
Top Twenty Most Exploited Vulnerabilities in 2021
The number of vulnerabilities in 2021 have dramatically increased so that the technical teams in charge of the patch management find themselves drowning in a myriad of critical and urgent task
Source: Amol Naik (Secure Belief) Mona.py is plug-in for Immunity Debugger which is developed by Corelan Team. It is a successor of pvefindaddr which is retired after the release of mona.py. You can get more information about mona.py here & installation & usage. While testing buffer overflow exploits for “The ...
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tool Changelog The Hive (registry viewer) features three new reports:email accounts, TCP/IP interfaces, ...
NIELD is the Network Interface Events Logging Daemon. It is possible to receive notifications from kernel through rtnetlink socket and log events related to link state, neighbour cache, IP address, route, fib rules. Changelog Debug rtm_flags and check RTM_F_CLONED fixed Install Program # tar xvzf nield-x.x.tar.gz # cd nield-x.x # ...
The 2011 CWE/SANS Top 25 Most Dangerous Software Errors is a list of the most widespread and critical errors that can lead to serious vulnerabilities in software. They are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely ...
DOM Snitch is an experimental Chrome extension that enables developers and testers to identify insecure practices commonly found in client-side code. Key features: Real-time: Developers and testers can observe DOM modifications as they happen inside the browser without the need to step through JavaScript code with a debugger or pause ...
The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities. It is the goal of OpenSCAP to provide a simple, easy to use set of interfaces to serve as the framework for ...
Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated ...
The Cross-Site Scripting Framework (XSSF) is a security tool designed to turn the XSS vulnerability exploitation task into a much easier work. The XSSF project aims to demonstrate the real dangers of XSS vulnerabilities, vulgarizing their exploitation. This project is created solely for education, penetration testing and lawful research purposes. ...