Mosca - Manual Static Analysis Tool To Find Bugs

Mosca – Manual Static Analysis Tool To Find Bugs

Mosca is a manual static analysis tool written in C designed to find bugs in the code before it is compiled, much like a grep unix command. There are various ‘egg’ modules which contain patterns to scan for, it can scan through files recursively limited by file extension and logs results to an XML text […]

Topic: Countermeasures
Slurp - Amazon AWS S3 Bucket Enumerator

Slurp – Amazon AWS S3 Bucket Enumerator

Slurp is a blackbox/whitebox S3 bucket enumerator written in Go that can use a permutations list to scan from an external perspective or an AWS API to scan internally. There are two modes that this tool operates at; blackbox and whitebox mode. Whitebox mode (or internal) is significantly faster than blackbox (external) mode. Blackbox (external) […]

Topic: Hacking Tools
US Government Cyber Security Still Inadequate

US Government Cyber Security Still Inadequate

Surprise, surprise, surprise – an internal audit of the US Government cyber security situation has uncovered widespread weaknesses, legacy systems and poor adoption of cyber controls and tooling. US Government security has often been called into question but we’d hope in 2019 it would have gotten better and at least everyone would have adopted the […]

Topic: Hacking News
BloodHound - Hacking Active Directory Trust Relationships

BloodHound – Hacking Active Directory Trust Relationships

BloodHound is for hacking active directory trust relationships and it uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment. Attackers can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. Defenders can use it to identify and eliminate those same […]

Topic: Hacking Tools
SecLists - Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells

SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells

SecLists is the security tester’s companion. It’s a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. The goal is to enable a security tester to pull this repository onto a new testing box […]

Topic: Hacking Tools
DeepSound - Audio Steganography Tool

DeepSound – Audio Steganography Tool

DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract secret files directly from audio files or audio CD tracks. This audio steganography tool can be used as copyright marking software for wave, flac, wma, ape, and audio CD. DeepSound also support […]

Topic: Cryptography