
Top Twenty Most Exploited Vulnerabilities in 2021
The number of vulnerabilities in 2021 have dramatically increased so that the technical teams in charge of the patch management find themselves drowning in a myriad of critical and urgent task
peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not. The aim of this tool is to provide all the necessary components that a security researcher could need in a PDF analysis without using 3 or 4 tools ...
CARO 2011 Workshop Prague, Czech Republic, 2011 CARO 2011 Workshop, is the annual event of the Computer Anti-virus Researcher’s Organization. The CARO 2011 Workshop has been designed specifically to help antivirus professionals. Over one hundred specialists from firms such as F-Secure, Microsoft, Sourcefire, Symantec, and Trend-Micro participated in this year’s ...
nuf-fuzzer will be browser fuzzer written in C inspired by mangleme. It will be complex browser fuzzer with integrated HTTP server and logger. It will use several sophisticated algorythms to generate payloads. Features: HTML tags fuzzing CSS tags fuzzing DOM objects fuzzing javascript functions fuzzing designed to run as ...
Attack Surface Analyzer is developed by the Security Engineering group, building on the work of our Security Science team. It is the same tool used by Microsoft’s internal product groups to catalogue changes made to operating system attack surface by the installation of new software. Attack Surface Analyzer takes a ...
Web Application Configuration Analyzer (WACA) is a tool that scans a server against a set of best practices recommended for pre-production and production servers. The list of best practices is derived from the Microsoft Information Security & Risk Management Deployment Review Standards used internally at Microsoft to harden production and ...
DFF (Digital Forensics Framework) is a simple but powerfull open source tool with a flexible module system which will help you in your digital forensics works, including files recovery due to error or crash, evidence research and analysis, etc. The source code is written in C++ and Python, allowing performances and great extensibility ...
The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element. SET was designed to be released with the http://www.social-engineer.org launch and has quickly became a standard tool in a penetration testers arsenal. SET was written by David Kennedy (ReL1K) and with a lot of help ...
NessusDB is Nessus XMLv2 parser, which pushes reports into an ActiveRecord database, easing report generation. Requirements ruby (Tested with 1.8.7) rubygems (Install it from source!, it is included with ruby 1.9.1+) libxml choice rails yaml logger rmagick gruff prawn mysql. _ __ ___ ___ ___ _ _ ___ __| | ...
dradis is an open source framework to enable effective information sharing. dradis is a self-contained web application that provides a centralised repository of information to keep track of what has been done so far, and what is still ahead. [screenshots – demo] Features : Easy report generation. Support for attachments. ...