
Top Twenty Most Exploited Vulnerabilities in 2021
The number of vulnerabilities in 2021 have dramatically increased so that the technical teams in charge of the patch management find themselves drowning in a myriad of critical and urgent task
Netsparker Community Edition is a SQL Injection Scanner. It’s a free edition of our web vulnerability scanner for the community so you can start securing your website now. It’s user friendly, fast, smart and as always False-Positive-Free. It shares many features with professional edition. It can detect SQL Injection and ...
Ponemon Institute’s Most Trusted Companies for Privacy Study* is an objective study that asks consumers to name and rate organizations they believe are most committed to protecting the privacy of their personal information. This annual study tracks consumers’ rankings of organizations that collect and manage their personal information.
[Cross-Posted by mutual agreement with InfoSec Institute] Here is the first edition of my selection of penetration testing tools for web applications. There will be more editions of this topic so if you have a tool that you have used in performing web penetration testing, you can add ...
[Cross-Posted by mutual agreement with InfoSec Institute] Cross Site Scripting is one of the top 10 OWASP security threats. This dangerous vulnerability allows attackers to inject malicious scripts on a website in using the browser. This flaw can be found anywhere inside the application that takes users inputs. If ...
Wireshark is the world’s foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto (and often de jure) standard across many industries and educational institutions.
PACK (Password Analysis and Cracking ToolKit) is a collection of utilities developed to aid in analysis of password lists and enhancing cracking of passwords using smart rule generation. It can be used to reverse word mangling rules, generate source words and optimize password masks for the Hashcat family of tools.
DNSChef is a highly configurable DNS proxy for Penetration Testers and Malware Analysts. A DNS proxy (aka “Fake DNS“) is a tool used for application network traffic analysis among other uses.
This document contains the results of a comparative penetration test conducted by a team of security specialists at Zero Science Lab against three ‘leading’ web application firewall solutions. Our goal was to bypass security controls in place, in any way we can, circumventing whatever filters they have. This report also ...
Dear all, I’m very happy to announce the selected tools to be demoed during the Blackhat Arsenal Event 2013 in Amsterdam. So, pop up at the floor if you are around and see some great tools in action. The best part is that you can have direct interactive talk with ...