The Latest Infosec News, Tools, and Exploits – Got Root?
Imagine this: You come across some mysterious text 5f4dcc3b5aa765d61d8327deb882cf99 and you wonder what it is. What do you do? Well, with what all you have to do is ask what “5f4dcc3b5aa765d61d8327deb882cf99” and what will tell […]
The Universal Radio Hacker (URH) is a complete suite for wireless protocol investigation with native support for many common Software Defined Radios. URH allows easy demodulation of signals combined with an automatic detection of modulation […]
CALDERA™ is a cyber security framework designed to easily automate adversary emulation, assist manual red-teams, and automate incident response. It is built on the MITRE ATT&CK™ framework and is an active research project at MITRE. […]
The WordPress plugin wpDiscuz version 7.0.4 suffers an arbitrary file upload vulnerability that does not require authentication.
Nuclei is used to send requests across targets based on a template leading to zero false positives and providing fast scanning on large number of hosts. Nuclei offers scanning for a variety of protocols including […]
What is CorsMe ? A cors misconfiguration scanner tool based on golang with speed and precision in mind . Misconfiguration type this scanner can check for Reflect Origin checks Prefix Match Suffix Match Not Esacped […]
Its functionality includes: Checking the validity of a token Testing for known exploits: (CVE-2015-2951) The alg=none signature-bypass vulnerability (CVE-2016-10555) The RS/HS256 public key mismatch vulnerability (CVE-2018-0114) Key injection vulnerability (CVE-2019-20933/CVE-2020-28637) Blank password vulnerability (CVE-2020-28042) Null […]
Smart File Hunter’s (SFH) objective is the efficient identification of files, which contain potential sensitive information like passwords or private keys to escalate privileges within a network. Thereby, SFH supports searching the following sources: File […]
Altdns is a DNS recon tool that allows for the discovery of subdomains that conform to patterns. Altdns takes in words that could be present in subdomains under a domain (such as test, dev, staging) […]
A tool to efficiently discover and extract hostnames providing a large set of target IP addresses. HostHunter utilises simple OSINT techniques to map IP addresses with virtual hostnames. It generates a CSV or TXT file […]
