
Top Twenty Most Exploited Vulnerabilities in 2021
The number of vulnerabilities in 2021 have dramatically increased so that the technical teams in charge of the patch management find themselves drowning in a myriad of critical and urgent task
Patriot is a ‘Host IDS’ tool which allows real time monitoring of changes in Windows systems or Network attacks. Patriot monitors: Changes in Registry keys: Indicating whether any sensitive key (autorun, internet explorer settings…) is altered. New files in ‘Startup’ directories New Users in the System New Services installed Changes ...
rdp-sec-check is a tool to remotely check if certain security features of an RDP service (AKA Terminal Services) have been enabled. It does not require authentication, only network connectivity to TCP port 3389. It can determine many (though not quite all) of the security settings from the RDP-Tcp Properties | ...
NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files ...
The Social-Engineer Toolkit (SET) was created and written by the founder of TrustedSec. It is an open-source Python-driven tool aimed at penetration testing around Social-Engineering. SET has been presented at large-scale conferences including Blackhat, DerbyCon, Defcon, and ShmooCon. With over two million downloads, SET is the standard for social-engineering penetration ...
Kautilya is a toolkit which provides various payloads for Teensy device which may help in breaking in a computer. The toolkit is written in Ruby. The Windows payloads and modules are written mostly in powershell (in combination with native commands) and are tested on Windows 7. The Linux payloads are mostly commands in combination with ...
Written completely in Perl, this suite of tools covers a lot of the basics for penetration testing and vulnerability detection automation. This Suite (formerly known as the “pCrack Suite”) of tools is used primarily or web application vulnerability testing. Inside pWeb -Suite Vulnerability Scanning: LFI / RFI – H3lLFiRE – LFI ...
Quttera malicious content detection technology directly from your Word Press dashboard! Keep your blog malware-free with Quttera Web Malware Scanner. Detect malware, exploits, JavaScript code obfuscation and other suspicious activity. The plugin scans the content of your blog for web-based malware in its various formats. The data is investigated on ...
WebCruiser – Web Vulnerability Scanner, an effective and powerful web penetration testing tool that will aid you in auditing your website! It has a Vulnerability Scanner and a series of security tools. It can support scanning website as well as POC (Proof of concept) for web vulnerabilities: SQL Injection, Cross ...
Suricata is a rule-based ID/PS engine that utilises externally developed rule sets to monitor network traffic and provide alerts to the system administrator when suspicious events occur. Designed to be compatible with existing network security components, Suricata features unified output functionality and pluggable library options to accept calls from other applications.