
Top Twenty Most Exploited Vulnerabilities in 2021
The number of vulnerabilities in 2021 have dramatically increased so that the technical teams in charge of the patch management find themselves drowning in a myriad of critical and urgent task
Netsparker can crawl, attack and identify vulnerabilities in all custom web applications regardless of the platform and the technology they are built on, just like an actual attacker. It can identify web application vulnerabilities like SQL Injection, Cross-site Scripting (XSS), Remote Code Execution and many more. It has exploitation built on it, for example you can ...
A security assessment and troubleshooting tool for the IPv6 protocols.
GoldenEye is a HTTP/S Layer 7 Denial-of-Service Testing Tool. It uses KeepAlive (and Connection: keep-alive) paired with Cache-Control options to persist socket connection busting through caching (when possible) until it consumes all available sockets on the HTTP/S server.
Hasher is a tool designed to quickly generate hashes from a plaintext string in a variety of hash formats. It also can quickly compare a plaintext string to a hash value (of a specific hash type) to determine if they are a match. Hasher was designed to be a way ...
Hook Analyser is a freeware project, started in 2011, to analyze an application during the runtime. The project can be potentially useful in analyzing malwares (static and run time), and for performing application crash analysis. Read here the documentation that explains in detail the project >> https://docs.google.com/file/d/0B4eYJx0xZdQAakoyRXpib1VENEE Here is the ...
This document, CIS CentOS Linux 6 Benchmark, provides prescriptive guidance for establishing a secure configuration posture for CentOS Linux versions 6.0 – 6.5 running on x86 and x64 platforms. This guide was tested against CentOS 6.5 as installed by CentOS-6.5-x86_64-LiveDVD. [button size=medium style=round color=red align=none url=http://benchmarks.cisecurity.org/downloads/show-single/index.cfm?file=centos6.100 ]Download [/button] Document submitted ...
A method of delivering a powershell payload via an excel macro. It contains malware characteristics, such as a self-deleting batch file and automatic persistence on the system. This is a VBA macro that uses Matt Graeber’s Invoke-Shellcode to execute a powershell payload in memory as well as schedule a task ...
PeStudio is a free tool performing the static investigation of any Windows executable binary. A file being analyzed with PeStudio is never launched. Therefore you can evaluate unknown executable and even malware with no risk. PeStudio runs on any Windows Platform and is fully portable, no installation is required. PeStudio ...
Subterfuge, a Framework to take the arcane art of Man-in-the-Middle Attacks and make it as simple as point and shoot. Subterfuge demonstrates vulnerabilities in the ARP Protocol by harvesting credentials that go across the network and even exploiting machines by injecting malicious code directly into their browsing sessions. The first ...