supports multiple operations such as request/response dump, filtering and manipulation via DSL language,...
Social-Analyzer – API And Web App For Analyzing And Finding A Person Profile Across +300 Social Media Websites (Detections Are Updated Regularly)
An API for analyzing & finding a person profile across +300 social media websites. It includes different string analysis and...
ApkLeaks – Scanning APK File For URIs, Endpoints And Secrets
Scanning APK file for URIs, endpoints & secrets.InstallationTo install apkLeaks, simply: $ git clone https://github.com/dwisiswant0/apkleaks$ cd apkleaks/$ pip install -r...
Aura – Python Source Code Auditing And Static Analysis On A Large Scale
Aura is a static analysis framework developed as a response to the ever-increasing threat of malicious packages and vulnerable code...
Vulmap – Web Vulnerability Scanning And Verification Tools
Vulmap is a vulnerability scanning tool that can scan for vulnerabilities in Web containers, Web servers, Web middleware, and CMS...
Rapid7 Labs’ 2020 Naughty List Summary Report to Santa
As requested, your dutiful elves here at Rapid7 Labs have compiled a list of the naughty country networks being used...
Censys-Python – An Easy-To-Use And Lightweight API Wrapper For The Censys Search Engine
An easy-to-use and lightweight API wrapper for the Censys Search Engine (censys.io). Python 3.6+ is currently supported.Getting StartedThe library can...
Swego – Swiss Army Knife Webserver In Golang
Swiss army knife Webserver in Golang. Keep simple like the python SimpleHTTPServer but with many features.UsageHelp$ ./webserver -helpweb subcommand -bind...
Top Security Recommendations for 2021
Happy HaXmas! We hope everyone is having a wonderful holiday season so far. This year has been wild and unpredictable,...
