Frida - Dynamic Code Instrumentation Toolkit

Frida – Dynamic Code Instrumentation Toolkit

Frida is basically Greasemonkey for native apps, or, put in more technical terms, it’s a dynamic code instrumentation toolkit. It lets you inject snippets of JavaScript into native apps on Windows, Mac, Linux, iOS and Android. Frida also provides you with some simple tools built on top of the Frida API. These can be used […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Programming | Add a Comment
Defence In Depth For Web Applications

Defence In Depth For Web Applications

Defence in depth for web applications is something that not many companies apply even though the model itself is nothing new. Defence in depth refers to applying security controls across multiple layers, typically Data, Application, Host, Internal Network, Perimeter, Physical + Policies/Procedures/Awareness. Defence in depth is a principle of adding security in layers in order […]

Tags: , , , , , , , ,

Posted in: Advertorial, Countermeasures | Add a Comment
BetterCap - Modular, Portable MiTM Framework

BetterCap – Modular, Portable MiTM Framework

BetterCAP is a powerful, modular, portable MiTM framework that allows you to perform various types of Man-In-The-Middle attacks against the network. It can also help to manipulate HTTP and HTTPS traffic in real-time and much more. BetterCap has some pretty impressive Spoofing abilities with multiple host discovery (just launch the tool and it will start […]

Tags: , , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment
Mac OS X Ransomware KeRanger

Mac OS X Ransomware KeRanger Is Linux Encoder Trojan

So there’s been a fair bit of noise this past week about the Mac OS X Ransomware, the first of its’ kind called KeRanger. It also happens to be the first popular Mac malware of any form for some time. It’s also a lesson to all the Apple fanbois that their OS is not impervious […]

Tags: , , , , , , , , , ,

Posted in: Apple, Malware | Add a Comment
DIRB - Domain Brute-forcing Tool

DIRB – Domain Brute-forcing Tool

DIRB is a Web Content Scanner AKA a domain brute-forcing tool. It looks for existing (and/or hidden) Web Objects, it works by launching a dictionary based attack against a web server and analysing the responses. DIRB comes with a set of preconfigured attack word-lists for easy usage but you can use your custom word-lists. Also […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment
AuthMatrix - Test Web Authorisation

AuthMatrix for Burp Suite – Web Authorisation Testing Tool

AuthMatrix a web authorisation testing tool built as an extension to Burp Suite that provides a simple way to test authorisation in web applications and web services. With AuthMatrix, testers focus on thoroughly defining tables of users, roles, and requests for their specific target application upfront. These tables are displayed through the UI in a […]

Tags: , , , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment
DROWN Attack

DROWN Attack on TLS – Everything You Need To Know

So SSL in general is having a rough time lately, now with the SSLv2 DROWN attack on TLS. And this is not long after Logjam and a while since Heartbleed, POODLE and FREAK. DROWN is a cross-protocol attack that can decrypt passively collected TLS sessions from up-to-date clients and stands for Decrypting RSA with Obsolete […]

Tags: , , , , , , , , , ,

Posted in: Cryptography, Exploits/Vulnerabilities | Add a Comment
Cyborg Hawk Linux

Cyborg Hawk Linux – Penetration Testing Linux Distro

Cyborg Hawk Linux is a Ubuntu (Linux) based Penetration Testing Linux Distro developed and designed for ethical hackers and penetration testers. Cyborg Hawk Distro can be used for network security and assessment and also for digital forensics. It also has various tools suited to the testing of Mobile Security and Wireless infrastructure. It’s clearly not […]

Tags: , , , , , , , , , , ,

Posted in: Hacking Tools, Linux Hacking | Add a Comment
Veil Antivirus Evasion Framework

Veil Framework – Antivirus Evasion Framework

The Veil-Framework is a collection of red team security tools that implement various attack methods focused on antivirus evasion and evading detection. Antivirus ‘solutions’ don’t often catch the bad guys, but they do often catch pen-testing during assignment. This tool came about as a way to execute existing shellcode in a way that could evade […]

Tags: , , , , , , , , , ,

Posted in: Hacking Tools, Malware | Add a Comment
WordPress Security Tips

13 WordPress Security Tips From Acunetix

WordPress has a pretty poor reputation when it comes to security, so here are some WordPress security tips from Acunetix. The WordPress security perception is mostly unfounded sadly, as core WordPress is pretty secure – as long as it’s updated. The same goes for plug-ins and themes, if poorly maintained they are an easy ingress […]

Tags: , , , , , , ,

Posted in: Advertorial, Countermeasures | Add a Comment