full screen background image
Search
Monday 11 December 2017
  • :
  • :

RDP (Remote Desktop Protocol) backdoor – Malware analysis

Hello. I found something interesting for today. The form i found the file is the classic one: Hacking forum-> Magic software for Bitcoin...

BootStomp – A Bootloader Vulnerability Finder

  BootStomp is a boot-loader bug finder. It looks for two different class of bugs: memory corruption and state storage...

w3af – Web Application Attack and Audit Framework

  w3af is an open source web application security scanner which helps developers and penetration testers identify and exploit...

Findsploit – Find exploits in local and online databases instantly

Find exploits in local and online databases instantly Finsploit is a simple bash script to quickly and easily search both local and online...

V3n0M-Scanner – Popular Pentesting scanner for SQLi/XSS/LFI/RFI and other Vulns

  V3n0M is a free and open source scanner. Evolved from baltazar’s scanner, it has adapted several new features that improve...

Sublist3r v1.0 – Fast subdomains enumeration tool for penetration testers

  Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters...

Syhunt ScanTools 6.0 – Console Web Vulnerability Scan Tools

Syhunt ScanTools 6.0 adds advanced fingerprinting capabilities, enhanced spidering, injection and code scan capabilities, and a large...

Security Onion Configuration in VMware

Security Onion is a Linux distro for intrusion detection, network security monitoring, and log management. It’s based on Ubuntu and...

Fake Java Update – Malware analysis

File hosted on: h**p://www.packagegiftnow.com/ As you already know, some websites have implemented a script that tells you that you have an...

SecOps Europe | International Exercise & Conference on Security Operations

The shortest way to explore what will happen in SecOps Europe 2018. WE WOULD LIKE TO INVITE YOU TO OUR IT SECURITY PROFESSIONAL DAYS....

XSSSNIPER – An Automatic XSS Discovery Tool

XSSSNIPER is an handy xss discovery tool with mass scanning functionalities. Usage: Usage: xsssniper.py [options] Options: -h, --help show...

arp-validator – Security Tool To Detect ARP Poisoning Attacks

Security Tool to detect arp poisoning attacks. Features Uses a faster approach in detection of arp poisoning attacks compared to passive...

WhatWeb v0.4.9 – Next Generation Web Scanner

WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including...

pdfxpose: detecting suspicious PDF modifications

pdfxpose – A security tool for detecting suspicious PDF modifications commonly found in BEC. While investigating Business Email...

Amber – POC Reflective PE Packer

Amber is a proof of concept packer, it can pack regularly compiled PE files into reflective PE files that can be used as multi stage...

WPSploit – WordPress Plugin Code Scanner

This tool is intended for Penetration Testers who audit WordPress plugins or developers who wish to audit their own WordPress plugins. For...

0d1n v2.5 – Web Security Tool to Make Fuzzing at HTTP/S

Web security tool to make fuzzing at HTTP inputs, made in C with libCurl. 0d1n is a tool for automating customized attacks against web...

Zeus-Scanner – Advanced Reconnaissance Utility

Zeus is an advanced reconnaissance utility designed to make web application reconnaissance simple. Zeus comes complete with a powerful...

DR.CHECKER – A Soundy Vulnerability Detection Tool for Linux Kernel Drivers

DR.CHECKER: A Soundy Vulnerability Detection Tool for Linux Kernel Drivers Tested on Ubuntu >= 14.04.5 LTS 1. Setup The implementation...

Hijacker v1.4 – All-in-One Wi-Fi Cracking Tools for Android

  Hijacker is a Graphical User Interface for the penetration testing tools Aircrack-ng, Airodump-ng, MDK3 and Reaver. It offers a...

DBC2 (DropboxC2) – A Modular Post-Exploitation Tool, Composed Of An Agent Running On The Victim’S Machine

DBC2 (DropboxC2) is a modular post-exploitation tool, composed of an agent running on the victim’s machine, a controler, running on...

Unseen sample of malware-Modified coding code – DarkWeb TOR project.

Hello. Today I had a nice surprise. I found in the Spam file an email telling me they just sent me an electronic invoice. I have to say...

WannaCryptor Analysis

WannaCryptor was a global ransomware outbreak which created chaos on May 12-2017. Initially, it propagated using EternalBlue exploit...

Pentesting Mobile Applications with Burpsuite

Securing mobile applications is one of the most important issues today, especially with the continuing evolution of sophisticated cyber...

Exploiting X11 Unauthenticated Access

In this article, we are going to see how to exploit the x11Server Unauthenticated Access vulnerability which is associated with the...

Security Advice – The Antivirus is just a security helper!

Hello again. Most computer users do not have a specific IT security training. They use simple passwords, save them in computer files, and...

Zico2: 1 – Walkthrough

Zico2 is a machine that came on VulnHub. Created by Rafael, it surfaced on June 19th, 2017. It can be downloaded from...

Pentester Academy Command Injection ISO: Basilic 1.5.14 exploitation

The Pentester Academy has just recently launched a Command Injection ISO virtual image of Ubuntu. This image has 10 real-world applications...

Understanding Guide to Nmap Firewall Scan (Part 2)

In our previous article we had demonstrated “Nmap firewall scan (part 1)” by making use of Iptable rules and then try to bypass...

Hack The Ether: EvilScience VM (CTF Challenge)

Hello friends! Today we are going to take another CTF challenge known as The Ether: EvilScience. The credit for making this vm machine goes...