NICER Protocol Deep Dive: Internet Exposure of Redis
Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet...
hacking
University of Vermont Medical Center has yet to fully recover from October cyber attack
The University of Vermont Medical Center has yet to fully recover from a cyber attack that crippled systems at the Burlington hospital....
Delaware County, Pennsylvania, opted to pay 500K ransom to DoppelPaymer gang
Delaware County, Pennsylvania opted to pay a $500,000 ransom after it was the victim of a DoppelPaymer ransomware attack last...
Crooks stole 800,000€ from ATMs in Italy with Black Box attack
A cyber criminal organization has stolen money from at least 35 Italian ATMs with a black box attack technique. A...
A critical flaw in industrial automation systems opens to remote hack
Experts found a critical flaw in Real-Time Automation’s (RTA) 499ES EtherNet/IP stack that could allow hacking industrial control systems. Tracked...
Security Affairs newsletter Round 291
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Sopra Steria estimates financial Impact of ransomware attack could reach €50 Million
IT services provider Sopra Steria estimates that a recent ransomware attack will have a financial impact ranging between €40M and €50M. At...
Admin-Scanner – This Tool Is Design To Find Admin Panel Of Any Website By Using Custom Wordlist Or Default Wordlist Easily
Website Admin Panel FinderHow To Install (Linux/pc)sudo apt install python3 sudo apt install python3-pip sudo apt install git git clone...
Talon – A Password Guessing Tool That Targets The Kerberos And LDAP Services Within The Windows Active Directory Environment
Talon is a tool designed to perform automated password guessing attacks while remaining undetected. Talon can enumerate a list of...
Webscan – Browser-based Network Scanner And local-IP Detection
webscan is a browser-based network IP scanner and local IP detector. It detects IPs bound to the user/victim by listening...
Tracee – Container And System Event Tracing Using eBPF
Tracee is a lightweight and easy to use container and system tracing tool. It allows you to observe system calls...
DNSx – A Fast And Multi-Purpose DNS Toolkit Allow To Run Multiple DNS Queries Of Your Choice With A List Of User-Supplied Resolvers
dnsx is a fast and multi-purpose DNS toolkit allow to run multiple probers using retryabledns library, that allows you to...
Damn-Vulnerable-Bank – Vulnerable Banking Application For Android
Damn Vulnerable Bank Android Application aims to provide an interface for everyone to get a detailed understanding with internals and...
N1QLMap – The Tool Exfiltrates Data From Couchbase Database By Exploiting N1QL Injection Vulnerabilities
N1QLMap is an N1QL exploitation tool. Currently works with Couchbase database. The tool supports data extraction and performing SSRF attacks...
Bunkerized-Nginx – Nginx Docker Image Secure By Default
nginx Docker image secure by default. Avoid the hassle of following security best practices each time you need a web...
RedShell – An interactive command prompt that executes commands through proxychains and automatically logs them on a Cobalt Strike team server
An interactive command prompt that executes commands through proxychains and automatically logs them on a Cobalt Strike team server.InstallationRedShell runs...
Wsb-Detect – Tool To Detect If You Are Running In Windows Sandbox (“WSB”)
wsb-detect enables you to detect if you are running in Windows Sandbox ("WSB"). The sandbox is used by Windows Defender...
UAFuzz – Binary-level Directed Fuzzing For Use-After-Free Vulnerabilities
Directed Greybox Fuzzing (DGF) like AFLGo aims to perform stress testing on pre-selected potentially vulnerable target locations, with applications to...
Xerror – Fully Automated Pentesting Tool
Xerror is an automated penetration tool , which will helps security professionals and non professionals to automate their pentesting tasks....
CVE-2020-7378: OpenCRX Unverified Password Change (FIXED)
OpenCRX version 4.30 and version 5.0-20200717 suffers from an unverified password change vulnerability, which is an instance of CWE-620. This...
ToothPicker – An In-Process, Coverage-Guided Fuzzer For iOS
ToothPicker is an in-process, coverage-guided fuzzer for iOS. It was developed to specifically targets iOS's Bluetooth daemon bluetoothd and to...
Osi.Ig – Information Gathering Instagram
The Instagram OSINT Tool gets a range of information from an Instagram account that you normally wouldn't be able to...
Don’t Let These Top Cloud Myths Hamper Your Business Decision-Making
The cloud remains a dominant technology innovation well into its second decade of existence. However, after all this time, certain...
NICER Protocol Deep Dive: Internet Exposure of Microsoft SQL Server (MS SQL) (UDP/1434)
Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet...
