Scirius - Suricata Ruleset Management Web Application

Scirius – Suricata Ruleset Management Web Application

Scirius Community Edition is a web interface dedicated to Suricata ruleset management. It handles the rules file and update associated files. A Ruleset is made of components selected in different Sources. A Source is a set of files providing information to Suricata. For example, this can EmergingThreats ruleset. To create a ruleset, you thus must […]

Tags: , , , , , , ,

Posted in: Countermeasures, Security Software | Add a Comment
Mirai DDoS Malware Source Code Leaked

Mirai DDoS Malware Source Code Leaked

So there’s been some HUGE DDoS attacks going on lately, up to 620Gbps and the Mirai DDoS Malware has been fingered – with the source code also being leaked. It’s spreading like wildfire too, and the scariest thought? All that was really needed to construct it was a telnet scanner and a list of default […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Network Hacking | Add a Comment
Raptor WAF - C Based Web Application Firewall

Raptor WAF – C Based Web Application Firewall

Raptor WAF is a Web Application Firewall made in C, using DFA to block SQL Injection, Cross Site Scripting (XSS) and Path Traversal. DFA stands for Deterministic Finite Automaton also known as a Deterministic Finite State Machine. It’s essentially a simple web application firewall made in C, using the KISS principle, making polls using the […]

Tags: , , , , , , , , ,

Posted in: Countermeasures, Security Software | Add a Comment
mimikittenz - Extract Plain-Text Passwords From Memory

mimikittenz – Extract Plain-Text Passwords From Memory

mimikittenz is a post-exploitation powershell tool that utilizes the Windows function ReadProcessMemory() in order to extract plain-text passwords from various target processes. The aim of mimikittenz is to provide user-level (non-admin privileged) sensitive data extraction in order to maximise post exploitation efforts and increase value of information gathered per target. NOTE: This tool is targeting […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Windows Hacking | Add a Comment
Massive Yahoo Hack - 500 Million Accounts Compromised

Massive Yahoo Hack – 500 Million Accounts Compromised

So if you are a Yahoo user (which most of us probably have been at some point) you will be aware of the Yahoo Hack – with 200 Million e-mail addresses being up for sale on the black market it seems up to 500 million have been compromised in one of the biggest hacks yet. […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Legal Issues, Privacy | Add a Comment
Volatility Framework - Advanced Memory Forensics Framework

Volatility Framework – Advanced Memory Forensics Framework

The Volatility Framework is an an advanced, completely open collection of tools for memory forensics, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system being investigated but offer visibility into the runtime state of […]

Tags: , , , , , , , , ,

Posted in: Forensics, Security Software | Add a Comment
OWASP OWTF - Offensive Web Testing Framework

OWASP OWTF – Offensive Web Testing Framework

OWASP Offensive Web Testing Framework is a project focused on penetration testing efficiency and alignment of security tests to security standards like: The OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST. The purpose of this tool is to automate the manual and uncreative parts of pen testing. For example, Figuring […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment
Tesla Hack - Remote Access Whilst Parked or Driving

Tesla Hack – Remote Access Whilst Parked or Driving

The big buzz on my Twitter this week was about the Tesla Hack carried out by a Chinese crew called Keen Security Lab. It’s no big surprise even though Tesla is known for being fairly security concious and proactive about it. With it being a connected car, that’s pretty important that any remote control capabilities […]

Tags: , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hardware Hacking | Add a Comment
MANA Toolkit - Rogue Access Point (evilAP) And MiTM Attack Tool

MANA Toolkit – Rogue Access Point (evilAP) And MiTM Attack Tool

MANA Toolkit is a set of tools for rogue access point (evilAP) attacks and wireless MiTM. More specifically, it contains the improvements to KARMA attacks implemented into hostapd, as well as some useful configs for conducting MitM once you’ve managed to get a victim to connect. Contents MANA Toolkit contains: kali/ubuntu-install.sh – simple installers for […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking, Wireless Hacking | Add a Comment
BBQSQL - Blind SQL Injection Framework

BBQSQL – Blind SQL Injection Framework

BBQSQL is a blind SQL injection framework written in Python. It is extremely useful when attacking tricky SQL injection vulnerabilities. BBQSQL is also a semi-automatic tool, allowing quite a bit of customization for those hard to trigger SQL injection findings. The tool is built to be database agnostic and is extremely versatile. It also has […]

Tags: , , , , , , , , ,

Posted in: Database Hacking, Hacking Tools | Add a Comment