Kubeaudit – Tool To Audit Your Kubernetes Clusters Against Common Security Controlskubeaudit is a command line tool and a Go package to audit Kubernetes clusters for...
Month: July 2022
Kubeaudit – Tool To Audit Your Kubernetes Clusters Against Common Security Controls
Kubeaudit – Tool To Audit Your Kubernetes Clusters Against Common Security Controlskubeaudit is a command line tool and a Go package to audit Kubernetes clusters for...
CVE-2022-31107: Grafana OAuth Account Takeover Vulnerability
CVE-2022-31107: Grafana OAuth Account Takeover VulnerabilityOpen-source analytics and interactive visualization solution Grafana received a critical update recently to fix two high-severity security vulnerabilities that enabled... The...
mobsfscan v0.1.1 releases: find insecure code patterns in your Android and iOS source code
mobsfscan v0.1.1 releases: find insecure code patterns in your Android and iOS source codemobsfscan mobsfscan is a static analysis tool that can find insecure code patterns in...
Zenbuster – Multi-threaded URL Enumeration/Brute-Forcing Tool
Zenbuster – Multi-threaded URL Enumeration/Brute-Forcing ToolZenBuster is a multi-threaded, multi-platform URL enumeration tool written in Python by Zach Griffin (@0xTas). I wrote this tool as... The...
Zenbuster – Multi-threaded URL Enumeration/Brute-Forcing Tool
Zenbuster – Multi-threaded URL Enumeration/Brute-Forcing ToolZenBuster is a multi-threaded, multi-platform URL enumeration tool written in Python by Zach Griffin (@0xTas). I wrote this tool as... The...
mobsfscan v0.1.1 releases: find insecure code patterns in your Android and iOS source code
mobsfscan v0.1.1 releases: find insecure code patterns in your Android and iOS source codemobsfscan mobsfscan is a static analysis tool that can find insecure code patterns in...
Koh – The Token Stealer
Koh – The Token Stealer[*] Koh is a C# and Beacon Object File (BOF) toolset that allows for the capture of user credential material... The post...
Koh – The Token Stealer
Koh – The Token Stealer[*] Koh is a C# and Beacon Object File (BOF) toolset that allows for the capture of user credential material... The post...
XLL Phishing: specifically crafted for Microsoft Excel
XLL Phishing: specifically crafted for Microsoft ExcelXLL_Phishing Introduction With Microsoft’s recent announcement regarding the blocking of macros in documents originating from the internet (email AND web download),......
XLL Phishing: specifically crafted for Microsoft Excel
XLL Phishing: specifically crafted for Microsoft ExcelXLL_Phishing Introduction With Microsoft’s recent announcement regarding the blocking of macros in documents originating from the internet (email AND web download),......
CVE-2022-33891: Apache Spark Shell Command Injection Vulnerability
CVE-2022-33891: Apache Spark Shell Command Injection VulnerabilityApache Spark released the latest security bulletin on July 18, which contains a shell command injection vulnerability (CVE-2022-33891). The severity......
CVE-2022-33891: Apache Spark Shell Command Injection Vulnerability
CVE-2022-33891: Apache Spark Shell Command Injection VulnerabilityApache Spark released the latest security bulletin on July 18, which contains a shell command injection vulnerability (CVE-2022-33891). The severity......
GraphCrawler: GraphQL automated testing tookit
GraphCrawler: GraphQL automated testing tookitGraphCrawler Graph Crawler is an automated testing toolkit for any GraphQL endpoint. It will run through and check if the... The post...
GraphCrawler: GraphQL automated testing tookit
GraphCrawler: GraphQL automated testing tookitGraphCrawler Graph Crawler is an automated testing toolkit for any GraphQL endpoint. It will run through and check if the... The post...
Coercer v1.6 releases: automatically coerce a Windows server to authenticate on an arbitrary machine
Coercer v1.6 releases: automatically coerce a Windows server to authenticate on an arbitrary machineCoercer A python script to automatically coerce a Windows server to authenticate on...
Coercer v1.6 releases: automatically coerce a Windows server to authenticate on an arbitrary machine
Coercer v1.6 releases: automatically coerce a Windows server to authenticate on an arbitrary machineCoercer A python script to automatically coerce a Windows server to authenticate on...
DOJ Seized Almost $500k in Cryptocurrency from Hackers
DOJ Seized Almost $500k in Cryptocurrency from HackersThe Department of Justice seized “approximately half a million dollars” in cryptocurrency from accounts owned by alleged hackers. On...
DOJ Seized Almost $500k in Cryptocurrency from Hackers
DOJ Seized Almost $500k in Cryptocurrency from HackersThe Department of Justice seized “approximately half a million dollars” in cryptocurrency from accounts owned by alleged hackers. On...
Cdb – Automate Common Chrome Debug Protocol Tasks To Help Debug Web Applications From The Command-Line And Actively Monitor And Intercept HTTP Requests And Responses
Cdb – Automate Common Chrome Debug Protocol Tasks To Help Debug Web Applications From The Command-Line And Actively Monitor And Intercept HTTP Requests And ResponsesPown CDB...
Cdb – Automate Common Chrome Debug Protocol Tasks To Help Debug Web Applications From The Command-Line And Actively Monitor And Intercept HTTP Requests And Responses
Cdb – Automate Common Chrome Debug Protocol Tasks To Help Debug Web Applications From The Command-Line And Actively Monitor And Intercept HTTP Requests And ResponsesPown CDB...
laurel: Transform Linux Audit logs for SIEM usage
laurel: Transform Linux Audit logs for SIEM usageLinux Audit – Usable, Robust, Easy Logging LAUREL is an event post-processing plugin for auditd(8) to improve its usability in modern...
laurel: Transform Linux Audit logs for SIEM usage
laurel: Transform Linux Audit logs for SIEM usageLinux Audit – Usable, Robust, Easy Logging LAUREL is an event post-processing plugin for auditd(8) to improve its usability in modern...
restler-fuzzer: first stateful REST API fuzzing tool
restler-fuzzer: first stateful REST API fuzzing toolRESTler What is RESTler? RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs......
restler-fuzzer: first stateful REST API fuzzing tool
restler-fuzzer: first stateful REST API fuzzing toolRESTler What is RESTler? RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs......
RESim – Reverse Engineering Software Using A Full System Simulator
RESim – Reverse Engineering Software Using A Full System SimulatorReverse engineering using a full system simulator. Dynamic analysis by instrumenting simulated hardware using Simics Trace process...
RESim – Reverse Engineering Software Using A Full System Simulator
RESim – Reverse Engineering Software Using A Full System SimulatorReverse engineering using a full system simulator. Dynamic analysis by instrumenting simulated hardware using Simics Trace process...
7 key considerations: Zero Trust Network Architecture
7 key considerations: Zero Trust Network ArchitectureEXECUTIVE SUMMARY: Explore seven key considerations for when you and your team evaluate a Zero Trust Network Access (ZTNA) solution...
cervantes: open-source collaborative platform for pentesters or red teams
cervantes: open-source collaborative platform for pentesters or red teamsCervantes Cervantes is an open-source collaborative platform for pentesters or red teams who want to save time managing...
Koh: capture of user credential material
Koh: capture of user credential materialKoh Koh is a C# and Beacon Object File (BOF) toolset that allows for the capture of user credential material... The...