Stable Channel Update for Desktop

The Stable channel has been updated to 107.0.5304.121 for Mac and Linux and 107.0.5304.121/.122 for Windows, which will roll out over the coming days/weeks. A full list of changes in this build is available in the log. Security Fixes and Rewards Note: Access to bug details and links may be kept...

vulhub

This repository is an offensive tool for web application security training and testing. It is a collection of vulnerable web applications and tools for testing and training purposes. The repository contains a variety of vulnerable applications, including web servers, databases, and other web-base...

vulhub

This is an open-source collection of vulnerable web applications and environments, designed for security training and testing. The repository contains a variety of applications, including web servers, databases, and other services, each with its own set of vulnerabilities. The goal is to provide ...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

This work includes testing and improvement tools for C...

vulhub

This is an open-source collection of vulnerable systems and applications for educational purposes. The repository is maintained by phith0n and is available on GitHub. It contains a variety of vulnerable systems and applications, including web applications, databases, and operating systems. The...

vulhub

This repository is an open-source collection of vulnerable systems and applications for educational purposes, specifically for learning and practicing penetration testing and vulnerability assessment. It is maintained by phith0n and hosted on GitHub. The repository contains various vulnerable...

KaliIntelligenceSuite - Shall Aid In The Fast, Autonomous, Central, And Comprehensive Collection Of Intelligence By Executing Standard Penetration Testing Tools

Kali Intelligence Suite KIS shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by automatically: executing Kali Linux tools e.g., dnsrecon, gobuster, hydra, nmap, etc. querying publicly available APIs e.g., Censys.io, Haveibeenpwned.com, Hunter.io,...

vulhub

This repository is an open-source collection of vulnerable web applications and tools for security training and research. It is maintained by phith0n and hosted on GitHub. The repository contains a variety of vulnerable applications, including web servers, databases, and other systems, to help...

vulhub

This is an open-source collection of vulnerable web applications and environments for testing and learning purposes. It is a community-driven project that aims to provide a safe and controlled environment for users to practice and improve their skills in web application security. The repository...

Reforming the UK’s Computer Misuse Act

The UK Home Office recently ran a Call for Information to investigate the Computer Misuse Act 1990 CMA. The CMA is the UK’s anti-hacking law, and as Rapid7 is active in the UK and highly engaged in public policy efforts to advance security, we provided feedback on the issues we see with the...

pentest-wiki

This is a collection of information gathering tools and techniques for penetration testing and security research. The repository contains various scripts and documentation for gathering information about a target organization, including IP analysis, whois analysis, and social media research. The...

PayloadsAllTheThings

This repository is an offensive tool for Web Application Security and Pentest/CTF. It contains a list of useful payloads and bypass for various web application security vulnerabilities and penetration testing. The repository includes tools and exploits for vulnerabilities such as CRLF injection,...

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is an offensive tool for various areas, including web application security, penetration testing, and vulnerability research. The primary purpose of Vulhub is to provide a convenient and...

vulhub

This is an open-source collection of pre-built vulnerable docker environments. It is a repository for testing and demonstrating various vulnerabilities in different applications and frameworks. The repository contains a variety of vulnerable environments, including web applications, databases, an...

PayloadsAllTheThings

This is a collection of security-related tools and resources, including a list of useful payloads and bypass techniques for web application security and penetration testing/CTF Capture The Flag. The repository includes tools such as Pacu, an AWS exploitation framework, and Bucket Finder, a tool f...

Evaluating Your Security Controls? Be Sure to Ask the Right Questions

Testing security controls is the only way to know if they are truly defending your organization. With many different testing frameworks and tools to choose from, you have lots of options. But what do you specifically want to know? And how are the findings relevant to the threat landscape you face...

Evaluating Your Security Controls? Be Sure to Ask the Right Questions

Testing security controls is the only way to know if they are truly defending your organization. With many different testing frameworks and tools to choose from, you have lots of options. But what do you specifically want to know? And how are the findings relevant to the threat landscape you face...

Broadening the Scope: A Comprehensive View of Pen Testing

Penetration tests have long been known as a critical security tool that exposes security weaknesses through simulated attacks on an organization's IT environments. These test results can help prioritize weaknesses, providing a road-map towards remediation. However, the results are also capable of...

[SECURITY] Fedora 31 Update: dnsperf-2.3.2-2.fc31

This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf1 and resperf1 man pages...

vulhub

It is an offensive tool for Vulnerability Research. The repository, vulhub, is a collection of pre-built vulnerable environments based on Docker-Compose. It is designed to be used for vulnerability research and testing, allowing users to easily create and manage vulnerable environments without...