The Latest Infosec News, Tools, and Exploits – Got Root?
The Universal Radio Hacker (URH) is a complete suite for wireless protocol investigation with native support for many common Software Defined Radios. URH allows easy demodulation of signals combined with an automatic detection of modulation […]
CALDERA™ is a cyber security framework designed to easily automate adversary emulation, assist manual red-teams, and automate incident response. It is built on the MITRE ATT&CK™ framework and is an active research project at MITRE. […]
Nuclei is used to send requests across targets based on a template leading to zero false positives and providing fast scanning on large number of hosts. Nuclei offers scanning for a variety of protocols including […]
What is CorsMe ? A cors misconfiguration scanner tool based on golang with speed and precision in mind . Misconfiguration type this scanner can check for Reflect Origin checks Prefix Match Suffix Match Not Esacped […]
Its functionality includes: Checking the validity of a token Testing for known exploits: (CVE-2015-2951) The alg=none signature-bypass vulnerability (CVE-2016-10555) The RS/HS256 public key mismatch vulnerability (CVE-2018-0114) Key injection vulnerability (CVE-2019-20933/CVE-2020-28637) Blank password vulnerability (CVE-2020-28042) Null […]
Smart File Hunter’s (SFH) objective is the efficient identification of files, which contain potential sensitive information like passwords or private keys to escalate privileges within a network. Thereby, SFH supports searching the following sources: File […]
Altdns is a DNS recon tool that allows for the discovery of subdomains that conform to patterns. Altdns takes in words that could be present in subdomains under a domain (such as test, dev, staging) […]
A tool to efficiently discover and extract hostnames providing a large set of target IP addresses. HostHunter utilises simple OSINT techniques to map IP addresses with virtual hostnames. It generates a CSV or TXT file […]
Installation from Binary The installation is easy. You can download a prebuilt binary from releases page, unpack and run! or with ▶ curl -sSfL https://git.io/crlfuzz | sh -s — -b /usr/local/bin from Source If you […]
DalFox is a fast, powerful parameter analysis and XSS scanner, based on a golang/DOM parser. supports friendly Pipeline, CI/CD and testing of different types of XSS. I talk about naming. Dal(달) is the Korean pronunciation […]
