Learn Python Online — From Scratch to Penetration Testing

When we started our brand new THN Deals Store last week on the special occasion of company's 6th Anniversary, we introduced its very first product, Professional Hacking Certification Package, and received great response from our readers. Thank you! If you have not yet, you can still get this deal...

Sniffles - Packet Capture Generator for IDS and Regular Expression Evaluation

Sniffles is a tool for creating packet captures that will test IDS that use fixed patterns or regular expressions for detecting suspicious behavior. Sniffles works very simply. It takes a set of regular expressions or rules and randomly chooses one regular expression or rule. It then generates...

Lynis 2.4.0 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

Google Explorer - Google Mass Explorer

+Google Mass Explorer This is a automated robot for google search engine. Make a google search, and parse the results for a especific exploit you define. The options can be listed with --help parameter. Intro: This project is a main project that i will keep upgrading when new exploits are...

AutoBrowser 4.0 - AutoBrowser Screenshot of HTTP/s Based Ports

AutoBrowser is a tool written in python for penetration testers. The purpose of this tool is to create reportJson file and screenshots of http/s based ports on the network. you can choose between analyze Nmap reportXML file -oX or scan with Nmap, then the tool automaticly Check the results with...

DracOS - Lightweight and Powerful Penetration Testing OS

Dracos Linux www.dracos-linux.org is the Linux operating system from Indonesian , open source is built based on the Linux From Scratch under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testin...

Novell NetIQ Sentinel CVE-2016-1000031 Remote Code Execution Vulnerability

Description Novell NetIQ Sentinel is prone to a security vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Novell NetIQ Sentinel version 7.4x are vulnerable. Technologies Affected Apache Commons FileUpload 1.0...

yawast - The YAWAST Antecedent Web Application Security Toolkit

YAWAST is an application meant to simplify initial analysis and information gathering for penetration testers and security auditors. It performs basic checks in these categories: TLS/SSL - Versions and cipher suites supported; common issues. Information Disclosure - Checks for common information...

DSA-3692-1 freeimage - security update

Bulletin has no description...

Known Issues or Configuration Reasons: OpenGL/DirectX/GPU Acceleration Not Used

Browsers are often an integral part of the operating system and are aware that they are virtualized. As such we would recommend finding those issues within a browser and also test with a standalone benchmark application to verify if it is a configuration issue with GPU/OpenGL usage in general or...

For a certain APP vulnerability discovery(capture+reverse=dig to the maximum vulnerability)-vulnerability warning-the black bar safety net

! Author: think twice journey Royalties：300RMB（not taking you to the contributor!） Submission methods: send an email to linwei3 6 0. cn, or visit the web version of the online submission Written on the front I learn penetration testing, mainly Web direction in a few months, and now was just getti...

For a certain APP vulnerability discovery(capture+reverse=dig to the maximum vulnerability)-vulnerability warning-the black bar safety net

Written on the front I learn penetration testing, mainly Web direction in a few months, and now was just getting started. Recall that learning vulnerability discovery process, in addition to watching some of the classic books, the most want to see is a large cattle were dug vulnerability of the...

CERT Basic Fuzzing Framework: BFF

CERT Basic Fuzzing Framework The CERT Basic Fuzzing Framework BFF is a software testing tool that finds defects in applications that run on the Linux and Mac OS X platforms. BFF performs mutational fuzzing on software that consumes file input. Mutational fuzzing is the act of taking well-formed...

sudo-snooper - Python script to fool sudo users

sudo-snooper acts like the original sudo binary to fool users into entering their passwords. It will show a fake prompt just like the original to the user to enter their sudo password. This can be useful in penetration tests or security evaluations for testing user knowledge. Installation steps...

You believe that there is no vulnerability in the code? Americans are Research-vulnerability warning-the black bar safety net

Internet of everything era, in addition to People's lives provides a convenient, also brought many security risks, more and more devices more vulnerable to hacking attacks. There is no possibility of the birth of a cannot is the invasion code? DARPA-the US Defense Advanced Research Projects Agenc...

Cisco Email Security Appliance Internal Testing Interface RCE

According to its self-reported version, the Cisco AsyncOS running on the remote Cisco Email Security ESA appliance is affected by a remote code execution vulnerability due to the presence of an internal testing and debugging interface that was not intended to be shipped on customer-available...

[SECURITY] [DSA 3683-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3683-1 [email protected] https://www.debian.org/security/ Michael Gilbert October 02, 2016 https://www.debian.org/security/faq -...

DSA-3683-1 chromium-browser - security update

Bulletin has no description...

Lynis 2.3.4 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

Apache MyFaces Trinidad CVE-2016-5019 Remote Code Execution Vulnerability

Description Apache MyFaces Trinidad is prone to a security vulnerability. Successfully exploiting this issue allows attackers to obtain sensitive information or execute arbitrary code in the context of the affected application. Apache MyFaces Trinidad 1.2.14-core , 1.0.13-core , 2.0.1-core and...