ReconAIzer: OpenAI-based Extension for Burp Suite

Burp Suite, the renowned Bug Bounty Hunting and Web Application Penetration Testing tool, has been improvised with many extensions over the years. Many of Burp’s Extensions have been used by Bug Bounty Hunters and Security Researchers for various purpo…

September 13, 2023
Read More >>

ICMPWatch – Advanced Sniffing & Analysis of ICMP Packets

ICMP Packet Sniffer is a Python program that allows you to capture and analyze ICMP (Internet Control Message Protocol) packets on a network interface. It provides detailed information about the captured packets, including source and destination IP addresses, MAC addresses, ICMP type, payload data, and more. The program can also store the captured packets in […]

September 13, 2023
Read More >>

PowerToys Run’s Quick Lookup Plugin

This plugin for PowerToys Run allows you to quickly search for an IP address, domain name, hash, or any other data point in a list of Cyber Security tools. It’s perfect for security analysts, penetration testers, or anyone else who needs to quickly look up information when investigating artifacts or alerts. Installation To install the plugin: Usage […]

September 13, 2023
Read More >>

Top 10 SaaS Security Checklist in 2023

Software as a Service (SaaS) security refers to the measures and practices employed to protect SaaS solutions’ data, applications, and infrastructure. SaaS is a cloud computing model where software applications are hosted and delivered over the i…

September 12, 2023
Read More >>

Moniorg – Passive Monitoring via Certificate Transparency

Description Moniorg is a cutting-edge tool that uses Certificate Transparency logs to let you keep an eye on things without being noticed. With this tool, security experts can keep track of new names that are linked to an organization’s SSL certificates. This gives them a unique look into the organization’s infrastructure. By using the power […]

September 12, 2023
Read More >>

HTTP-Shell: Multiplatform Reverse Connection Tool

HTTP-Shell is a multiplatform reverse shell. This tool helps you obtain a shell-like interface on a reverse connection over HTTP. Unlike other reverse shells, the main goal of the tool is to be used in conjunction with Microsoft Dev Tunnels in order to get a connection as close as possible to a legitimate one. This shell […]

September 12, 2023
Read More >>

WhatsApp’s Task Hijacking Bug Explained

Around a year ago, I discovered a long-standing vulnerability in WhatsApp and other popular Android applications. Despite its existence for years, this vulnerability remained largely theoretical. To demonstrate its real-world impact, I successfully exploited it on WhatsApp, Facebook, and Facebook Lite. I promptly reported my findings to Facebook’s White Hat program. In this post, I’ll share […]

September 11, 2023
Read More >>