82 matches found
Giving Red-Teamers the Blues
Pen-testing engagements are generally a breeze for most red-teamers; roadblocks are few, despite the ones in place being expensive and often paid for by very large companies. Chris Nickerson has been running such engagements for 15 years and he sees companies that throw more money and more server...
Carbanak 2.0, Metel, GCMAN Borrow from APT Attacks
TENERIFE, Spain— Many bank robbers long ago dropped the stick-up man persona in favor of a keyboard and a reliable password-stealing Trojan. Banking malware, however, may soon not be good enough for the bad guys. More and more are copycatting the techniques deployed by advanced hackers to steal...
Email Reconnaissance Tool: SimplyEmail
This tool was based off the work of theHarvester and kind of a port of the functionality. This was just an expansion of what was used to build theHarvester and will incorporate his work but allow users to easily build Modules for the Framework. Current Platforms Supported: Kali Linux 2.0 A few...
MobSF (Mobile Security Framework) - Mobile (Android/iOS) Automated Pen-Testing Framework
Mobile Security Framework MobSF is an intelligent, all-in-one open source mobile application Android/iOS automated pen-testing framework capable of performing static and dynamic analysis. We've been depending on multiple tools to carry out reversing, decoding, debugging, code review, and pen-test...
Weevely3 - Weaponized Web Shell
Weevely is a command line web shell dynamically extended over the network at runtime designed for remote administration and pen testing. It provides a weaponized telnet-like console through a PHP script running on the target, even in restricted environments. The low footprint agent and over 30...
Stealthy PHP Web Shell Backdoor: Weevely
Stealthy PHP Web Shell Backdoor Weevely is a command line web shell dinamically extended over the network at runtime used for administration and pen testing of remote web accesses. It provides a weaponized telnet-like console through a PHP script running on the target, even in restricted...
Samurai Web Testing Framework 3.0 - LiveCD Web Pen-testing Environment
The Samurai project team is happy to announce the release of a development version of the Samurai Web Testing Framework. This release is currently a fully functional linux environment that has a number of the tools pre-installed. Our hope is that people who are interested in making this the best...
OWASP OWTF – Offensive (Web) Testing Framework
The purpose of this tool is to automate the manual, uncreative part of pen testing: For example, spending time trying to remember how to call "tool X", parsing results of "tool X" manually to feed "tool Y", etc. By reducing this burden I hope pen testers will have more time to: See the big pictur...
LinkedIn Intro Service to Shut Down March 7
LinkedIn announced on Friday it was shuttering its four-month-old Intro service which stirred up a privacy meltdown shortly after its release in October. Intro was an integrated service for iOS which sat as a proxy between the built-in iOS mail client and the user’s email provider. Intro would...
[Sandcat Browser 4.4] The fastest web browser combined with the fastest scripting language packed with features for pen-testers
Sandcat Browser is the fastest web browser combined with the fastest scripting language packed with features for pen-testers. Sandcat Browser is a freeware portable pen-test oriented multi-tabbed web browser with extensions support developed by the Syhunt team. The Sandcat Browser is built on top...
[aidSQL] PHP Application For SQL Injection Detection & Exploitation
aidSQL a PHP application provided for detecting security holes in your website/s. It’s a modular application, meaning that you can develop your very own plugins for SQL injection detection & exploitation. The tool provides pen-testing capabilities for MS-SQL 2000, MySQL 5 and the author promises ...
New Mozilla Plug-N-Hack Tool Integrates Browsers and Security Tools
The Mozilla security team is developing a new proposed standard that will make it easier for researchers to integrate some of their tools with Firefox and other browsers. The standard, known as Plug-n-Hack, is an open project that Mozilla hopes will be adopted by researchers and tool makers. A lo...
[Samurai Web Testing Framework v2.1] Live linux environment that has been pre-configured to function as a web pen-testing environment
The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool...
Download Kali Linux, from the creators of BackTrack
Great news for Hackers and Backtrack Linux fans! The most awaited penetration testing Linux distribution has been released called 'Kali Linux' or 'Backrack 6', from the creators of BackTrack itself. From last 7 years we have seen five awesome versions of Backtrack Linux. But this time to achieve...
[RemoteDLLInjector] Command-line Tool to Inject DLL into Remote Process
Remote DLL Injector is the free command-line tool to Inject DLL into remote process. Currently it supports DLL injection using the CreateRemoteThread technique. If you are looking for advanced and more user friendly GUI version then check out our popular RemoteDll tool. Being a command-line tool...
UbnHD2 : Ubuntu based Pentesting OS for Mobiles
Most of the crazy readers always demand for some solution to turn their Android Smartphone into a Hacking Machine. There are various solutions, like installing some penetration testing android based tools like ANTI, dSploit, FaceNiff etc and also Installing ARM version of Backtrack OS. Today I...
Portable Multi-boot Security Suite: Katana
Katana is a portable multi-boot security suite which brings together many of today’s best security distributions and portable applications to run off a single Flash Drive. It includes distributions which focus on Pen-Testing, Auditing, Forensics, System Recovery, Network Analysis, and Malware...
Mutillidae 2.1.17 : Born to be Hacked
Mutillidae 2.1.17 : Born to be Hacked A few days ago an update "Mutillidae" version 2.1.17 was released. Mutillidae is a free, open source web application provided to allow security enthusiest to pen-test and hack a web application. Mutillidae can be installed on Linux, Windows XP, and Windows 7...
Fox Sitcom Will Depict Pen Testing Firm
Hollywood is taking another crack at hacker culture – this time with a decidedly contemporary twist: a sitcom that will depict the zany doings of a group of security geeks who work as corporate penetration testers. The new show, breakingin, is scheduled to debut on April 6 and will star Christian...
Social Engineering Attacks Prove Failure of User Education
BOSTON — A prominent security consultant is urging a rethink of the way businesses handle user education and awareness, warning that the way attackers have latched on to social engineering techniques makes it difficult to cope with hacker attacks. During a presentation at the SOURCE conference...