XSStrike is an advanced XSS detection suite, which contains a powerful XSS fuzzer and provides zero false positive results using fuzzy matching. XSStrike is the first XSS scanner to generate its own payloads. It is also built in an intelligent enough manner to detect and break out of various contexts. Features of XSStrike XSS Fuzzer […]
Archives for 2018
Bitdefender Releases FREE GandCrab Ransomware Decryption Tool
The latest ransomware kicking everyone’s ass is Gandcrab which has infected an estimated 50,000 computers, fortunately for the victims, Bitdefender has released a free Gandcrab ransomware decryption tool as a part of the No More Ransom Project. There’s nothing particularly notable about the ransomware itself other than it combines two existing exploit kits to compromise […]
Quickjack – Advanced Clickjacking & Frame Slicing Attack Tool
Quickjack is an intuitive, point-and-click tool for performing advanced and covert clickjacking and frame slicing attacks. It also allows you to easily perform clickjacking, or steal “clicks” from users on many websites, forcing the user to unknowingly click buttons or links (for example the Facebook Like button) using their own cookies. Quickjack By placing the […]
BootStomp – Find Android Bootloader Vulnerabilities
BootStomp is a Python-based tool, with Docker support that helps you find two different classes of Android bootloader vulnerabilities and bugs. It looks for memory corruption and state storage vulnerabilities. Note that BootStomp works with boot-loaders compiled for ARM architectures (32 and 64 bits both) and that results might slightly vary depending on angr and […]
Google Chrome Marking ALL Non-HTTPS Sites Insecure July 2018
Google is ramping up its campaign against HTTP only sites and is going to mark ALL Non-HTTPS sites insecure in July 2018 with the release of Chrome 68. It’s a pretty strong move, but Google and the Internet, in general, has been moving in this direction for a while. It started with suggestions, then forced […]