
Top Twenty Most Exploited Vulnerabilities in 2021
The number of vulnerabilities in 2021 have dramatically increased so that the technical teams in charge of the patch management find themselves drowning in a myriad of critical and urgent task
Dear all, We are happy to announce the immediate availability of the official Black Hat Arsenal Tools Github repository. It is mainly oriented for security tools that has been presented in Black Hat Arsenal since its inception. If you have attended and demoed your tool before, it is necessary that ...
The Social-Engineer Toolkit is an open-source penetration testing framework designed for social engineering. SET has a number of custom attack vectors that allow you to make a believable attack quickly. SET is a product of TrustedSec, LLC – an information security consulting firm located in Cleveland, Ohio.
Lynis is a security auditing for UNIX derivatives like Linux, Mac OS X, BSD, and Solaris. It performs an in-depth security scan on the system itself, with the goal to detect issues and provide tips for further system hardening. It will also scan for general system information, vulnerable software packages, ...
Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices. It checks security settings according to the profiles the user creates and changes them to recommended settings based on the CIS AWS Benchmark source at request of the user.
Belati is tool for collecting public data & public document from Website and other service for OSINT purpose. This tools is inspired by Foca and Datasploit for OSINT. Belati is licensed under GPL V2.
The purpose of this project is to provide a cross platform library to parse, modify and abstract ELF, PE and MachO formats. It turns out that many projects need to parse executable formats and they usually re-implement their own parser. Moreover these parsers are usually bound to one language. LIEF ...
Simple Vulnerability Manager is a program created to perform a vulnerability analysis of all the project handled by the Pentester, Project Managers or Customers of your company and automatically generate a Word reports.
Last night I was contacted by one of the CSIRT‘s head of a large French company. We talked a lot about the shortcomings and mistakes which have benefited the replication of this new malware/wiper Petya. He first told me how they were able to avoid the worst for their clients ...
The vFeed vulnerability & threat intelligence Community Edition database has been updated with +2000 new CVEs and hundreds of cross-links references (Microsoft Bulletins / Advisories, Metasploit, OpenVAS, Nessus, Nmap, OVAL, Snort, Suricata and more). Moreover, the vFeed python wrapper was updated to v0.7.2. Few enhancements included to comply with modifications occurred in the way Microsoft is now distributing its ...