Hacktory platform packed with new game-playing features
Without practice, theory is dead. Applied knowledge is essential in any area, especially in cybersecurity, and practice is the only...
tools
Threat and Vulnerability Management Best Practices
Today’s business world is increasingly driven by e-commerce and the cloud, which means it requires a proactive approach toward vulnerability...
Terrascan – Detect Compliance And Security Violations Across Infrastructure As Code To Mitigate Risk Before Provisioning Cloud Native Infrastructure
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. GitHub Repo: https://github.com/accurics/terrascan...
OnionSearch – A Script That Scrapes Urls On Different .Onion Search Engines
OnionSearch is a Python3 script that scrapes urls on different ".onion" search engines. PrerequisitePython 3 Currently supported Search enginesahmia...
Rapid7 Recognized as a Strong Performer Among Security Analytics Providers by Leading Industry Report
At Rapid7, we recognize that security professionals are facing a more challenging landscape than ever before. The mission of InsightIDR—our...
GG-AESY – Hide Cool Stuff In Images
Blogpost: https://redteamer.tips/introducing-gg-aesy-a-stegocryptor/ WARNING: you might need to restore NuGet packages and restart visual studio before compiling. If anyone knows how...
Fortiscan – A High Performance FortiGate SSL-VPN Vulnerability Scanning And Exploitation Tool
(CVE-2018-13379) Exploitation Tool, You can use this tool to check the vulnerability in your FortiGate SSL-VPN. https://www.fortinet.com/blog/business-and-technology/fortios-ssl-vulnerability Usage v 0.6...
NICER Protocol Deep Dive: Internet Exposure of Redis
Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet...
Admin-Scanner – This Tool Is Design To Find Admin Panel Of Any Website By Using Custom Wordlist Or Default Wordlist Easily
Website Admin Panel FinderHow To Install (Linux/pc)sudo apt install python3 sudo apt install python3-pip sudo apt install git git clone...
Talon – A Password Guessing Tool That Targets The Kerberos And LDAP Services Within The Windows Active Directory Environment
Talon is a tool designed to perform automated password guessing attacks while remaining undetected. Talon can enumerate a list of...
Webscan – Browser-based Network Scanner And local-IP Detection
webscan is a browser-based network IP scanner and local IP detector. It detects IPs bound to the user/victim by listening...
Tracee – Container And System Event Tracing Using eBPF
Tracee is a lightweight and easy to use container and system tracing tool. It allows you to observe system calls...
DNSx – A Fast And Multi-Purpose DNS Toolkit Allow To Run Multiple DNS Queries Of Your Choice With A List Of User-Supplied Resolvers
dnsx is a fast and multi-purpose DNS toolkit allow to run multiple probers using retryabledns library, that allows you to...
Damn-Vulnerable-Bank – Vulnerable Banking Application For Android
Damn Vulnerable Bank Android Application aims to provide an interface for everyone to get a detailed understanding with internals and...
N1QLMap – The Tool Exfiltrates Data From Couchbase Database By Exploiting N1QL Injection Vulnerabilities
N1QLMap is an N1QL exploitation tool. Currently works with Couchbase database. The tool supports data extraction and performing SSRF attacks...
Bunkerized-Nginx – Nginx Docker Image Secure By Default
nginx Docker image secure by default. Avoid the hassle of following security best practices each time you need a web...
RedShell – An interactive command prompt that executes commands through proxychains and automatically logs them on a Cobalt Strike team server
An interactive command prompt that executes commands through proxychains and automatically logs them on a Cobalt Strike team server.InstallationRedShell runs...
Wsb-Detect – Tool To Detect If You Are Running In Windows Sandbox (“WSB”)
wsb-detect enables you to detect if you are running in Windows Sandbox ("WSB"). The sandbox is used by Windows Defender...
UAFuzz – Binary-level Directed Fuzzing For Use-After-Free Vulnerabilities
Directed Greybox Fuzzing (DGF) like AFLGo aims to perform stress testing on pre-selected potentially vulnerable target locations, with applications to...
Xerror – Fully Automated Pentesting Tool
Xerror is an automated penetration tool , which will helps security professionals and non professionals to automate their pentesting tasks....
CVE-2020-7378: OpenCRX Unverified Password Change (FIXED)
OpenCRX version 4.30 and version 5.0-20200717 suffers from an unverified password change vulnerability, which is an instance of CWE-620. This...
ToothPicker – An In-Process, Coverage-Guided Fuzzer For iOS
ToothPicker is an in-process, coverage-guided fuzzer for iOS. It was developed to specifically targets iOS's Bluetooth daemon bluetoothd and to...
Osi.Ig – Information Gathering Instagram
The Instagram OSINT Tool gets a range of information from an Instagram account that you normally wouldn't be able to...
Don’t Let These Top Cloud Myths Hamper Your Business Decision-Making
The cloud remains a dominant technology innovation well into its second decade of existence. However, after all this time, certain...
