![[Unpatch] Apache Shiro Padding Oracle remote code execution vulnerability alert](https://i2.wp.com/cybarrior.com/wp-content/uploads/2019/11/Unpatch-Apache-Shiro-Padding-Oracle-remote-code-execution-vulnerability-alert.png?fit=300%2C103&ssl=1)
Recently, Apache Shiro Padding Oracle reveals remote code execution vulnerability. After we analysis and judgment, it is judged that the level of the vulnerability is
Sigma Hunting App A Splunk App containing Sigma detection rules, which can be updated dynamically from a Git repository. Motivation Most of the modern Security
To prevent the Zombieload v2 attack that was just exposed, Microsoft Windows and Linux kernel teams have introduced methods to turn off Intel Transactional Synchronization
This project produces open-source code to generate rainbow tables as well as use them to look up password hashes. While the current release only supports
SamSara Market, the official yet unofficial successor to Dream Market, has been down for several days without any explanation from the market’s administration. The administrator
The Brave Privacy Browser is your fast, safe private web browser with ad blocker, private tabs and pop-up blocker. Browse without being tracked by advertisers,
Mordor Gates The Mordor project provides pre-recorded security events generated by simulated adversarial techniques in the form of JavaScript Object Notation (JSON) files for easy
Burp Suite extension to discover assets from HTTP response using passive scanning. Refer our blog Asset Discovery using Burp Suite for more details.The extension is
Two residents of Melbourne, Australia, admitted they had used the dark web and the postal system to import drugs into Australia for distribution. The duo
Easier network scanning with NetAss2 (Network Assessment Assistance Framework). Make it easy for Pentester to do penetration testing on network. Dependencies nmap (tool) zmap (tool)
Although 5G is faster and more secure than 4G, new research indicates that it still has some vulnerabilities, which poses a certain risk to mobile
SharpHide Just a nice persistence trick to confuse DFIR investigation. Uses NtSetValueKey native API to create a hidden (null-terminated) registry key. This works by adding
On November 12, 2019, Microsoft routinely released a security update for November. The security update covers the Windows operating system, IE/Edge browser, scripting engine/ChakraCore, Office
Subdomain Scan With Ping Method. Flags Value Description –hostname example.com Domain for scan. –output Records the output with the domain name. –list /tmp/lists/example.txt Lister for
One of the two defendants behind the Dream Market vendor account “The Drug Llama” was sentenced in a United States District Court to 108 months
IMPORTANTWhen using source or by downloading the code directly from the repository, it is important to run the database upgrade script if you experience any
ngrev A graphical tool for reverse engineering of Angular projects. It allows you to navigate in the structure of your application and observe the relationship
HAL [/hel/] is a comprehensive reverse engineering and manipulation framework for gate-level netlists focusing on efficiency, extendability and portability. HAL comes with a fully-fledged plugin
A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated. This script (optionally)
In the recent GeForce 441.12 release, NVIDIA fixed several undisclosed high-risk vulnerabilities, and these vulnerabilities also existed in Quadro, NVS, and Tesla’s Windows drivers. Nowadays,
RacePWN (Race Condition framework) RacePWN is a librace library and a racepwn utility that are designed to test a race condition attack through protocols that
Although the JavaScript library jQuery is still being used, it is no longer as popular as it used to be. According to the open-source security
From behind bars in a French prison, one of the accused administrators of DeepDotWeb provided his side of the story. Throughout the interview he maintained
threat_note is a web application built by Defense Point Security to allow security researchers the ability to add and retrieve indicators related to their research.
PowerShell Script to perform a quick AD audit _____ ____ _____ _ _ _| _ | | _ |_ _ _| |_| |_| | |
Kamerka-GUI Ultimate Internet of Things/Industrial Control Systems reconnaissance tool The main purpose of the ICS module of ꓘamerka is to map attack surfaces, in terms
A number of darknet marketplaces are joining forces to prevent scammers “from hopping between markets” after getting caught scamming. The project is open for other
SGX-Step is an open-source framework to facilitate side-channel attack research on Intel SGX platforms. SGX-Step consists of an adversarial Linux kernel driver and user space
DFIRtriage is a tool intended to provide Incident Responders with rapid host data. Written in Python, the code has been compiled to eliminate the dependency
vulnerability scanner tool is using nmap and nse scripts to find vulnerabilitiesThis tool puts an additional value into vulnerability scanning with nmap. It uses NSE
Sojobo is an emulator for the B2R2 framework. It was created to easier the analysis of potentially malicious files. It is totally developed in .NET
Microsoft’s security team believes that a more destructive BlueKeep attack is coming, and urges users and companies to install application patches in a timely manner.
Donut generates x86 or x64 shellcode from VBScript, JScript, EXE, DLL (including .NET Assemblies) files. This shellcode can be injected into an arbitrary Windows processes
Italian law enforcement announced the shutdown of Berlusconi Market and arrest of three individuals suspected of running the marketplace. The investigation into the market started
Github search is quite powerful and useful feature and can be used to search sensitive data on the repositories. Collection of github dorks that can
Squid is a caching and forwarding HTTP web proxy. It has a wide variety of uses, including speeding up a web server by caching repeated
EyeWitness is designed to take screenshots of websites provide some server header info, and identify default credentials if known.EyeWitness is designed to run on Kali
The United States Attorney for the Southern District of New York announced that Hugh Brian Haney had admitted laundering more than $19 million worth of
Sparrow-wifi has been built from the ground up to be the next generation 2.4 GHz and 5 GHz Wifi spectral awareness tool. At its most
Christopher Michael Barnes, 36, of Los Angeles admitted that he was involved in the conspiracy to distribute drugs via the dark web vendor account “HumboldtFarms”.
XRay is a tool for network OSINT gathering, its goal is to make some of the initial tasks of information gathering and network mapping automatic.
Firefox browsers for Mac and Windows have recently become targets of some malicious website attacks, which display false warning notifications and completely lock up the
Recently, CCN security researcher Willian Worrall exposed a security flaw in Epic Games Store which players can play without barriers even if they have not
A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI. AbstractTrivy (tri pronounced like trigger, vy pronounced like envy) is a simple and comprehensive
Earlier this year, Microsoft made another exception to release a security update to Windows XP. This security update addresses the Windows RDP/RDS vulnerability. This vulnerability
In an official statement, the Drug Enforcement Administration warned that 27 percent of the pills seized between January and March of this year contained fentanyl.
HTTP/HTTPS proxy over SSH. Installation Local machine: go get github.com/justmao945/mallory/cmd/mallory Remote server: need our old friend sshd Configueration Config fileDefault path is $HOME/.config/mallory.json, can be
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting. Current featuresSome features ezXSS has Easy to
Specialized privilege escalation checks for Linux systems.Implemented so far: Writable systemd paths, services, timers, and socket units Disassembles systemd unit files looking for: References to
Fail2Ban scans log files like /var/log/auth.log and bans IP addresses conducting too many failed login attempts. It does this by updating system firewall rules to
Dr. Memory is a memory monitoring tool capable of identifying memory-related programming errors such as accesses of uninitialized memory, accesses to unaddressable memory (including outside
Melissa Scanlan, 32, admitted her role in a darkweb drug distribution conspiracy where she had operated a darkweb vendor account under the name “The Drug
Inspects source code for security problems by scanning the Go AST. Install CI Installation # binary will be $GOPATH/bin/goseccurl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s —
snare – Super Next generation Advanced Reactive honEypot Super Next generation Advanced Reactive honEypot AboutSNARE is a web application honeypot sensor attracting all sort of
Luis Fernandez, one of two co-conspirators convicted of selling carfentanil and other opioids through the “Chemsusa” darkweb vendor account, was sentenced to 151 months in
Two serious zero-day vulnerabilities have been fixed in the emergency patch released yesterday by Google, and one of them has been exploited by hackers. The
Virtuailor is an IDAPython tool that reconstructs vtables for C++ code written for intel architecture, both 32bit and 64bit code and AArch64 (New!). The tool
Richard Huckle, the target of a complex investigation into a darkweb forum, was stabbed to death in his prison cell where he was serving multiple
AtomShields Cli is a Command-Line Interface to use the software AtomShields Installation pip install atomshieldscli Basic usage ascli <action> <context> –target <path> –name <project_name> The
A 43 year old man from Pforzheim, Germany is suspected of running a dark web child pornography forum from a server located in his home
Osmedeus allows you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. Installation git clone https://github.com/j3ssie/Osmedeuscd Osmedeus./install.sh This install
A 22-year-old Swedish man accused of using the dark web and PostNord to supply drugs to drug users in all parts of Sweden has been
PESTO is a Python script that extracts and saves in a database some PE file security characteristics or flags searching for every PE binary in
A POC HTTP Botnet designed to replicate a full weaponised commercial botnet DisclaimerThis project should be used for authorized testing or educational purposes only.The main
A 20-year-old German man was sentenced to probation after admitting that he had used the darkweb to buy cocaine, marijuana, and a counterfeit 50 euro
What is this?Certain characters in passwords (‘O’ and ‘0’, ‘I’ and ‘l’, etc.) can be hard to identify when you need to type them in
Security guides from various Internet criminal communities aren’t all that uncommon. Over the years we have seen such guides posted onto drug forums, hacking forums,
On October 31, 2019, the security researcher S00pY on GitHub release the Apache Solr RCE via the Velocity template PoC. After testing, the poc is
An extendable tool to extract and aggregate IOCs from threat feeds.Integrates out-of-the-box with ThreatKB and MISP, and can fit seamlessly into any existing worflow with
In an effort to cut down on the use of phishing links and to simplify the verification of mirror addresses for darkweb marketplaces, Dark.fail issued
POCKINT (a.k.a. Pocket Intelligence) is the OSINT swiss army knife for DFIR/OSINT professionals. Designed to be a lightweight and portable GUI program (to be carried
A former high school math teacher was imprisoned for more than three years after he pleaded guilty to receipt and possession of child pornography. He
This is a modular forensic triage collection framework designed to access various forensic artifacts on macOS, parse them, and present them in formats viable for
LinPwn is a interactive tool created to assist you in post exploitation enumeration and privilege escalation. ConnectionSet your IP and port you want it to
According to a recent report, illicit international cannabis sales on dark web marketplaces by Canadian vendors have been on the rise since its recreational use
Greg Kroah-Hartman, a stable kernel maintainer, said in a keynote speech at the Open Source Summit Europe that the security of Intel chips will exist
XORpass is an encoder to bypass WAF filters using XOR operations. Installation & Usage git clone https://github.com/devploit/XORpasscd XORpass$ php encode.php STRING$ php decode.php “XORed STRING”
Cybercrime researchers discovered a so-called “trojanized version” of the Tor Browser responsible for stealing $40,000 from users of Russian darknet markets. The infected version of
Microsoft acknowledges a security vulnerability on Windows 10 Mobile that “allows a user to access files and folders through the locked screen“. The good news
Slither is a Solidity static analysis framework written in Python 3. It runs a suite of vulnerability detectors, prints visual information about contract details, and
The Google Chrome development team has now released a new version of the stable channel, Chrome v77.0.3865.120 which is mainly a security improvement that has
In October, officials at the Customs Office in Vienna opened an investigation into a 22-year-old who had ordered several packages of marijuana from the darkweb
Reconnaissance Real IP address for Cloudflare Bypass. Preparation: 1. CompleteDNS API Create an account at completedns.com and verify first. Input your email and password on
Recently, Morphisec Labs researchers revealed that a hacker organization is using the zero-day vulnerability of the Bonjour component to attack, which is likely to affect
The German Federal Ministry of Finance claimed that Monero and other privacy coins make tracing money impossible and thus lend themselves to criminal activity on
The Windows 10 Update Assistant, has recently been revealed by researchers to have significant security breaches affecting tens of millions of home and business users.
[*] CryptoVenom: The Cryptography Swiss Army knife What is CryptoVenom?CryptoVenom is an OpenSource tool which contains a lot of cryptosystems and cryptoanalysis methods all in
Recently, SafeBreach Labs security researchers revealed a privilege escalation vulnerability (CVE-2019-6333) in a pre-installed HP computer, HP Touchpoint Analytics that could allow an attacker to
An automated blind-xss search plugin for Burp Suite. InstallationGit clone https://github.com/wish-i-was/femida.git Burp -> Extender -> Add -> find and select blind-xss.py How to use SettingsFirst
The BBC launched a Tor version of its international news website in an attempt to thwart censorship in regions where access to the BBC News
Just two days ago, a mobile security company, Adaptive Mobile, which discovered the Simjacker attack, released a list of local mobile carriers shipping SIM cards
Tor Browser 9.0 is the first stable release based on Firefox 68 ESR and contains a number of updates to other components as well (including
As one of the most commonly used utilities in Linux, Sudo is installed on almost every UNIX and Linux distribution for users to invoke and
A United States judge ordered Christopher Bania, a recently convicted darkweb dealer who admitted selling a variety of drugs on Alphabay, Hansa, Dream Market, and
As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets can be collected automatically through Shodan, Censys or Zoomeye. But
Oracle WebLogic Server is a Java EE application server currently developed by Oracle Corporation. Oracle acquired WebLogic Server when it purchased BEA Systems in 2008.
HomePwn is a framework that provides features to audit and pentesting devices that company employees can use in their day-to-day work and inside the same
Recently, Adobe released security updates for Experience Manager, Experience Manager Forms, Acrobat and Reader, and Download Manager to fix 82 vulnerabilities in these products. The
A California darkweb vendor was sentenced to five years in prison for selling methamphetamine on the darkweb after pleading guilty to related charges earlier this
Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship almost
A security researcher said that serious security vulnerabilities in Linux could cause nearby devices that use WiFi signals to crash or be completely controlled by
Microsoft has introduced new microcode updates (KB4497165) for Windows 10 Version 1903/Windows Server 2019 Version 1903 today. This microcode update is mainly used to mitigate
Recently, PHP officially reveals a security vulnerability (CVE-2019-11043) that caused remote code execution in the case of improper nginx configuration. In certain nginx + php-fpm
The Japanese hotel chain HIS Group apologizes for neglecting warnings, and its indoor robots can be invaded and remotely view video footage from the devices.
IntroductionWeb applications use parameters (or queries) to accept user input, take the following example into considerationhttp://api.example.com/v1/userinfo?id=751634589This URL seems to load user information for a specific
A ready to use JSONP endpoints to help bypass content security policy of different websites.The tool was presented during HackIT 2018 in Kiev. The presentation
Recently, revealed by Security Research Labs researchers Luise Frerichs and Fabian Bräunlein, there are major loopholes in Alexa and GoogleHome. The two products are smart
The Maxthon Browser is a popular browser in China and Europe. Although the market share is not particularly high, the overall reputation has been good
The Northern California Illicit Digital Economy Task Force, a task force with an active presence on darkweb forums and marketplaces, reportedly identified yet another darkweb
A datasource assessment on an event level to show potential coverage of the “MITRE ATT&CK” framework.This tool is developed by me and has no affiliation
Grow your skills and advance your career with StationX. A Comprehensive online training platform for security professionals!
RTS (Realtime scrapper) is a tool developed to scrap all pasties,github,reddit..etc in real time to identify occurrence of search terms configured. Upon match an email
p0wny@shell:~# is a very basic, single-file, PHP shell. It can be used to quickly execute commands on a server when pentesting a PHP application. Use
If you don’t want to give your phone number to a website while creating an account, DON’T GIVE IT TO THEM, because today I’m going
This tool will search an updated database for a specific organization’s ASN then use the latter to look up all IP addresses (IPv4 and IPv6)
Game hacker apps for android allow you to change the code of the games and use it to for your player advantage.
PRET is a new tool for printer security testing developed in the scope of a Master’s Thesis at Ruhr University Bochum. It connects to a
DroidSheep is an android tool developed by Andreas Koch for security analysis in wireless networks. It is basically a session hijacking tool that allows hackers to
PackETH is GUI and CLI packet generator tool for ethernet. It allows you to create and send any possible packet or sequence of packets on
Six people in Georgia have been indicted and charged in federal court for charges related to manufacturing and distributing drugs through the dark web.
DevAudit is an open-source, cross-platform, multi-purpose security auditing tool targeted at developers and teams adopting DevOps and DevSecOps that detects security vulnerabilities at multiple levels
Paypal credit card phishing script to download and use on remote server.
Carding is term described as a trick whereby products are being shopped/ordered from any online shops e.g Amazon, Jumia, FlipKart using Fake Cards(Credit/Debit).
Threat Intelligence Tools are more often used by security industries to test the vulnerabilities in network and applications. It helps for the collection and analysis
In a bid to bolster its capabilities to tackle threats emanating from hackers, mostly from China and Pakistan, India is all set to have Defence
After a seizure notice showed up on Wall Street Market’s homepage Thursday, authorities are now officially confirming that they’ve seized the market. They have also
Those of you who frequent the darkweb should be familiar with VPN (Virtual Private Network) services and have done some research to find a trustworthy
Malicious is a malware downloading tool written in python 2 that contains 70 scripts to exploit android, windows, macosx and linux machines.
Kidux Pastebin Grabber allows one to easily obtain and create combo lists for cracking any account.
A Third Party developer called “Anonymous” has developed a Linux-self contained App called “Termux” which is used to install Linux based apps in Android and
The single most common causes of a broken Kali Linux installation are following unofficial advice, and particularly arbitrarily populating the system’s sources.list file with unofficial repositories.
Xtreme Download Manager is a powerful tool to increase download speed up-to 500%, save streaming videos from YouTube, Metacafe, Daily-Motion, Google Video or any other
QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as
The Tor browser is a powerful free tool for browsing the internet anonymously that also unlocks a portion of the deep web in the form
You’ve heard of malware, ransomware, botnets, and the like. What you don’t hear about is the technology behind these threats. These threats all have to
Developed by Ravi Kumar, Hackode is a popular Android app meant to be used by professionals working in the cyber security domain as well as
With so many different VPNs on the market – all promising to keep you secure and anonymous – how can you find the best VPN
It is extremely easy to access the dark web and even easier to be detected on it if you don’t take precautions. If you are
VPNs are well known and trusted tools for protecting users’ privacy when browsing the Internet. But if you think this is the only thing they
One little secret of the VPN industry is that most VPNs leak .In one in-depth study of Android free VPN apps, researchers found that 84% of the
Android is the biggest organized base of any mobile platform and is developing fast—every day. Besides, Android is rising as the most extended operating system
Cloud Computing Penetration Testing is a method of actively checking and examining the Cloud system by simulating the attack from the malicious code.
Web server pen testing performing under 3 major category which is identity, Analyse and Report Vulnerabilities such as authentication weakness, configuration errors, protocol Relation vulnerabilities.
Certain types of software have long had a reputation for being very expensive. As cloud computing has become more popular, many popular software packages have
Like an intrusion detection system (IDS), an intrusion prevention system (IPS) screens network traffic. An Intrusion Prevention System (IPS) is a framework that screens a
IoAs is some events that could reveal an active attack before indicators of compromise become visible. Use of IoAs provides a way to shift from
The Dark Web, Deep Web or Darknet is a term that refers specifically to a collection of websites that are publicly visible, but hide the
Command line obfuscation has been proved to be a non-negligible factor in fileless malware or malicious actors that are “living off the land”. To bypass
Here we listed and documented the best forums for both networks — the “ClearNet” and “DarkWeb”. Before we get into this, it is important to
Kube-hunter hunts for security weaknesses in Kubernetes clusters. The tool was developed to increase awareness and visibility for security issues in Kubernetes environments.
When Manhattan’s district attorney received a tip-off about suspicious ATM withdrawals in 2017, authorities never expected to unravel a sophisticated dark net drug operation on
Production values aside, IT podcasts are frequently guilty of treating the audience like they are either an 83-year-old grandmother with only the vaguest notion of
In New Jersey’s largest-ever drug bust, agents seized large quantities of fake Xanax and fentanyl-laced heroin, along with pill presses, mixers and other equipment. The
Here we listed the best operating systems used today by hackers, pentesters, blue and red teamers. (basically anyone in the security sector) These include penetration
Born from an idea of Stefano Fratepietro, DEFT (acronym for Digital Evidence & Forensics Toolkit) is a distribution made for Digital Forensics and Incident Response,
BackBox Linux is a penetration testing and security assessment oriented Linux distribution providing a network and systems analysis toolkit. It includes some of the most
T-Pot is based on debian. The honeypot daemons as well as other support components being used have been paravirtualized using docker. This allowed developers to run
Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort,
This project was a DARPA CFT funded project that is now being released through OWASP. It is focused on providing a live environment for mobile
RedHunt aims to be a one stop shop for all your threat emulation and threat hunting needs by integrating attacker’s arsenal as well as defender’s
Dracos Linux is an open source operating system provides to penetration testing. Packed with a ton of pentest tools including information gathering, forensics, malware analysis,
Qubes OS is a security-oriented operating system (OS). The OS is the software that runs all the other programs on a computer. Qubes is free
BlackArch Linux is an open source distribution of Linux derived from the lightweight and powerful Arch Linux operating system and designed from the ground up
Selfhosting is the process of locally hosting and managing applications instead of renting from SaaS providers. This is a long list of Free Software network
SIEM software products and services combine security information management (SIM) and security event management (SEM). They provide real-time analysis of security alerts generated by network
We are in the complex world where attacks are increasing day by day, so today the cyber intelligence depends on siem as a part of
Today’s Cyber security operations center (CSOC) should have everything it needs to mount a competent defense of the ever-changing information technology (IT) enterprise. Here we’ll
A hacker known as Gnosticplayers has dumped his fifth collection of stolen data on the dark web since February. The latest batch includes data from
pwnedOrNot uses haveibeenpwned v2 api to test email accounts and tries to find the password in Pastebin Dumps.
A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on
NordVPN is a very popular VPN service with a large customer base. While it is highly recommended on many sites, it can be difficult to
VPN.ac is a Romania-based VPN service that provides users with advanced encryption, very secure apps, and excellent performance. Their network consists entirely of dedicated bare-metal servers
In short, these are just international surveillance alliances representing various countries around the world. These surveillance alliances work together to collect and share mass surveillance
Cyber security affects businesses of all sizes, and in every industry. Today it is a board-level agenda item, which has been placed at number three
Rancher Labs introduced k3OS, the industry’s first extremely lightweight operating system for Kubernetes. It has extremely low resource consumption, minimal operation, and second-level boot, which
Parrot 4.6 Released by Parrot security with so many updates that bring all the hacking tools on the table with new futures and important bug
Docker Hub Hacked, sensitive data more than 190,000 accounts may have exposed. Docker Hub discovered the unauthorized access to a single Hub database On Thursday,
An sms bombing tool for Andriod, Linux and Windows.
Due to popular demand we have listed free IP booters and a tutorial to kick users offline on your PS4 / Xbox.
By attacking the designated IP address assigned to your opponent, you can kick/drop the player and he will be disconnected back to the main menu.
A 33-year-old Danish man was handed a four year and three month prison sentence for his role in an extortion case on April 8. The
This tool is made for Pentesters to use during a penetration test to enumerate and to use in CTF for combine, manipulation, permutation and transform
WiFi-Pumpkin is security auditing tool that provide the Rogue Access Point to MiTM (Man-In-The-Middle) and network attacks. This tool is capable of creating fake access
A brand new Netflix series is inspired by the true story of a German teenager who ran a multi-million dollar dark web based drug empire
Ranger is a command-line driven attack and penetration testing tool, which has the ability to use an instantiated catapult server to deliver capabilities against Windows
Intercepter NG is very similar to wireshark in displaying network packets and able to capture traffic remotely so It enables you to run a packet
Linux Kodachi operating system is based on Debian 9.5 Xbuntu 18.04 LTS, that it will provide you with a secure, anti-forensic, an anonymous operating system
Osmedeus allows you to run a collection of awesome tools for reconnaissance and vulnerability scanning against a target.
This tool will automatically make your basic pentesting tasks like information gathering, security auditing, and reporting.
EasySploit – Metasploit automation (EASIER and FASTER than EVER)
Air India servers shut down for several hours due to the internal glitch that affects the flight operations all around the world and Thousands of
Genesis Store, an invite-only marketplace on the dark web, is offering more than 60,000 stolen profiles. The credentials on sale include credit card details, browser
A detailed list of the top 5 network adapters for wifi hacking with kali linux.
Z-Shadow automates the phishing process by generating links you forward to the victim.
iDope is one of those torrent search engines that are worth being mentioned. It works similar to other well-known torrent search engines like Torrentz or Toorgle
A list of KickassTorrents proxies, mirrors, and some of the popular and best alternatives.
When we have to search something on the Internet, our mind by default goes to Google or Bing. Obviously, our mind is tuned that way,
You can use ropper to look at information about files in different file formats and you can find ROP and JOP gadgets to build chains
Marvel’s latest and perhaps the most anticipated flick ever to be released Avengers: End Game has become an object of controversy lately as hackers and
Demonsaw is a new type of information sharing application that allows you to share your files securely. It’s the next leap in the evolution of
Bully is a new implementation of the WPS (Wifi Protected Setup) brute force attack. It’s almost identical as other already existing WPS brute force attack
According to a recent report, some unprotected databases have leaked around 60 million records. The leaked data allegedly belongs to LinkedIn users. However, the data
A man who processed orders for the darknet vendor account “JetSetLife” has been sentenced to 10 years in prison.
Scapy is a very powerful packet manipulation program and library, written in Python. It allows you to: forge / decode packets of a wide number
If you want to make sure that your true identity remains a secret even if you want to talk over the Internet, you can rely
Net Ghost is the ultimate free solution for all your proxy needs. If you’re looking for a free, simple and, easy to use program which
After being down for over three years, one of the largest and most notorious hacking forums is back online under new ownership.
The LAN Turtle is a covert Systems Administration and Pentesting tool providing stealth remote access, network intelligence gathering, and MiTM (man-in-the-middle) surveillance capabilities through a
Bash Bunny is a simple and powerful multi-function USB attack device and automation platform for all pentesters and sysadmins, designed by Hak5, which allows you
This question has immense value when it comes to Gmail password recovery. Why? When initiating a password reset using the Gmail Contact Form, you have
Secret hack codes are usually hidden from users to prevent misuse and exploit. These codes can reveal additional information, run manufacture tests, factory reset, check
Sitadel is basically an update for WAScan making it compatible for python >= 3.4 It allows more flexibility for you to write new modules and
As reported by Catalin Climpanu, some of the tools used by OilRig attack group have been leaked by a persona using the “Lab Dookhtegan pseudonym”.
The 3DS emulator enables to play your lovable classic games such as Super Mario, Top Gun, Base Wars. Ice climber with your iOS, Android and
Wifiphisher is a rogue Access Point framework for conducting red team engagements or Wi-Fi security testing. Using Wifiphisher, penetration testers can easily achieve a man-in-the-middle
The PenTesters Framework (PTF) is a Python script designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. As pentesters,
WiFite2 is a complete rewrite of Wifite – a Python script for auditing wireless networks. It runs existing wireless-auditing tools for you, so you won’t need
Signaling System No. 7 (SS7) is a series of telephony signaling protocols. Also known as CCS7 (Common Channel Signaling System 7) or CCIS7 (Common Channel Interoffice Signaling 7),
SiGploit a signaling security testing framework dedicated to Telecom Security professionals and reasearchers to pentest and exploit vulnerabilites in the signaling protocols used in mobile
ZMap is an open source single packet network scanner designed for Internet-wide network surveys. On a typical desktop computer with a gigabit Ethernet connection, ZMap
Massive SQL Injection Vulnerability Scanner
South Africa has witnessed an explosion in cybercrime namely due to the advancement of ICT infrastructure and broadband connectivity in both the public and private
iCloudBrutter is a simple python (3.x) script to perform basic bruteforce attack againts AppleID.
DroidJack is an android RAT which gives you the power to establish control over your victim’s Android devices with an easy to use GUI and
Aquatone is a tool for visual inspection of websites across a large amount of hosts and is convenient for quickly gaining an overview of HTTP-based
Skype Log Viewer allows you to view all of your Skype chat logs and then easily export them as text files.
Gpredict is a real-time satellite tracking and orbit prediction application. It can track a large number of satellites and display their position and other data
Xplico is an open source network forensic analysis tool that supports HTTP, SIP, IMAP, POP, SMTP, TCP, UDP, IPv6, Facebook, MSN, RTP, IRC, and Paltalk
SocialBox is a Bruteforce Attack Framework [ Facebook , Gmail , Instagram ,Twitter ].
One of the most advanced tools to scan phone numbers using only free resources. The goal is to first gather basic information such as country,
fireELF is a opensource fileless linux malware framework thats crossplatform and allows users to easily create and manage payloads. By default is comes with ‘memfd_create’
QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as
A notorious hacking group known as FIN7 is still targeting individuals and businesses, despite the recent arrest of three of its members.
A secure browser that protects your privacy is absolutely essential for staying safe online and keeping your data secure from third parties.
Mozilla Firefox is arguably the best browser available that combines strong privacy protection features, good security, active development, and regular updates. The newest version of
Salamandra is a tool to detect and locate spy microphones in closed environments. It find microphones based on the strength of the signal sent by the
FakeNet-NG is a next generation dynamic network analysis tool for malware analysts and penetration testers. It is open source and designed for the latest versions
Hackazon is a free, vulnerable test site that is an online storefront built with the same technologies used in today’s rich client and mobile applications.
A five-man group suspected of stealing thousands of liters of fuel from Paris service stations have been arrested by French Police.
The FireEye Labs Obfuscated String Solver (FLOSS) uses advanced static analysis techniques to automatically deobfuscate strings from malware binaries. You can use it just like
DevKnox is a first of its kind security tool that enables developers to detect and resolve security issues as they write code in Android Studio.
Almost one year after its launch, some very serious vulnerabilities that could lead to online password cracking have been detected in the next-generation Wi-Fi security
Active reconnaissance, information gathering and OSINT built in a portable web application. D0xk1t is an open-source, self-hosted and easy to use OSINT and active reconnaissance web application for penetration testers.
WiFi Bruteforcer is an android application that bruteforces WiFi passwords using an android device. It does not require a rooted device and is very fast
Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository.
Vayne-RaT is Free and Open Source Remote Administration Tool Coded In C#.
The objective of MISP is to foster the sharing of structured information within the security community and abroad.
ISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements.
Asia is increasingly becoming a lucrative high-tech crime target for cybercriminals, Singapore receiving much of the attention.
Evilginx 2 is a MiTM Attack Framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection.
Stalk your Friends. Find their Instagram, FB and Twitter Profiles using Image Recognition and Reverse Image Search.
Red Team’s SIEM – easy deployable tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability for
The Australian Federal Police recently announced the arrest of Evan Leslie McMahon, a 21-year-old IT professional, for selling login details obtained from various streaming services.
J-CODE, a team working against online drug trafficking, recently arrested 61 individuals in connection with opioid trade on the dark web.
Recently, a developer exposed a very serious “security incident” on his blog. A developer’s client sent him a call for help because after the customer
Shadowave is a website that provides a “verified” phishing page to gain login details of the victim.
Mallet is a tool for creating proxies for arbitrary protocols, along similar lines to the familiar intercepting web proxies, just more generic.
MQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and security assessment operations, as it combines enumeration, supportive functions and exploitation modules while packing
On March 27 and 28, 2019, Paula presented Briefings and Arsenal sessions at Black Hat Asia 2019 in Singapore. CQURE Team has written over 200
In a recent report, security firm Kaspersky Lab says, based on data obtained from its Kaspersky Security Network, that Game of Thrones is the most
WarBerryPi was built to be used as a hardware implant during red teaming scenarios where we want to obtain as much information as possible in
A tool which creates a spoofed certificate of any online website and signs an Executable for AV Evasion. Works for both Windows and Linux.
CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows
Abdulaziz Abdulazizov, a 19-year-old student in St. Petersburg, is one suspect accused of carrying out a darknet-ordered hit to murder Yevgenia Shishkina, a senior investigator
The Natural Health Services Canada exposed personal information of medical marijuana patients in a breach. This NHS data breach reportedly affected as much as 34,000
A Bitcoin fraudster claims to have made 200 BTC, the equivalent of around $760,000, through dark web domain squatting.
Weevely is a stealth PHP web shell that is designed for remote server administration and penetration testing.
Today Cloudfare announced the 1.1.1.1 App with Warp performance and security technology. “We built Warp from the ground up to thrive in the harsh conditions
The Tor Project, the organization behind the anonymity-focused Tor browser, has announced yet another release. The Tor browser 8.0.8 is now available for use.
Penetration testing & Hacking Tools are more often used by security industries to test the vulnerabilities in network and applications. Here you can find a
Wireshark, whose old name is Ethereal; It is a program that can run in many operating systems such as Windows, Linux, MacOS or Solaris and
Compared with its competitors, the more open Android has always had a lot of problems in terms of security. Since then, Google has been more
When you can’t find your type of porn on the clearnet, XPlay is where you go to. It’s a full-fledged porn site on the Dark
Bithumb Hacked 3rd time, Yes, One of the worlds largest cryptocurrency exchange Bithumb Hacked by unknown cybercriminals and they have stolen nearly $20 million worth
WPScan is a free, for non-commercial use, black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their
A platform to run private unannounced Honeypots as Tor Hidden Services (aka Onion Decoys) inside the Tor Network.
With the help of Termux and Inshackle we can easily track unfollowers, Increase your followers, Download Stories, extract profile info and much more.
Toyota hacked, yes, Toyota major subsidiaries network compromised by unknown hackers and they gained unauthorized access to the network where Toyota stored nearly 3.1 million
The Ubuntu 19.04 (Disco Dingo) official version is scheduled to be released on April 18 this year, and today Canonical released the Ubuntu 19.04 Beta
WebTech is a Python software that can identify web technologies by visiting a given website, parsing a single response file or replaying a request described
Social media and darknet sites have replaced traditional systems as the most preferred vehicles of drug sales.
Commando VM launched by FireEye, aiming to provide a Windows distribution that focused on supporting penetration testers and red teamers.
A serious vulnerability in NVIDIA GeForce Experience posed a severe threat to the gamers. More specifically, the software vulnerability threatened users of Windows systems.
Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.
Verifying a file’s cryptographic signature can deduce its origin or trustability. Unfortunately on macs there’s no simple way to view a file’s signature via the
We have compiled a massive list of onion links. See our contents at a glance to jump to the specific category or press control +
Exitmap modules implement tasks that are run over (a subset of) all exit relays. If you have a background in functional programming, think of exitmap
Once again, there is another data leak exposing personal data and business intelligence information from an unsecured source.
Beagle is a tool which aims to accelerate an analyst’s ability to respond to incidents by allowing them to quickly and reliably generate incident response
Tencent IoT Hunter is a framework tool which is developed to gather IoT threat intelligence. It focus on the whole IoT malware analysis life cycle
Define your system in Python using the elements and properties described in the pytm framework. Based on your definition, pytm can generate, a Data Flow
Mr.SIP is a tool developed to audit and simulate SIP-based attacks. Originally it was developed to be used in academic work to help developing novel
P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W (required for HID backdoor).
Xiaopan OS is an easy to use software package for beginners and experts that includes a number of advanced hacking tools to penetrate WPA/WPA2/WPS/WEP wireless
SniffAir is an open-source wireless security framework which allows you to collect, manage and analyze wireless traffic. It also provides the ability to perform sophisticated
BoNeSi, the DDoS Botnet Simulator is a Tool to simulate Botnet Traffic in a tested environment on the wire. It is designed to study the
Security analytics and machine learning processes are fueling the next generation of cyber defenses, helping to address persistent problems in the industry like a skills
Jokeroo, a new Ransomware-as-a-Service (RaaS), is now on offer to affiliates in several membership packages.
Yesterday, Motherboard published a story by Kim Zetter on Operation ShadowHammer, a newly discovered supply chain attack that leveraged ASUS Live Update software.
A darknet vendor named Gnosticplayers is selling 26 million records from six companies. This is the fourth in a series of data sales he’s made
Instantbox spins up a temporary linux systems with Instant webshell access from any browser
Russians will experience stricter internet regulations now that President Putin has signed proposed bills by parliament into law.
With the release of version 67 of Firefox, which is scheduled for May 2019, Mozilla is set to add a new anti-fingerprinting method for users
Toppo is a beginner level CTF and getting the first shell and then root, are only needed to succeed.
SickOS 1.2 is the second Boot2Root Challenge in SickOS Series and is available at Vulnhub. This is an interesting CTF and requires think-out-of-the-box mentality. This
Cyber Threat Intelligence tool launched by Guardicore Labs, it offers information based on malicious Internet IP addresses and domains detected by Guardicore.
SilkETW is a flexible tool aimed to reduce the complexities of ETW(Event Tracing for Windows) and to put actionable data in the hands of researches
This project was developed for the Computer Security course at the developers academic degree. Basically, it will encrypt your files in background using AES-256-CTR, a
A Free MultiOS PHP Interface Botnet with VB.NET and Python based Stub and VB.NET Builder
OSIF is an accurate facebook account information gathering, all sensitive information can be easily gathered even though the target converts all of its privacy to
Rap verses are frequently brought in as “proof” in U.S. courts, with artists confronting discipline for their public portrayal and choice of lyrics.
Xerxes is the most powerful DOS tool of 2019 and comes with enhanced features for stress testing. It provides the capacity to launch multiple independent
Master the art of identifying vulnerabilities within the Windows OS and develop the desired solutions for it using Kali Linux.
Over 100 recipes for penetration testing using Metasploit and virtual machines
Gain practical experience of creating security solutions and designing secure, highly available, and dynamic infrastructure for your organization
Back for the third season, The Hacker Playbook 3 (THP3) takes your offensive game to the pro tier. With a combination of new strategies, attacks,
Penetration testers simulate cyber attacks to find security weaknesses in networks, operating systems, and applications. Information security experts worldwide use penetration techniques to evaluate enterprise
The Red Team Field Manual (RTFM) is a no fluff, but thorough reference guide for serious Red Team members who routinely find themselves on a
Earlier this month, NSA open-sourced Ghidra – its reverse engineering tool. Right after its release, researchers began discovering bugs in the tool. One such critical
SigintOS; as the name suggests, SIGINT is an improved Linux distribution for Signal Intelligence. This distribution is based on Ubuntu Linux. It has its own
Google Photos offers numerous beneficial features to users for managing photos. One such feature includes auto-tagging of photos using image metadata. The app utilizes geo-coordinates,
This is a proof-of-concept stealthy backdoor aimed to aid red teams in maintaining control of their targets during security evaluation process. Project also intends to
ACsploit is an interactive command-line utility to generate worst-case inputs to commonly used algorithms. These worst-case inputs are designed to result in the target program
CEH v10 – Certified Ethical Hacker v10 full PDF is Available for Download now.
CEH V10 : Certified Ethical Hacker v10 Lab Tools Download.
The Metasploit Project is a computer security project that provides information on vulnerabilities, helping in the development of penetration tests and IDS signatures. Metasploit is
Player Unknown’s Battle Ground (Yes! PUBG is an acronym in case some of you did not know) is the latest addiction of gamers. It is
Fern Wifi Cracker is a Wireless security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library, the program is able
You think your passwords are strong and secure? You are mistaken! There are numerous options to secure your password, but when it comes to the
Kage (ka-geh) is a tool inspired by AhMyth designed for Metasploit RPC Server to interact with meterpreter sessions and generate payloads.
Cat Nip will perform an automatic penetration test on a desired website including information gathering, reconnaissance and reporting.
A fileless malware, recently spotted by TrendMicro, steals online banking credentials by accessing remote control of users’ devices. It also steals devices and email accounts
Whether it’s reconnaissance or some useful email address validation pre-processing, it might be handy to know a few things about telnet email address validation. This
Domain-based Message Authentication, Reporting, and Conformance (DMARC) is a standard that helps protect email senders and recipients from spoofing, spam and phishing. With this, mail
DKIM email security standard was designed to make sure messages were not altered or compromised in transit between sender and receiver. It uses public-key cryptography
Quick overview of SPF email validation protocol (Examples, Vulnerabilities).
dnSpy is a tool to reverse engineer .NET assemblies, including .NET debugger, a decompiler and an assembly editor. This tool can be easily extended by
Dante Socks Proxy Server is developed by Inferno Nettverk A/S, and it consists of a SOCKS server and a SOCKS client, implementing RFC 1928 and
CMSeeK is a CMS detection and exploitation tool, written in Python3, capable of scanning numerous content management systems including WordPress, Joomla, Drupal, etc. It allows
A very short overview of Wireless Security Protocols including WEP, WPA, WPA2 and WPA3. For each of them we’ll try to point out both their
There might be a time where you picked up an old laptop and had a bios password lock enabled but no clue to reset it.
NSA released Ghidra a free reverse Engineering tool for Malware analyst with an interactive GUI capability that runs on various platforms including Windows, Mac OS,
Google security researchers publicly disclosed the macOS kernel vulnerability.
Since the first release in 2013 with 1.0.0, Kali Linux has updated 24 different versions with many upgrades and bug fixes. Here we will take
Financial software company Intuit recently learned that TurboTax account users’ tax return information was compromised in a credential stuffing attack. In a security notice, Intuit
A full year after the Russian social media platform VKontakte failed to reward a security researcher for a vulnerability tip, or to even fix the
Where’s the breach? In 2015 and 2016, it was at Wendy’s, when attackers infected 1,025 of its restaurants’ point-of-sale systems with malware, leading to the
Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. XSS attacks occur
A little VBScript E013 that steal Wifi passwords from Windows. Into the file WifiName.txt you can see the password of every saved wifi available on
Hcxdumptool is small tool to capture packets from wlan devices. After capturing, upload the “uncleaned” cap here to see if your application or the client
chntpw is a Kali Linux tool that can be used to edit the windows registry, reset a users password, and promote a user to administrator,
SQL injection is a standout amongst the most widely recognized attacks against web applications. Here is the list of Best SQL Injection Tools 2019.
fsociety is a penetration testing framework consists of all penetration testing tools that a hacker needs. It includes all the tools that involved in the
Masscan has been around for some time now and already it’s in use by pentesters all around. It’s a reconnaissance tool which can transmit up to 10 million
Instagram-Py is a straightforward python script to perform brute force attack against Instagram , this script can sidestep login restricting on wrong passwords , so
Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.
Splice Admin is a remote Windows administration tool. It allows you to retrieve information and interact with remote machines on your network.
SecGen creates vulnerable virtual machines so students can learn security penetration testing techniques. Boxes like Metasploitable2 are always the same, this project uses Vagrant, Puppet,
With the development of the Internet, personal information is becoming more and more transparent. For preventing the leak information, many security teams are interested in developing
Import VM to the Virtualbox and turn on. Use netdiscover to determine the IP Address of the machine, then add this IP to your local
Start the Virtual machine and use Netdiscover to find its IP Address. Register this IP to your local DNS file “/etc/hosts”. sudo netdiscover -r [IP/subnet]
Once the image loaded up,we need to figure out the IP address of the host. nmap -sn -PE 192.168.1.200-254 Ok, so the host pulled .207
Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks
Fierce is a semi-lightweight scanner that helps locate non-contiguous IP space and hostnames against specified domains. It’s really meant as a pre-cursor to nmap, unicornscan,
Anomor automates the phishing process by generating links you forward to the victim.
Tweetlord is an open source Twitter profile dumper (downloader) with the on-the-fly account swapping support for bypassing the rate limit restrictions.
Instainsane is an Shell Script to perform multi-threaded brute force attack against Instagram, this script can bypass login limiting and it can test infinite number
Here we will discuss how to hack Facebook with kali linux, as well as, to develop understanding of how fake web pages are created, so
If you are currently struggling with getting traffic to your website, or converting that traffic when it shows up, you may think you’ve got a
Your one stop solution to implement a Cyber Defense Intelligence program in to your organisation. Key Features Intelligence processes and procedures for response mechanisms Master
This 25th anniversary edition of Steven Levy’s classic book traces the exploits of the computer revolution’s original hackers — those brilliant and eccentric nerds from
A practical guide to testing your network’s security with Kali Linux, the preferred choice of penetration testers and hackers. About This Book Employ advanced pentesting
Beginning with a basic primer on reverse engineering-including computer internals, operating systems, and assembly language-and then discussing the various applications of reverse engineering, this book
Memory forensics provides cutting edge technology to help investigate digital attacks Memory forensics is the art of analyzing computer memory (RAM) to solve digital crimes.
Cypherpunks are activists who advocate the widespread use of strong cryptography (writing in code) as a route to progressive change. Julian Assange, the editor-in-chief of
Linux Kernel Development details the design and implementation of the Linux kernel, presenting the content in a manner that is beneficial to those writing and
The world’s most infamous hacker offers an insider’s view of the low-tech threats to high-tech security. Kevin Mitnick’s exploits as a cyber-desperado and fugitive form
The vulnerability allows an attacker to obtain victim audio before the victim answers a FaceTime call, causing user privacy to be compromised.
Love you malware changes tactics as it targets Japan and spreads the ransomware Gandcrab 5.1. Malspam campaign, “Love you,” named after its attachment’s subject title, has a
The BBC in the UK has recently highlighted a problem affecting fans of some high-profile YouTubers. It seems they are being targeted by a YouTube
In a press release published on 30th January, European aerospace corporation Airbus announced they were the victim of a security breach. In the statement, the
Revolution OS is a documentary film that tells the inside story of the hackers who rebelled against Microsoft and created GNU/Linux and the Open Source
AIMSICD is an app to detect IMSI-Catchers. IMSI-Catchers are false mobile towers (base stations) acting between the target mobile phone(s) and the real towers of
cSploit is a free/libre and open source (GPLed) Android network analysis and penetration suite which aims to be the most complete and advanced professional toolkit
Routersploit is an open source framework used for exploiting vulnerabilities in embedded devices like routers.
Hping3 is basically a TCP IP packet generator and analyzer! It is common for generating packets but mostly used for denial of service attacks or
Veil is a tool designed to generate metasploit payloads that bypass common anti-virus solutions.
Avet is a tool for building exe files with shellcode payloads for antivirus evasion.
Can Hackers Be Heroes is a short documentary film from PBS Digital Studio. Many people think of hackers as cyber criminals, breaking into computer systems
Cyber War is a documentary film from Al Jazeera media network. The film is all about US cyber security and state-sponsored hacking attacks.
Inside the Dark Web turns to the topic of internet surveillance concerning the pros and cons of the ability for everything that passes over the
Zero Days is a documentary film produced by VPRO. The film talks about cyber security and online black markets. Zero Days paints a frightening portrait of
The 16×9 takes viewers into a “Hackers World” through interviews and news reports. It features the infamous hacker collective “Anonymous” — Anonymous is a decentralized
Free the Network is a documentary film from MotherBoard. The film talks about the Occupy Wall Street, hacktivism, and the hackers trying to build a
Defeating the Hackers is documentary film directed by Kate Dart for BBC Horizon series. The film explores the hacker community and computer security through various
Cyber attacks are common and show how vulnerable our digitally interconnected lives have become.
GlobaLeaks is an open-source, free software intended to enable secure and anonymous whistleblowing initiatives developed by the Hermes Center for Transparency and Digital Human Rights. It is an
Cyphon is a big data platform that aggregates, standardizes, and enhances data for easier analysis. Many businesses rely on emails to manage alert notifications, which
Threat intelligence chat bots are useful friends. They perform research for you and can even be note takers or central aggregators of information.
Deception techniques if deployed well can be very effective for organizations to improve network defense and can be a useful arsenal for blue teams to
Tool-X is Developed By Rajkumar Dusad. with the help of Tool-X you can install best hacking tools in Rooted or Non Rooted Android devices.
Nipe is a Script to make Tor Network your Default Gateway.
OnionShare is an open source tool that allows you to share files securely and anonymously. It supports file(s) of any size.
Ultimate Network Stealther that makes Linux a Ghost In The Net and protects from MITM/DOS/scan
Xnspy is a mobile spying app that offers the craziest spying features on both iPhone and Android smartphones.
Keylogging is the malicious action of spying on the keyboard input of a target user. This is done in secret by malware applications that steal
Beelogger allows you to generate a keylogger in a document format which can be executed via emails
Ghostpress is a free anti-keylogging software that prevent malicious software from capturing your keyboard presses.
Spykeyboard is a script which allows us to generate an undetectable keylogger which sends the captured keys to our gmail mail.
Each day more and more devices are coming online, adding to the ever-growing Internet of Things (IoT). Analysts agree the IoT will grow to many
Instead of spending time installing, configuring and setting up various tools required for IoT pentesting, here is a pre-made distro for you containing the tools
Heathen Internet of Things Penetration Testing Framework developed as a research project, which automatically help developers and manufacturers build more secure products in the Internet
Apparatus is a security framework to facilitate security analysis in IoT systems. To make the usage of the Apparatus framework easier the ASTo app was
Expliot is a framework for security testing IoT and IoT infrastructure. It provides a set of plugins (test cases) and can be extended easily to
Naked Citizens is a documentary film that shows how online and CCTV surveillance data is being used to arrest “terror suspects”.
Are You Tired of All The Spying and Lack of Privacy on The Internet? Keep Reading to Learn The Secrets to Staying Anonymous
A practical guide to deploying digital forensic techniques in response to cyber security incidents