
Top Twenty Most Exploited Vulnerabilities in 2021
The number of vulnerabilities in 2021 have dramatically increased so that the technical teams in charge of the patch management find themselves drowning in a myriad of critical and urgent task
Enumdb is brute force and post exploitation tool for MySQL and MSSQL databases. When provided a list of usernames and/or passwords, it will cycle through each looking for valid credentials.
GetAltName (or GAN) is a tool that extracts sub-domains or virtual domains directly from SSL certificates found in HTTPS sites. It returns a handy list of sub-domains to ease the phase of information gathering in a pen-testing assessment where you can find an interesting amount of data.
Bluto is a Passive Reconnaissance Tool. The target domain is queried for MX and NS records. Sub-domains are passively gathered via NetCraft. The target domain NS records are each queried for potential Zone Transfers. If none of them gives up their spinach, Bluto will brute force subdomains using parallel sub processing ...
WPHardening is a security tool for WordPress. Different tools to hardening WordPress.
OSUETA stands for OpenSSH User Enumeration Timing Attack and is a small script written in Python to exploit a bug present in versions 5 . * and 6. * of OpenSSH . In these versions during the authentication process, you may obtain a list of users in the system discriminated ...
FSDroid is an automated program to penetrate and analyze local storage of the most widely used mobile platform – Android.
El Jefe (pronounced ‘ell-HEFF-ay’) is a Windows based process monitoring solution. El Jefe produces a unique view into how processes are created, what privileges they possess and what child processes they spawn. All of this information is stored, and categorized into a central logging server, which allows a user to ...
GoLismero is an open source framework for security testing. It’s currently geared towards web security, but it can easily be expanded to other kinds of scans.
Bing-IP2hosts – Enumerate hostnames for an IP using bing.com. This feature is can be used with the IP: parameter in the search query as shown in the image above. Bing-ip2hosts uses this feature to enumerate all hostnames which Bing has indexed for a specific IP address. Licensed under GPLv3.