Lucene search
K

812 matches found

Kitploit
Kitploit
added 2018/08/09 1:12 p.m.42 views

TIDoS Framework - The Offensive Web Application Penetration Testing Framework

TIDoS Framework is a comprehensive web-app audit framework. let's keep this simple Highlights :- The main highlights of this framework is: TIDoS Framework now boasts of a century+ of modules. A complete versatile framework to cover up everything from Reconnaissance to Vulnerability Analysis. Has ...

7.9AI score
Exploits0References1
ThreatPost
ThreatPost
added 2018/08/08 5:24 p.m.14 views

Threatlist: Manufacturing, a Top Target for Espionage

When it comes to cyberattack-related reconnaissance and lateral movement activity, the manufacturing industry exhibits higher than normal rates. That’s according to Vectra’s 2018 Spotlight Report on Manufacturing, which crunched data from more than 4 million devices and workloads from customer...

0.9AI score
Exploits0References5
Kitploit
Kitploit
added 2018/08/04 9:49 p.m.16 views

Raccoon - A High Performance Offensive Security Tool For Reconnaissance And Vulnerability Scanning

Offensive Security Tool for Reconnaissance and Information Gathering. Features DNS details DNS visual mapping using DNS dumpster WHOIS information TLS Data - supported ciphers, TLS versions, certificate details and SANs Port Scan Services and scripts scan URL fuzzing and dir/file detection...

7.4AI score
Exploits0References4
Kitploit
Kitploit
added 2018/08/03 9:26 p.m.27 views

Portforge.Cr - A Script Which Opens Multiple Sockets From A Specific Port Range You Input

This script is intended to open as many sockets as you which between 1024 - 65535. Lower than 1024 works too but you have to be a root user for that. This can be useful when you don't want people to map out your device and see what you're running and not, so it's a small step to defeat...

7.2AI score
Exploits0References2
ThreatPost
ThreatPost
added 2018/08/02 4:46 p.m.14 views

Phishing Campaign Steals Money From Industrial Companies

Industrial production companies are the targets in a large-scale spear-phishing email campaign aimed at installing legitimate remote administration software on victims’ systems. Researchers with Kaspersky Lab said that emails purporting to be commercial offers were the conduit to enabling attacke...

1.8AI score
Exploits0References2
n0where
n0where
added 2018/08/01 5:5 p.m.18 views

Network and System Reconnaissance Tool: Sandmap

Sandmap is a tool supporting network and system reconnaissance using the massive Nmap engine . It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques. Key Features simple CLI with the ability to run pure Nmap engine...

6.9AI score
Exploits0References2
n0where
n0where
added 2018/08/01 4:47 p.m.25 views

Reconnaissance and Vulnerability Scanning Tool: Raccoon

Raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity. It will do everything from fetching DNS records, retrieving WHOIS information, obtaining TLS data, detecting WAF presence and up to threaded dir busting and subdomain enumeration. Every scan output...

6.9AI score
Exploits0References4
Imperva Blog
Imperva Blog
added 2018/07/24 4:13 p.m.48 views

The Data Breach ‘Kill Chain’: Early Detection is Key

Today, organizations rely heavily on data, with a big portion of that data made up of sensitive information. As organizations become the custodians of more and more sensitive information, the frequency of data breaches increases accordingly. In some cases, the origin of a data breach is outside o...

1AI score
Exploits0
ThreatPost
ThreatPost
added 2018/07/17 6:27 p.m.12 views

Recent Andariel Group ActiveX Attacks Point to Future Targets

Researchers say that the North Korea-linked Andariel hacking group may be looking to switch up its targets, based on key changes in its script found on recently compromised websites. The Andariel group is associated with the infamous Lazarus Group, North Korea’s cyber-espionage unit. Andariel has...

7AI score
Exploits0References4
The Hacker News
The Hacker News
added 2018/07/10 2:30 p.m.60 views

Gaza Cybergang Returns With New Attacks On Palestinian Authority

Security researchers from Check Point Threat Intelligence Team have discovered the comeback of an APT advanced persistent threat surveillance group targeting institutions across the Middle East, specifically the Palestinian Authority. The attack, dubbed "Big Bang," begins with a phishing email se...

0.7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/07/10 2:25 p.m.164 views

Carbon Black TAU Threat Analysis: Recent Dharma Ransomware Highlights Attackers’ Continued Use of Open-Source Tools

In June of 2018, an organization contacted the Carbon Black Threat Analysis Unit TAU about a ransomware attack they were currently investigating. TAU team members worked with the firm investigating the incident. After the initial analysis was completed, it became apparent that this network had be...

7.5AI score
Exploits0
FireEye
FireEye
added 2018/07/10 12:0 p.m.3876 views

Malicious PowerShell Detection via Machine Learning

Introduction Cyber security vendors and researchers have reported for years how PowerShell is being used by cyber threat actors to install backdoors, execute malicious code, and otherwise achieve their objectives within enterprises. Security is a cat-and-mouse game between adversaries, researcher...

5CVSS8AI score0.99993EPSS
Exploits45
Kitploit
Kitploit
added 2018/06/05 10:33 p.m.18 views

DejaVU - Open Source Deception Framework

Deception techniques if deployed well can be very effective for organizations to improve network defense and can be a useful arsenal for blue teams to detect attacks at very early stage of cyber kill chain. But the challenge we have seen is deploying, managing and administering decoys across larg...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2018/05/14 1:46 p.m.20 views

Sandmap - A Tool Supporting Network And System Reconnaissance Using The Massive Nmap Engine

Sandmap is a tool supporting network and system reconnaissance using the massive Nmap engine. It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques. Key Features simple CLI with the ability to run pure Nmap engine...

6.8AI score
Exploits0References1
Kitploit
Kitploit
added 2018/05/11 8:46 p.m.12 views

Portspoof - Enhance Your Systems Security Through A Set Of New Camouflage Techniques

The Portspoof program primary goal is to enhance your system's security through a set of new camouflage techniques. As a result of applying them your attackers' port scan result will become entirely mangled and to very significant extent meaningless. Techniques used to achieve this: All configure...

7.1AI score
Exploits0References2
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/05/03 1:52 p.m.15 views

Man Climbs Severn Bridge. Your office is twice as easy and half as scary

So you think no one would ever sneak into your business? Think Again. The man who climbed the Severn Bridge and broke into the Big Brother house seems to have method to his madness. Here’s why. When I describe Social Engineering to some I get a common response: “Yeah, but who would ever do that i...

6.7AI score
Exploits0
CVE
CVE
added 2018/05/02 10:0 p.m.54 views

CVE-2018-0288

The CVE-2018-0288 issue concerns Cisco WebEx Recording Format (WRF) Player: a design flaw in processing WRF files can allow remote attackers to read memory outside the mapped file boundaries, enabling information disclosure. Affected products include Cisco WebEx Business Suite meeting sites, WebE...

5.3CVSS5.4AI score0.02674EPSS
Exploits0References3Affected Software1
Cisco
Cisco
added 2018/05/02 4:0 p.m.22 views

Cisco WebEx Recording Format Player Information Disclosure Vulnerability

A vulnerability in Cisco WebEx Recording Format WRF Player could allow an unauthenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to a...

5.3CVSS0.8AI score0.02674EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2018/04/27 3:58 p.m.10 views

ThaiCERT Seizes Hidden Cobra Server Linked to GhostSecret, Sony Attacks

Thailand’s Computer Emergency Response Team ThaiCERT has seized a server operated by the North Korea-linked Hidden Cobra APT, which is used to control the global GhostSecret espionage campaign. The campaign is still ongoing. ThaiCERT said in an alert on Wednesday that it is working with McAfee an...

1.3AI score
Exploits0References6
Imperva Blog
Imperva Blog
added 2018/04/26 8:7 p.m.63 views

Drupalgeddon3: Third Critical Flaw Discovered

For the third time in the last 30 days, Drupal site owners are forced to patch their installations. As the Drupal team noted a few days ago, new versions of the Drupal CMS were released, to patch one more critical RCE vulnerability affecting Drupal 7 and 8 core. The vulnerability, code-named...

3.1AI score
Exploits0
Rows per page
Query Builder