GHSA-GR79-9V6V-GC9R Dex discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers

Summary Dex 2.37.0 is serving HTTPS with insecure TLS 1.0 and TLS 1.1. Details While working on https://github.com/dexidp/dex/issues/2848 and implementing configurable TLS support, I noticed my changes did not have any effect in TLS config, so I started investigating...

Dex discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers

Summary Dex 2.37.0 is serving HTTPS with insecure TLS 1.0 and TLS 1.1. Details While working on https://github.com/dexidp/dex/issues/2848 and implementing configurable TLS support, I noticed my changes did not have any effect in TLS config, so I started investigating...

Rekono - Execute Full Pentesting Processes Combining Multiple Hacking Tools Automatically

Rekono combines other hacking tools and its results to execute complete pentesting processes against a target in an automated way. The findings obtained during the executions will be sent to the user via email or Telegram notifications and also can be imported in Defect-Dojo if an advanced...

Seccubus - Easy Automated Vulnerability Scanning, Reporting And Analysis

Seccubus automates regular vulnerability scans with various tools and aids security people in the fast analysis of its output, both on the first scan and on repeated scans. On repeated scan delta reporting ensures that findings only need to be judged when they first appear in the scan results or...

RapidScan - The Multi-Tool Web Vulnerability Scanner

Evolution: It is quite a fuss for a pentester to perform binge-tool-scanning running security scanning tools one after the other sans automation. Unless you are a pro at automating stuff, it is a herculean task to perform binge-scan for each and every engagement. The ultimate goal of this program...

Cat-Nip - Automated Basic Pentest Tool (Designed For Kali Linux)

Cat-Nip Automated BasicPentest Tool this tool will make your basic pentesting task like Information Gathering, Auditing, And Reporting so this tool will do every task fully automatic. Usage Guide Download / Clone Cat-Nip git clone https://github.com/baguswiratmaadi/catnip Go Inside Cat-Nip Dir cd...

Faraday v3.6 - Collaborative Penetration Test and Vulnerability Management Platform

Here are the main new features and improvements in Faraday v3.6: WelcomeService Now A new way to send vulnerabilities is available! We integrated Faraday with Service Now, giving you more options to work with. Burp plugin was totally revamped We have been working hard to make several changes to...

SSLyze - Fast And Full-Featured SSL Scanner

SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL servers. Key features include: Multi-processed and multi-threaded...

Fast and Full Featured SSL Scanner: SSLyze

SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL servers. SSLyze is all Python code but it uses an OpenSSL wrapper...

BackTrack 5 R2 Released, New Kernel, New Tools

BackTrack 5 R2 Released, New Kernel, New Tools Hacker are your Ready ? Backtrack 5 R2 finally released with bug fixes, upgrades, and the addition of 42 new tools. With the best custom-built 3.2.6 kernel, the best wireless support available at maximum speed. This release have included Metasploit...