Tag Archive | "penetration-testing"


09 July 2014 | 2,954 views

dirs3arch – HTTP File & Directory Brute Forcing Tool

dirs3arch is a simple command line tool designed to brute force directories and files in websites. It’s a HTTP File & Directory Brute Forcing Tool similar to DirBuster. Features Keep alive connections Multithreaded Detect not found web pages when 404 not found errors are masked (.htaccess, web.config, etc). Recursive brute forcing Getting Started

You [...]

Continue Reading


27 June 2014 | 2,832 views

Dradis v2.9 – Information Sharing For Security Assessments

Dradis is an open source framework to enable effective information sharing, specially during security assessments. It’s a tool specifically to help in the process of penetration testing. Penetration testing is about information: Information discovery Exploit useful information Report the findings But penetration testing is also about sharing the information you and your teammates gather. Not [...]

Continue Reading


07 May 2014 | 2,136 views

MagicTree v1.3 Available For Download – Pentesting Productivity

Have you ever spent ages trying to find the results of a particular portscan you were sure you did? Or grepping through a bunch of files looking for data for a particular host or service? Or copy-pasting bits of output from a bunch of typescripts into a report? We certainly did, and that’s why we [...]

Continue Reading


02 May 2014 | 1,385 views

Host-Extract – Enumerate All IP/Host Patterns In A Web Page

host-extract is a little ruby script that tries to extract all IP/Host patterns in page response of a given URL and JavaScript/CSS files of that URL. With it, you can quickly identify internal IPs/Hostnames, development IPs/ports, cdn, load balancers, additional attack entries related to your target that are revealed in inline js, css, html comment [...]

Continue Reading


22 April 2014 | 1,417 views

RAWR – Rapid Assessment of Web Resources

Introducing RAWR (Rapid Assessment of Web Resources). There’s a lot packed in this tool that will help you get a better grasp of the threat landscape that is your client’s web resources. It has been tested from extremely large network environments, down to 5 node networks. It has been fine-tuned to promote fast, accurate, and [...]

Continue Reading


15 April 2014 | 3,364 views

Kvasir – Penetration Testing Data Management Tool

Penetration Testing Data Management can be a nightmware, because well you generate a LOT of data and some information when conducing a penetration test, especially using tools – they return lots of actual and potential vulnerabilitites to review. Port scanners can return thousands of ports for just a few hosts. How easy is it to [...]

Continue Reading


30 October 2013 | 3,427 views

FoxOne Free OSINT Tool – Server Reconnaissance Scanner

FoxOne is a free OSINT tool, described by the author (th3j35t3r) as a Non-Invasive and Non-Detectable Server Reconnaissance Scanner. Bypassing API limitations and currently detecting 6500+ vulnerable server paths/files – without ever touching the target server. Very good for getting hold of intel on a given domain (example.com). The intel gained serves both as actionable [...]

Continue Reading


18 July 2012 | 3,430 views

spt v0.6.0 – Simple Phishing Toolkit Available For Download

spt is a simple concept with powerful possibilities. It is what it’s name implies: a simple phishing toolkit. The basic idea the spt project had was “Wouldn’t it be cool if there were a simple, effective, easy to use and free (most importantly!) tool that information security professionals could use to evaluate and train what [...]

Continue Reading


14 May 2012 | 7,202 views

CODENAME: Samurai Skills – Real World Penetration Testing Training

Introduction Yes, there’s another new kid on the block when it comes to penetration testing training, this course is known as CODENAME: Samurai Skills by Ninja-Sec. I’m not going to go and compare this to any other course out there as I think there’s a place for all of them, and they all have pros [...]

Continue Reading


21 March 2012 | 6,345 views

eLearnSecurity Launches Newly Updated & Refreshed Penetration Testing Professional Training v2

Introduction It’s been a while since we’ve mentioned this course, of course since we mentioned it back in May 2010 – eLearnSecurity – Online Penetration Testing Training – eLearnSecurity has been making continuous improvements to the course-ware and the subject matter. But now in 2012, it’s time for them to release their major facelift – [...]

Continue Reading


Popular Tags

computer-security · darknet · exploits · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · Information-Security · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·