I have been playing close attention to Internet of Things (IoT) malware targeting systems with Telnet enabled, while also collecting samples targeting systems with SSH enabled on port 22. I’ve collected over 650 samples landing in my honeypot within th…
Findomain- Fastest And Cross-platform Subdomain Enumerator
FinDomain- Fastest And Cross-platform Subdomain Enumerator.
Comparison
It comparison gives you a idea why you should use findomain instead of another enumerators. The domain used for the test was Microsoft.com in the following BlackArch virtual ma…
In Conversation: The Women in Network Security
Why does network security matter? On average, there is a hacker attack every 39 seconds. If any of these attacks result in a data breach, they could cost over $150 million, with research suggesting that cyber-attacks could cost businesses over…
Major Metapackage Makeover
With our 2019.3 Kali release imminent, we wanted to take a quick moment to discuss one of our more significant upcoming changes: our selection of metapackages. These alterations are designed to optimize Kali, reduce ISO size, and better organize metapa…
Burp Suite Extension – To Monitor And Keep Track of Tested Endpoints
Burp Scope Monitor Extension
A Burp Suite Extension to monitor and keep track of tested endpoints.
Main Features
Simple, easy way to keep track of unique endpoints when testing an application
Mark individual endpoints as analyzed or not
Inst…
Edge DNS: Zone Apex Mapping & DNSSEC
Along with its DDoS resilience and impressive global footprint, Akamai Edge DNS offers zone administrators additional technical flexibility and implementation options to improve performance and simplify DNS operations. One example is zone apex mapping …
HTTP2 Vulnerabilities
On Tuesday, August 13th at 10 AM Pacific Time (1700UTC), Netflix publicly disclosed a series of vulnerabilities found by Jonathan Looney that impact many implementations of the HTTP2 protocol. A vulnerability found by Piotr Sikora of Google was also re…
From On-Prem to Cloud: The Complete AWS Security Checklist
This complete AWS cloud auditing security checklist outlines what it takes to protect sensitive data center security & intellectual property when securing an organization?s cloud deployment.
Slurp- To Security Audits of S3 Buckets Enumerator
Slurp- Blackbox/Whitebox S3 Bucket Enumerator
To Evaluate the security of S3 buckets
Overview
Credit to all the vendor packages to develop Slurp possible.
Slurp is for pen-testers and security professionals to perform audits of s3 bucke…
PowerHub- A Post Exploitation Suite To Bypass Endpoint Protection
PowerHub- A Post Exploitation Suite To Bypass Endpoint Protection
PowerHub is a convenient post exploitation tool which aids a pentester in transferring files, in particular code which may get flagged by endpoint protection.
During an engageme…