SubCrawl is a framework developed by Patrick Schlรคpfer, Josh Stroschein and Alex Holland of HP Incโs Threat Research team. SubCrawl is designed to find, scan and analyze open directories. The framework is modular, consisting...
๐๐๐๐๐ ๐๐ธ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework) ๐๐๐๐๐ ๐๐ธ can be used by Infosec Researchers, Penetration Testers, Bug Hunters to find deep information, more assets, WAF/CDN bypassed IPs, Internal/External...
rdesktop is an open source client for Microsoft’s RDP protocol. It is known to work with Windows versions ranging from NT 4 Terminal Server to Windows 2012 R2 RDS. rdesktop currently has implemented the...
Multiple security vulnerabilities in open source status page system Cachet could allow an attacker to execute arbitrary code and steal sensitive data, researchers have warned. click here to read full Article Read more on...
Fake installers of popular software are being used to deliver malware onto victimsโ devices. These lures trick users into opening malicious documents or installing unwanted applications. click here to read full Article Read more...
Recognizing the rise in open source projects, HackerOne has now decided to expand its Internet… HackerOne Extends Internet Bug Bounty Program To Include Open Source Bugs on Latest Hacking News. click here to read...
Continuous integration vendor Travis CI has patched a serious security flaw that exposed API keys, access tokens, and credentials, potentially putting organizations that use public source code repositories at risk of further attacks. The...
The website operated by tech services biz Civica had an open redirect being actively abused by spammers, piggybacking off the website’s domain authority so their messages weren’t flagged up by scanning tools. click here...
ODBParser is a tool to search for PII being exposed in open databases. ONLY to be used to identify exposed PII and warn server owners of irresponsible database maintenance OR to query databases you...
A collaborative free open-source Command & Control integration framework that allows developers to concentrate on the core function and goal of their C2. Explore the docs ยป About the project Problem Statement The current...
The Microsoft 365 Defender Threat Intelligence Team posted an article stating that they have been tracking a widespread credential phishing campaign using open redirector links. click here to read full Article Read more on...
Researchers Aditya Sood and Rohit Bansal created an open-source tool that detects internet-facing MongoDB instances and whether theyโve been infected with ransomware or Meow malware has been launched. click here to read full Article...
The differences between open XDR vs. native XDR click here to read full Article Read More on latest Security Updates
Application security testing (AST) company Checkmarx has acquired Dustico, a platform for detecting backdoors and other malicious activity in the open source software supply chain. click here to read full Article Read more on...
USBsamurai โ showcased by security researcher Luca Bongiorni during Black Hat Arsenal โ is a USB HID injecting cable that costs less than $15 to produce and can be made from off-the-shelf components. click...
Security researchers and bug bounty hunters can use WARCannon to non-invasively test regex patterns across the entire internet for corresponding vulnerability indicators. click here to read full Article Read More on Pentesting Tools
