CMSmap is a Python open source Content Management System security scanner that automates the process of detecting security flaws of the most popular CMSs. The main purpose of CMSmap is to integrate common vulnerabilities for different types of CMSs in a single tool. At the moment, CMSs supported by CMSmap are WordPress, Joomla and Drupal. […]
Archives for 2015
Google Expands Pwnium Year Round With Infinite Bounty
There are various bug bounty programs, with Google being one of the forerunners in the field – Twitter was late to the party just joining in September 2014. The latest development is that Google is stopping the annual Pwnium hack fest aimed at the Chromium project to stop bug hoarding, which makes Pwnium essentially a […]
VScan – Open Source Vulnerability Management System
VScan is an open source Vulnerability Management System designed to make it easier for an organization to track vulnerability resolution and ensure anything found in their infrastructure is fixed. VScan was created as after a vulnerability assessment it can sometimes be difficult to track the implementation of a security improvement program, so this tool can […]
Windows Credentials Editor (WCE) – List, Add & Change Logon Sessions
Windows Credentials Editor (WCE) is a security tool to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes, plaintext passwords and Kerberos tickets). This tool can be used, for example, to perform pass-the-hash on Windows, obtain NT/LM hashes from memory (from interactive logons, services, remote desktop connections, etc.), obtain Kerberos […]
Facebook Launches ThreatExchange – Security Clearinghouse API
So Facebook has launched ThreatExchange, a social network for information security intelligence and cyberthreat sharing, how apt. They have signed up some fairly heavyweight partners from the get go with Bitly, Dropbox, Pinterest, Tumblr, Twitter and Yahoo! being involved initially. With those kind of names, it’s a sure bet more people will jump on the […]