Depix – Recovers Passwords From Pixelized Screenshots
Depix is a tool for recovering passwords from pixelized screenshots. This implementation works on pixelized images that were created with...
tools
New All Apps and Asset Report Combines Power of InsightVM and InsightAppSec for Boosted Visibility
Just using InsightAppSec and still want access to the new executive reports? Don’t worry—we have you covered. Check out your...
Packer-Fuzzer – A Fast And Efficient Scanner For Security Detection Of Websites Constructed By Javascript Module Bundler Such As Webpack
With the popularity of web front-end packaging tools, have you encountered more and more websites represented by Webpack packager in...
Wp_Hunter – Static Analysis Of WordPress Plugins
Static analysis to search for vulnerabilities in Wordpress plugins. __ ____________ ___ ___ __ / / ______ / | __...
Patch Tuesday – December 2020
We close off our 2020 year of Patch Tuesdays with 58 vulnerabilities being addressed. While it's a higher count than...
2020 Under the Hoodie Report Reveals Pen Testers’ Most-Loved Vulnerabilities
Penetration testing (“pentesting”) is the practice of simulating a criminal breach of a sensitive area in order to uncover and...
Baphomet – Basic Concept Of How A Ransomware Works
This is a proof of concept of how a ransomware works, and some techniques that we usually use to hijack...
Js-X-Ray – JavaScript And Node.js Open-Source SAST Scanner (A Static Analysis Of Detecting Most Common Malicious Patterns)
JavaScript AST analysis. This package has been created to export the Node-Secure AST Analysis to enable better code evolution and...
Congrats to the winners of the 2020 December Metasploit community CTF
Thank you all that participated in the 2020 December Metasploit community CTF! The four day CTF was well received by...
NICER Protocol Deep Dive: Internet Exposure of memcached
Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet...
Hijackthis – A Free Utility That Finds Malware, Adware And Other Security Threats
HiJackThis Fork is a free utility for Microsoft Windows that scans your computer for settings changed by adware, spyware, malware...
Karkinos – Penetration Testing And Hacking CTF’s Swiss Army Knife With: Reverse Shell Handling – Encoding/Decoding – Encryption/Decryption – Cracking Hashes / Hashing
Karkinos is a light-weight 'Swiss Army Knife' for penetration testing and/or hacking CTF's. Currently, Karkinos offers the following: Encoding/Decoding characters...
ADSearch – A Tool To Help Query AD Via The LDAP Protocol
A tool written for cobalt-strike's execute-assembly command that allows for more efficent querying of AD. Key FeaturesList all Domain Admins...
Obfuscator – The Program Is Designed To Obfuscate The Shellcode
The program is designed to obfuscate the shellcode. Currently the tool supports 2 encryption. 1) XOR2) AES The tool accepts...
Pytmipe – Python Library And Client For Token Manipulations And Impersonations For Privilege Escalation On Windows
PYTMIPE (PYthon library for Token Manipulation and Impersonation for Privilege Escalation) is a Python 3 library for manipulating Windows tokens...
Enum4Linux-Ng – A Next Generation Version Of Enum4Linux (A Windows/Samba Enumeration Tool) With Additional Features Like JSON/YAML Export
enum4linux-ng.py is a rewrite of Mark Lowe's (former Portcullis Labs now Cisco CX Security Labs) enum4linux.pl, a tool for enumerating...
Aclpwn.Py – Active Directory ACL Exploitation With BloodHound
Aclpwn.py is a tool that interacts with BloodHound to identify and exploit ACL based privilege escalation paths. It takes a...
JSFScan.sh – Automation For Javascript Recon In Bug Bounty
Blog can be found at https://medium.com/@patelkathan22/beginners-guide-on-how-you-can-use-javascript-in-bugbounty-492f6eb1f9ea?sk=21500dc4288281c7e6ed2315943269e7 Script made for all your javascript recon automation in bugbounty. Just pass subdomain list...
Fast-Security-Scanners – Security Checks For Your Researches
A small contribution to community :)We use all these tools in security assessments and in our vulnerability monitoring service Check...
Hacktory platform packed with new game-playing features
Without practice, theory is dead. Applied knowledge is essential in any area, especially in cybersecurity, and practice is the only...
Threat and Vulnerability Management Best Practices
Today’s business world is increasingly driven by e-commerce and the cloud, which means it requires a proactive approach toward vulnerability...
Terrascan – Detect Compliance And Security Violations Across Infrastructure As Code To Mitigate Risk Before Provisioning Cloud Native Infrastructure
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. GitHub Repo: https://github.com/accurics/terrascan...
OnionSearch – A Script That Scrapes Urls On Different .Onion Search Engines
OnionSearch is a Python3 script that scrapes urls on different ".onion" search engines. PrerequisitePython 3 Currently supported Search enginesahmia...
Rapid7 Recognized as a Strong Performer Among Security Analytics Providers by Leading Industry Report
At Rapid7, we recognize that security professionals are facing a more challenging landscape than ever before. The mission of InsightIDR—our...
