Learn about using SeeYouCM-Thief, a new tool that exploits common misconfigurations seen in environments that deployed Cisco phones.

Varonis Threat Labs discovered a way to bypass multi-factor authentication (MFA) for Box accounts that use an SMS code for login verification.

Phishers abusing free javanoscript hosting. Contribute to dfaram7/phishers_abuse_free_hosting development by creating an account on GitHub.

Increasing the Speed and Effectiveness of Password Sprays

We felt more like “Oh fuck, Databreach”





Dieser Artikel ist auch auf deutsch erschienen.

During the pandemic, grocery delivery services gained popularity.
New players on the market offer delivery in under an hour.
One of them is Gorillas, which…

CryptoLyzer is a multiprotocol cryptographic settings analyzer with SSL/TLS, SSH, and HTTP header analysis ability. The main purpose of the tool is to tell you what kind of cryptographic related settings are enabled on a client or server.

Home of the Advanced Persistent Tortellini - aka APTortellini, an Italian collective of hackers publishing technical research regarding offensive security.

OctopusWAF is a WAF( Web application firewall) with high performance, made in C language and use libevent. - GitHub - CoolerVoid/OctopusWAF: OctopusWAF is a WAF( Web application firewall) with high...

Lookup for interesting stuff in SMB shares. Contribute to oldboy21/SMBSR development by creating an account on GitHub.

Posted in r/netsec by u/unaligned_access • 2 points and 0 comments

Google lists 4,840,000 results to the search of "malware detection tools." Is malware detection a silver bullet, or is there a smarter method to prevent malware attacks? We believe there is one.

Opensource, cross-platform and portable toolkit for automating routine processes when carrying out various works for testing!

Hundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all. - GitHub - cybersecsi/HOUDINI: Hundreds of Offensive and Useful Docker Images for Network Intrusion. The ...

During my 6-months intership, I developed a tool to ease vunerability research on Java applications.

Linux maintainers and vendors disclosed a heap overflow vulnerability in the Linux Kernel causing DoS, escape container or elevate privileges

Posted in r/netsec by u/Gallus • 88 points and 8 comments

A robust Red Team proxy written in Go. Contribute to chdav/GoWard development by creating an account on GitHub.

In this section, we'll explain the basics of information disclosure vulnerabilities and describe how you can find and exploit them. We'll also offer some ...

Security is the poster child of a Non-Functional Requirement: most people don’t care until the proverbial fecal matter hits the rotary propeller. Consequences can range from losing reputation to legal liability to putting the business out. In my post on running…