
Top Twenty Most Exploited Vulnerabilities in 2021
The number of vulnerabilities in 2021 have dramatically increased so that the technical teams in charge of the patch management find themselves drowning in a myriad of critical and urgent task
Pip3line is the Swiss Army knife of Raw Bytes Manipulation. Originally design as a replacement for the lousy decoder from Burp, it has since took a whole different turn toward raw bytes manipulations. Learn about its modularity and some of the less well known powerful functionalities to make for an ...
The difficulty of XSS detection lies in various ways of triggering, but in the end the behavior of attack is common. We skip the detection of trigger modes, but choose to use the JS against JS, directly monitoring abnormal behaviors of the client. We can get a lot of information ...
The PenTesters Framework (PTF) is a Python script designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. As pentesters, we’ve been accustom to the /pentest/ directories or our own toolsets that we want to keep up-to-date all of the time. We have those “go ...
Malcom is a tool designed to analyze a system’s network communication using graphical representations of network traffic, and cross-reference them with known malware sources. This comes handy when analyzing how certain malware species try to communicate with the outside world.
StackPivotChecker is a tool to provide instruction level inspection on stack pivoting behavior from 0-day. It provides rapid 0-day analysis capability.
CROZONO is focused on the development of a modular attack framework that enables the user to perform automated penetration tests on security perimeters from non-conventional mobile devices that could ease the access to the physical medium of a wireless network (drones, robots, remote controlled prototypes, etc.).
Faraday introduces a new concept (IPE) Integrated Penetration-Test Environment a multiuser Penetration test IDE. Designed for distribution, indexation and analysis of the generated data during the process of a security audit.
lastAudit – Free Windows security scanning and information gathering tool. For pentesters, shows security configuration errors and sensitive information. For home users,reveals what information can be accessed, stolen and used by malware authors.
lastAudit – Free Windows security scanning and information gathering tool. For pentesters, shows security configuration errors and sensitive information. For home users,reveals what information can be accessed, stolen and used by malware authors.