The Latest Infosec News, Tools, and Exploits – Got Root?
Subdomain Scan With Ping Method & Check HTTP/S Statuses. Flags Value Description –hostname example.com Domain for scan. –output Records the output with the domain name. –list /tmp/lists/example.txt Lister for subdomains. New Features Checking HTTP/HTTPS statuses […]
Rizin is a fork of the radare2 reverse engineering framework with a focus on usability, working features and code cleanliness. Rizin is portable and it can be used to analyze binaries, disassemble code, debug programs, […]
Knockpy is a python tool designed to enumerate subdomains on a target domain through a wordlist. It is designed to scan for DNS zone transfer and to try to bypass the wildcard DNS record automatically […]
Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way. Example default options How Domain analyzer takes […]
remote-method-guesser (rmg) is a command line utility written in Java and can be used to identify security vulnerabilities on Java RMI endpoints. Currently, the following operations are supported: List available bound names and their corresponding […]
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook’s GraphQL technology, to learn and practice GraphQL Security. Damn Vulnerable GraphQL is a deliberately weak and insecure implementation of GraphQL that provides a safe […]
Xerror is an automated penetration tool , which will help security professionals and non professionals to automate their pentesting tasks. Xerror will perform all tests and, at the end generate two reports for executives and […]
Features Security Project use browser for encrypt/decrypt (AES) and store data in locally. Full confidentiality of data, end-to-end encryption, by default nothing is sent out. No backend system, only front-end technology, pure JS client. Use […]
In many past internal penetration tests I often had problems with the existing Powershell Recon / Exploitation scripts due to missing proxy support. I also often ran the same scripts one after the other to […]
Requirements Docker docker-compose Webs Webgoat: localhost:8080/WebGoat DVWAP: localhost:8081 bwapp: localhost:8082/install.php Juice-Shop: localhost:8083 Usage mode. git clone https://github.com/MoisesTapia/TWAPT cd TWAPT docker-compose up -d output Creating network “cwapt_default” with the default driver Creating dvwap … done Creating […]