FockCache – Minimalized Test Cache Poisoning Detail For Cache Poisoning : https://portswigger.net/research/practical-web-cache-poisoning FockCacheFockCache tries to make cache poisoning by trying X-Forwarded-Host and X-Forwarded-Scheme headers on web pages.After successful result, it gives you a poisoned URL. To be added soon:1 – Page Param Checker2 – Recursive Checking Installation1 – Install with […]
Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix Version 13. The new release comes with an improved user interface and introduces innovations such as the SmartScan engine, malware detection functionality, comprehensive network scanning, proof-of-exploit, incremental scanning, and more. This release further strengthens the […]
A new variant of the Metamorfo banking malware is on the loose targeting a wider range of financial institutions than the original version tricking the victims into typing in sensitive information which it then steals. Fortinet’s FortGuard Labs captured an example of the newest edition noting that unlike its predecessor, […]
The places where online life directly intersection with that lived offline will be forever fascinating, illustrated perfectly through a recent performance piece involving Google Maps, a cart, and an awful lot of mobile phones. Simon Weckert, an artist based in Berlin, Germany, showed how a little ingenuity could work magic […]
What expedited the change was an issue that occurred in the previous year a disagreement regarding content between social media platform TikTok and Twitter-sponsored ShareChat where the latter had to bring down more than 100 videos from its platform. Right now, platforms like Facebook, Twitter and Instagram have certain features […]
Online banking users are being targeted by a trojan malware campaign going around the globe with the agenda of gaining illegal access to personal information such as credit card details and other sensitive data of users. The banking trojan which has successfully affected more than 20 online banks goes by […]
Pre-holiday spam Easy money In the run-up to Christmas and New Year, scam е-mails mentioning easy pickings, lottery winnings, and other cash surprises are especially popular. All the more so given how simple it is to adapt existing schemes simply by mentioning the holiday in the subject line. For example, […]
Search engine scraper tool with BASH script. Dependency curl (cli) Available search engine Ask.com Search.yahoo.com Bing.com Installation git clone https://github.com/zerobyte-id/SEcraper.gitcd SEcraper/ Run bash secraper.bash "QUERY" Download SEcraper Original Source
Re2Pcap is abbreviation for Request2Pcap and Response2Pcap. Community users can quickly create PCAP file using Re2Pcap and test them against Snort rules.Re2Pcap allow you to quickly create PCAP file for raw HTTP request shown below POST /admin/tools/iplogging.cgi HTTP/1.1Host: 192.168.13.31:80User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0Accept: text/plain, */*; q=0.01Accept-Language: en-US,en;q=0.5Accept-Encoding: […]
Note: There are five different CVEs associated with the CDPwn vulnerability group. Each of them targets a different class of product and differs in severity and exploitation difficulty. All of these vulnerabilities require network adjacency to exploit due to the nature of the CDP protocol itself. Network segmentation is an […]
Since late last year, our researchers have been monitoring new methods being deployed by cybercriminals to potentially abuse browser push notifications. Now, an adware family detected by Malwarebytes as Adware.Adposhel is doing just that, taking control of push notifications in Chrome at the administrator level. What does Adposhel adware do? […]
The court issued a verdict on February 3 in the case of theft of fuel at Rosneft gas stations.The court and investigation found that there were ten people in the hacker group, two women and eight men. They divided criminal roles, came up with a scheme using special equipment and […]
Along with cyber-security within your phones and other devices, you must make sure the hospital you go to has enough cyber-protection as well! The obnoxiousness of cyber-criminals is escalating by the hour. As if stealing data of organizations and loosely selling largely famous tech giants’ data online wasn’t enough, hackers […]
Sub-domain takeover vulnerability occur when a sub-domain (subdomain.example.com) is pointing to a service (e.g: GitHub, AWS/S3,..) that has been removed or deleted. This allows an attacker to set up a page on the service that was being used and point their page to that sub-domain. For example, if subdomain.example.com was […]
A dashboard showing live data and statistics from the ZMQ feeds of one or more MISP instances. The dashboard can be used as a real-time situational awareness tool to gather threat intelligence information. The misp-dashboard includes a gamification tool to show the contributions of each organisation and how they are […]