The Latest Infosec News, Tools, and Exploits – Got Root?
Installing / Getting started A quick guide of how to install and use Juumla. Docker If you want to run Juumla in a Docker container, follow this commands: Pre-requisites Python 3 installed on your machine. […]
What is CorsMe ? A cors misconfiguration scanner tool based on golang with speed and precision in mind . Misconfiguration type this scanner can check for Reflect Origin checks Prefix Match Suffix Match Not Esacped […]
Its functionality includes: Checking the validity of a token Testing for known exploits: (CVE-2015-2951) The alg=none signature-bypass vulnerability (CVE-2016-10555) The RS/HS256 public key mismatch vulnerability (CVE-2018-0114) Key injection vulnerability (CVE-2019-20933/CVE-2020-28637) Blank password vulnerability (CVE-2020-28042) Null […]
Create a target list or select one target, scans then exploits, done!Vulnnr is a Vulnerability Scanner & Auto Exploiter You can use this tool to check the security by finding the vulnerability in your website […]
About AVAIN is a modular vulnerability analysis / penetration testing framework for computer networks and individual machines that allows its modules to work collaboratively to achieve more sophisticated results. Once you start an analysis with […]
About WhatWeb WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded […]
It will scan the target servers from shodan and then find the vulnerable servers to CVE-2020-3452 (Cisco Adaptive Security Appliance and FTD Unauthorized Remote File Reading). About A vulnerability in the web services interface of […]
Introduction masscan is fast, nmap can fingerprint software and vulners is a huge vulnerability database. Silver is a front-end that allows complete utilization of these programs by parsing data, spawning parallel processes, caching vulnerability data […]
API and Web App for analyzing & finding a person profile across +300 social media websites. It includes different string analysis and detection modules, you can choose which combination of modules to use during the […]
TLS Certificate Discovery Script to identify new host using the subjectAltName (Subject Alternate Name) extension of a x509 HTTP TLS certificate. Motivation This tool was developed because I have noticed that during the reconnaisance phase […]
