Running a security awareness program

So, you've finally convinced management of the need for security awareness training. What next? I’ve been performing security awareness training for around 10 years, and doing it full time here at PTP for the last 3 and a half years. From the thousands of sessions I have run I’ve found the most...

Public Shaming of Companies for Bad Security

Troy Hunt makes some good points, with good examples...

Firework - Leveraging Microsoft Workspaces in a Penetration Test

Firework is a proof of concept tool to interact with Microsoft Workplaces creating valid files required for the provisioning process. The tool also wraps some code from Responder to leverage its ability to capture NetNTLM hashes from a system that provisions a Workplace feed via it. This tool may...

DorkMe - Tool Designed With The Purpose Of Making Easier The Searching Of Vulnerabilities With Google Dorks

DorkMe is a tool designed with the purpose of making easier the searching of vulnerabilities with Google Dorks, such as SQL Injection vulnerabilities.DorkMe is a tool designed with the purpose of making easier the searching of vulnerabilities with Google Dorks, such as SQL Injection...

WebRTC - H264 NAL Packet Processing Type Confusion

Type confusion can occur when processing a H264 packet. In the method PacketBuffer::FindFrames in modules/videocoding/packetbuffer.cc there is a loop on line 296 that goes through the databuffer vector backwards. The flag ish264 is set before this loop, and if it is true, the loop extracts and se...

Noisy - Simple Random DNS, HTTP/S Internet Traffic Noise Generator

A simple python script that generates random HTTP/DNS traffic noise in the background while you go about your regular web browsing, to make your web traffic data less valuable for selling and for extra obscurity. Tested on MacOS High Sierra, Ubuntu 16.04 and Raspbian Stretch and is compatable wit...

[SECURITY] Fedora 28 Update: botan2-2.7.0-1.fc28

Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...

OWASP Joomla Vulnerability Scanner Project: JoomScan

OWASP JoomScan short for Joomla Vulnerability Scanner is an opensource project in perl programming language to detect Joomla CMS vulnerabilities and analysis. If you want to do a penetration test on a Joomla CMS, OWASP JoomScan is Your best shot ever! This Project is being faster than ever and...

Luracast Restler Directory Traversal Vulnerability

Restler is a support for multiple protocols used to publish PHP classes and methods into a REST API open source framework . A directory traversal vulnerability exists in the public/examples/resources/getsource.php page of Luracast Restler used in the restler extension of TYPO3. A remote tele...

Dnsmorph - Domain Name Permutation Engine Written In Go

DNSMORPH is a domain name permutation engine, inspired by dnstwist. It is written in Go making for a compact and very fast tool. It robustly handles any domain or subdomain supplied and provides a number of configuration options to tune permutation runs. DNSMORPH includes the following domain...

org.apache.storm:flux-core (>=1.2.0 <=1.2.1), org.apache.storm:storm-elasticsearch-examples (>=1.2.0 <=1.2.1) +14 more potentially affected by CVE-2018-8008 via org.apache.storm:storm-core (>=1.2.0 <=1.2.1)

org.apache.storm:storm-core MAVEN version =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.1 and more Source cves: CVE-2018-8008 Source advisory: SNYK:JAVA-ORGAPACHESTORM-32346...

Eternal Check - Ip Vulnerability Check To Eternal Blue, Romance, Synergy & Champion

Ip Vulnerability Check To Eternal Blue, Romance, Synergy & Champion: Eternal Check Eternal Check verifies if an ip is vulnerable to the smb vulnerabilities Eternal Blue Eternal Romance Eternal champion Eternal synergy Screenshots Eternal Check Running Video Requirements nmap winbind wine32 wget...

LinkFinder - A Python Script That Finds Endpoints In JavaScript Files

LinkFinder is a python script written to discover endpoints and their parameters in JavaScript files. This way penetration testers and bug hunters are able to gather new, hidden endpoints on the websites they are testing. Resulting in new testing ground, possibility containing new vulnerabilities...

How artificial intelligence and machine learning will impact cybersecurity

Artificial intelligence AI and machine learning ML are hot topics in technology. New use cases and applications are discussed daily—from search results recommendations to smart cars. But what are cybersecurity organizations doing with this tech? What does it take to render additional security out...

Gitleaks - Searches Full Repo History For Secrets And Keys

Searches Full Repo History For Secrets And Keys. Installing go get -u github.com/zricethezav/gitleaks Usage and Explanation ./gitleaks options Gitleaks audits local and remote repos by running regex checks against all commits. Options usage: gitleaks options / Options: -u --user Git user mode -r...

SQLmap Tamper-API - SQLMap Tamper API To Accept Tamper Scripts From All Languages

It's an API for SQLmap tamper scripts allows you to use your favorite programming language to write your tamper scripts. This API solves SQLmap limitation of accepting only python to write tamper scripts. How it works taper-api.py script sends the payload and kwargs in a JSON format "payload": ""...

ProcDump for Linux - A Linux version of the ProcDump Sysinternals tool

ProcDump is a Linux reimagining of the classic ProcDump tool from the Sysinternals suite of tools for Windows. ProcDump provides a convenient way for Linux developers to create core dumps of their application based on performance triggers. Installation & Usage Requirements Minimum OS: Ubuntu 14.0...

Sublist3r v1.0 - Fast subdomains enumeration tool for penetration testers

Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r enumerates subdomains using many search engines such as Google, Yahoo, Bing, Baidu, and Ask...

Atlassian Jira, Python and automated labeling

I have already wrote about Atlassian Jira automation in "Automated task processing with JIRA API". But all examples there were with using of curl. So, I decided to make one more post about Jira API. This time with python examples and about labeling issues nice wordplay, right? . You can use label...

EmbedInHTML - Embed and hide any file in an HTML file

What this tool does is taking a file any type of file, encrypt it, and embed it into an HTML file as ressource, along with an automatic download routine simulating a user clicking on the embedded ressource. Then, when the user browses the HTML file, the embedded file is decrypted on the fly, save...