SwiftyInsta – Instagram Unofficial Private API Swift
Instagram offers two kinds of APIs to developers. The Instagram API Platform (extremely limited in functionality and close to being...
tools
tCell by Rapid7 Now Available for the European Region
Today, we are excited to announce tCell by Rapid7, our next-gen WAF and RASP solution, is now available in the...
Brutto – Easy Brute Forcing To Whatever You Want
Easy brute forcing to whatever you want, Its magic increasing values and direct.ImplementationClone git clone https://github.com/jofpin/brutto.git Download the latest version...
Feroxbuster – A Fast, Simple, Recursive Content Discovery Tool Written In Rust
What the heck is a ferox anyway?Ferox is short for Ferric Oxide. Ferric Oxide, simply put, is rust. The name...
NICER Protocol Deep Dive: Internet Exposure of Citrix ADC/NetScaler
Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet...
DeepBlueCLI – a PowerShell Module for Threat Hunting via Windows Event Logs
DeepBlueCLI - a PowerShell Module for Threat Hunting via Windows Event Logs Eric Conrad, Backshore Communications, LLC deepblue at backshore...
Webshell-Analyzer – Web Shell Scanner And Analyzer
Web shell analyzer is a cross platform stand-alone binary built solely for the purpose of identifying, decoding, and tagging files...
The Story Behind Security Breaches
There are many potential causes of security breaches, including malicious attacks, system glitches, equipment failures, software bugs, and zero days....
Trident – Automated Password Spraying Tool
The Trident project is an automated password spraying tool developed to meet the following requirements: the ability to be deployed...
PowerZure – PowerShell Framework To Assess Azure Security
For a list of functions, their usage, and more, check out https://powerzure.readthedocs.ioWhat is PowerZure?PowerZure is a PowerShell project created to...
Overview of Content Security Policies (CSPs) on the Web
A Content Security Policy is a protocol that allows a site owner to control what resources are loaded on a...
Adaz – Automatically Deploy Customizable Active Directory Labs In Azure
This project allows you to easily spin up Active Directory labs in Azure with domain-joined workstations, Windows Event Forwarding, Kibana,...
PowerShell-Red-Team – Collection Of PowerShell Functions A Red Teamer May Use To Collect Data From A Machine
Collection of PowerShell functions a Red Teamer may use to collect data from a machine or gain access to a...
APICheck – The DevSecOps Toolset For REST APIs
APICheck is a complete toolset designed and created for testing REST APIs. Why APICheckAPICheck focuses not only in the security...
Nethive-Project – Restructured And Collaborated SIEM And CVSS Infrastructure
The Nethive Project provides a Security Information and Event Management (SIEM) insfrastructure empowered by CVSS automatic measurements. FeaturesMachine Learning powered...
Binbloom – Raw Binary Firmware Analysis Software
The purpose of this project is to analyse a raw binary firmware and determine automatically some of its features. This...
eDEX-UI – A Cross-Platform, Customizable Science Fiction Terminal Emulator With Advanced Monitoring &Touchscreen Support
eDEX-UI is a fullscreen, cross-platform terminal emulator and system monitor that looks and feels like a sci-fi computer interface. Heavily...
Widevine-L3-Decryptor – A Chrome Extension That Demonstrates Bypassing Widevine L3 DRM
Widevine is a Google-owned DRM system that's in use by many popular streaming services (Netflix, Spotify, etc.) to prevent media...
Scrying – A Tool For Collecting RDP, Web And VNC Screenshots All In One Place
A new tool for collecting RDP, web and VNC screenshots all in one place This tool is still a work-in-progress...
Oracle WebLogic Unauthenticated Complete Takeover (CVE-2020-14882): What You Need to Know
What’s up? As if October 2020 hasn’t been scary enough, Rapid7 Labs, the SANS Internet Storm Center (ISC), and other...
How Maria Barsallo Lynch Helps Combat the Spread of Misinformation and Disinformation Ahead of the Election
In our most recent episode of Security Nation, we spoke with Maria Barsallo Lynch, Executive Director of the Defending Digital...
Trick or Treat! What We Can Learn from the Spookiest Vulnerabilities of the Year
Spooky season is in full swing, and we’re not just talking about Halloween. Security vulnerabilities can range from tiny errors...
Awesome Android Security – A Curated List Of Android Security Materials And Resources For Pentesters And Bug Hunters
A curated list of Android Security materials and resources For Pentesters and Bug Hunters.BlogAAPG - Android application penetration testing guide...
iSH – Linux Shell For iOS
A project to get a Linux shell running on iOS, using usermode x86 emulation and syscall translation. For the current...
