Lucene search
K

82 matches found

The Hacker News
The Hacker News
added 2020/01/16 6:7 p.m.52 views

Broadening the Scope: A Comprehensive View of Pen Testing

Penetration tests have long been known as a critical security tool that exposes security weaknesses through simulated attacks on an organization's IT environments. These test results can help prioritize weaknesses, providing a road-map towards remediation. However, the results are also capable of...

6.9AI score
Exploits0
Kitploit
Kitploit
added 2019/12/26 8:46 p.m.171 views

nmapAutomator - Tool To Automate All Of The Process Of Recon/Enumeration

nmapAutomator A script that you can run in the background! Summary The main goal for this script is to automate all of the process of recon/enumeration that is run every time, and instead focus our attention on real pen testing. This will ensure two things: 1 Automate nmap scans. 2 Always have so...

7.3AI score
Exploits0References2
Pen Test Partners Blog
Pen Test Partners Blog
added 2019/11/29 9:41 a.m.94 views

Ships engines, a guide for pen testers

I spent several years as a ships engineer before straying in to pen testing. Ships used to be fairly secure; they were physically isolated at sea. Satcoms were scarily expensive, usually available only to the captain for business-critical communication. Even satphone use was heavily rationed. All...

6.6AI score
Exploits0
Kitploit
Kitploit
added 2019/11/07 12:0 p.m.1268 views

Github-Dorks - Collection Of Github Dorks And Helper Tool To Automate The Process Of Checking Dorks

Github search is quite powerful and useful feature and can be used to search sensitive data on the repositories. Collection of github dorks that can reveal sensitive personal and/or organizational information such as private keys, credentials, authentication tokens, etc. This list is supposed to ...

7.3AI score
Exploits0References6
Pen Test Partners Blog
Pen Test Partners Blog
added 2019/08/05 6:25 a.m.302 views

PTP at DEF CON 27

Here's the lowdown on our 14 DEF CON 27 talks, workshops, and panel sessions: Main Stage Track 3 Paris: Saturday 13:00 Chris Wade presents Tag-side attacks against NFC Track 2 Paris: Saturday 15:00 G Richter presents Reverse-Engineering 4g Hotspots for Fun, Bugs and Net Financial Loss Villages...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2019/07/31 1:0 p.m.70 views

Black Hat USA 2019 Preview

Las Vegas – Despite bizarre reports of a grasshopper infestation, Black Hat USA 2019 and DEF CON are set to kick off next week in Las Vegas, bringing on a wave of sessions, keynotes and security-themed villages. The Threatpost team, which will be on the frontlines of next week’s shows, discuss wh...

6.6AI score
Exploits0References13
Pen Test Partners Blog
Pen Test Partners Blog
added 2019/07/05 8:0 a.m.163 views

Getting your head under the hood and out of the sand: Automotive security testing

We’ve been doing automotive pen testing for several years now. Along the way we’ve had some fascinating experiences, working with some insightful and forward-thinking OEMs. But we’ve also worked with some OEMs and suppliers that consider pen testing to be a box checking exercise and frankly, buri...

7.3AI score
Exploits0
n0where
n0where
added 2018/10/23 4:10 a.m.132 views

Web Testing Framework Samurai

The Samurai Web Testing Framework is a virtual machine, supported on VirtualBox and VMWare, that has been pre-configured to function as a web pen-testing environment. The VM contains the best of the open source and free tools that focus on testing and attacking websites. In developing this...

7AI score
Exploits0References2
Kitploit
Kitploit
added 2018/09/11 9:34 p.m.1894 views

MobSF (Mobile Security Framework) v1.0 - Mobile (Android/iOS) Automated Pen-Testing Framework

Mobile Security Framework MobSF is an automated, all-in-one mobile application Android/iOS/Windows pen-testing framework capable of performing static, dynamic and malware analysis. It can be used for effective and fast security analysis of Android, iOS and Windows mobile applications and support...

7.3AI score
Exploits0References8
Kitploit
Kitploit
added 2018/06/13 2:30 p.m.20 views

Metateta - Automated Tool For Scanning And Exploiting Network Protocols Using Metasploit

Metateta Automated Tool For Scanning And Exploiting Network Protocols Using Metasploit For faster pen testing for large networks What You Can Do Scanning with all metasploit modules for specific network Protocol like smb,smtp,snmp Run all Auxiliary modules against specific network Protocol Run al...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2018/03/19 1:0 p.m.111 views

GetAltName - Get Subject Alt Name From SSL Certificates

GetAltName it's a little script that can extract Subject Alt Names for SSL Certificates directly from HTTPS web sites which can provide you with DNS names or virtual servers. It's useful in a discovery phase of a pen-testing assessment, this tool can provide you with more information about your...

7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2017/10/11 2:23 p.m.14 views

Vendor BPC Silent on Patching SQL Injection in SmartVista Ecommerce Software

A popular ecommerce platform sold in 60 countries suffers from a SQL injection vulnerability privately disclosed in April that has yet to be patched by the vendor. BPC Banking Technologies of Switzerland has not acknowledged the vulnerability in its SmartVista suite of ecommerce and financial...

0.3AI score
Exploits0
Kitploit
Kitploit
added 2017/10/02 1:30 p.m.43 views

SMBMap - Samba Share Enumeration Tool

SMBMap allows users to enumerate samba share drives across an entire domain. List share drives, drive permissions, share contents, upload/download functionality, file name auto-download pattern matching, and even execute remote commands. This tool was designed with pen testing in mind, and is...

7.8AI score
Exploits0References2
ThreatPost
ThreatPost
added 2017/09/20 1:0 p.m.24 views

Deep-Learning PassGAN Tool Improves Password Guessing

Artificial intelligence and deep learning are creeping into information security, and one of the early applications of those approaches has emerged and is focused on passwords. Researchers from the Stevens Institute of Technology and the New York Institute of Technology have recently published so...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2017/09/16 2:30 p.m.30 views

OWASP ZSC - Shellcode/Obfuscate Code Generator

OWASP ZSC is an open source software in Python language which lets you generate customized shellcodes and convert scripts to an obfuscated script. This software can be run on Windows/Linux/OSX under Python. Usage of shellcodes Shellcodes are small codes in Assembly language which could be used as...

7.5AI score
Exploits0References3
Kitploit
Kitploit
added 2017/08/31 2:30 p.m.40 views

RedSnarf - A Pen-Testing / Red-Teaming Tool For Windows Environments

RedSnarf is a pen-testing / red-teaming tool by Ed Williams for retrieving hashes and credentials from Windows workstations, servers and domain controllers using OpSec Safe Techniques. RedSnarf functionality includes: Retrieval of local SAM hashes Enumeration of user/s running with elevated syste...

7.8AI score
Exploits0References3
n0where
n0where
added 2017/04/26 4:35 a.m.1903 views

Mobile Security Framework: MobSF

Mobile Security Framework is an intelligent, all-in-one open source mobile application Android/iOS automated pen-testing framework capable of performing static and dynamic analysis. We’ve been depending on multiple tools to carry out reversing, decoding, debugging, code review, and pen-test and...

7.2AI score
Exploits0References3
ThreatPost
ThreatPost
added 2017/04/07 2:22 p.m.13 views

Creating a More Altruistic Bug Bounty Program

SINT MAARTEN—David Jacoby and Frans Rosén want security researchers to become more altruistic about how they approach bug bounty programs. While programs such as those facilitated by HackerOne and BugCrowd have become ubiquitous over the last several years, the researchers said in a talk at...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2017/01/12 2:28 p.m.28 views

Acunetix Release Web Site Security Pen Testing Tools Free

HTTP editor, fuzzer and sniffer tools help pen testers identify vulnerabilities London, UK – January 2016 – Hot on the release of Acunetix Version 11, pioneering web application security software Acunetix, now delivering Manual Pen Testing Tools at no cost. Penetration testers can make use of an...

8.8AI score
Exploits0
ThreatPost
ThreatPost
added 2017/01/05 9:0 a.m.12 views

Claudio Guarnieri on Security Without Borders

Security researcher and activist Claudio Guarnieri talks to Mike Mimoso about a new project announced last week at the Chaos Communication Congress called Security Without Borders. The project aims to form a collective of researchers and security practitioners who volunteer to provide pen-testing...

1.1AI score
Exploits0References3
Rows per page
Query Builder