In the world of web application security systems, there exists a myriad of systems to protect public-facing services in any number of ways.

An Introduction To Web Application Security Systems

In the world of web application security systems, there exists a myriad of systems to protect public-facing services in any number of ways. They come packed with all the elements necessary to play an action-packed round of buzzword bingo, but they often overlap in some ways that may make them sometimes seem similar. After the second […]

Tags: , , , , , , , ,

Posted in: Advertorial, Countermeasures, Security Software | Add a Comment
IGHASHGPU - GPU Based Hash Cracking - SHA1, MD5 & MD4

IGHASHGPU – GPU Based Hash Cracking – SHA1, MD5 & MD4

IGHASHGPU is an efficient and comprehensive command line GPU based hash cracking program that enables you to retrieve SHA1, MD5 and MD4 hashes by utilising ATI and nVidia GPUs. It even works with salted hashes making it useful for MS-SQL, Oracle 11g, NTLM passwords and others than use salts. IGHASHGPU is meant to function with […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Password Cracking | Add a Comment
PowerOPS - PowerShell Runspace Portable Post Exploitation Tool

PowerOPS – PowerShell Runspace Portable Post Exploitation Tool

PowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell “easier”. PowerOPS is an application written in C# that does not rely on powershell.exe but runs PowerShell commands and functions within a powershell runspace environment (.NET). It intends to include multiple offensive PowerShell modules to make the process of Post Exploitation easier. […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Windows Hacking | Add a Comment
Shadow Brokers NSA Hack Leaks 0-day Vulnerabilities

Shadow Brokers NSA Hack Leaks 0-day Vulnerabilities

Right now there’s a ton of people talking about the NSA Hack, the severity, the repercussions and the value of what has been leaked. It seems the 0-day exploits in the cache of stolen aren’t super recent ones, as it appears they are from 2013. But even so, some of them haven’t been patched as […]

Tags: , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools | Add a Comment
UFONet - Open Redirect DDoS Tool

UFONet – Open Redirect DDoS Tool

UFONet is an open redirect DDoS tool designed to launch attacks against a target, using insecure redirects in third party web applications, like a botnet. Obviously, only for testing purposes. The tool abuses OSI Layer 7-HTTP to create/manage ‘zombies’ and to conduct different attacks using; GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc. […]

Tags: , , , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment
Pompem - Exploit & Vulnerability Finder

Pompem – Exploit & Vulnerability Finder

Pompem is an open source exploit & vulnerability finder tool, designed to automate the search for Exploits and Vulnerability in the most important databases. Developed in Python, has a system of advanced search, that help the work of pen-testers and ethical hackers. In the current version, it performs searches in PacketStorm security, CXSecurity, ZeroDay, Vulners, […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools | Add a Comment
Bug Bounties Reaching $500,000 For iOS Exploits

Bug Bounties Reaching $500,000 For iOS Exploits

It seems this year bug bounties are getting really serious, especially on the secondary market involving exploit trading firms, not direct to the software producer or owner. $500,000 isn’t chump change and would be a good year for a small security team, especially living somewhere with a weaker currency. Even for a solo security researcher […]

Tags: , , , , , , , , , ,

Posted in: Apple, Exploits/Vulnerabilities | Add a Comment
CuckooDroid - Automated Android Malware Analysis

CuckooDroid – Automated Android Malware Analysis

CuckooDroid is an extension of Cuckoo Sandbox the Open Source software for automating analysis of suspicious files, for Android malware analysis. CuckooDroid brings to Cuckoo the capabilities of execution and analysis of android applications. CuckooDroid provides both static and dynamic APK inspection as well as evading certain VM-detection techniques, encryption key extraction, SSL inspection, API […]

Tags: , , , , , , , , ,

Posted in: Forensics, Malware | Add a Comment
Telegram Hacked - Possible Nation State Attack By Iran

Telegram Hack – Possible Nation State Attack By Iran

So there’s been a lot of news lately about the Telegram hack and how 15 million accounts were compromised, which is not technically true. There’s 2 vectors of attack at play here, both of which regard Iranian users, but are not connected (other than the attackers probably being the same group). So the two attacks […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Privacy | Add a Comment
miranda-upnp - Interactive UPnP Client

miranda-upnp – Interactive UPnP Client

Miranda is a Python-based UPnP (Universal Plug-N-Play) client application designed to discover, query and interact with UPNP devices, particularly Internet Gateway Devices (aka, routers). It can be used to audit UPNP-enabled devices on a network for possible vulnerabilities. Miranda was built on and for a Linux system and has been tested on a Linux 2.6 […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment