UPDATE: Empire v3.4.0

Empire v3.4.0 was released a couple of days ago! I briefly mentioned about this tool in my old post titled - List of Open Source C2 Post-Exploitation Frameworks. This new version brings support for Malleable C2 listeners and reflective file loading among other bug fixes. What is Empire? Empire 3....

UPDATE: Merlin v0.9.0

Merlin v0.9.0 was released a couple of days ago. This release adds support for HTTP and h2c protocols. As we know, the h2c protocol is the non-TLS version of HTTP/2. This release also adds new "Listeners" menu to create and manage multiple listeners. You can now configure agent/listeners to liste...

UPDATE: Kali Linux 2020.3 Release

Kali Linux 2020.3 was released a couple of days ago and this post makes an attempt at understanding the changes in this release. Briefly, the latest version of Kali Linux includes the release Win-Kex, better HiDPI support, standard tool and kernel updates. These are the list of changes since Kali...

UPDATE: FudgeC2 0.5.7

FudgeC2 0.5.7 was released in June and this post documents the changes made to it. As you may remember, this awesome adversary emulation system was listed in my older post titled - List of Open Source C2 Post-Exploitation Frameworks. The new version brings system SMTP support, operations security...

UPDATE: PoshC2 v6.0

PoshC2 v6.0 was released a couple of months ago which includes a number of significant and exciting features. Additionally it contains a lot of bug fixes and small improvements as well! What is PoshC2? PoshC2 is a proxy aware C2 framework in Python3, used to aid penetration testers with red...

UPDATE: Covenant v0.6

Covenant v0.6, a major update was released a couple of days ago. My last post about this open source, collaborative .NET C2 framework for red teamers was about Covenant v0.5. It includes a set of new features such as streaming output, newer UI themes, a tabbed terminal view and lots of bug fixes...

UPDATE: Infection Monkey 1.9.0

Infection Monkey 1.9.0, the open source breach and attack simulation tool was released a few hours ago - just in time for BlackHat/DefCon 2020. My first post about this tool can be found in a post titled the List of Adversary Emulation Tools. Updates include an expanded list of MITRE ATT&CK...

List of Open Source Deepfake Detection Tools

After I posted about Deepstar a couple of days ago, I wanted to know if there are more any more open source out there. What I found was that most of these tools are written in Python and some even help you "create" them. I also stumbled across some tools that help you detect fake news. This post ...

UPDATE: Empire 3.2.3

Empire 3.2.3 was released a couple of days ago! If you remember, I briefly mentioned about this tool in my five month old post titled - List of Open Source C2 Post-Exploitation Frameworks. This version adds MITRE ATT&CK technique tagging among other new features. What is Empire? Empire 3.0 is an...

UPDATE: Infection Monkey 1.8.2

Infection Monkey 1.8.2, the open source breach and attack simulation tool was released a yesterday. My first post about this tool can be found in a post titled the List of Adversary Emulation Tools. To keep it simple from the last update, this is a small maintenance release. It includes some bug...

UPDATE: Covenant v0.5

Covenant v0.5, a major update was released a few hours ago. My last post about this open source, collaborative .NET C2 framework for red teamers was about Covenant v0.4. This is a major update and includes a brand new .NET Core cross-platform implant “Brute” that can be run on Windows, Linux, or...

Deepstar: An Open Source Deepfake Detection Toolkit

Deepfake as a technology has been recently since June 2016 seen in the wild and has caused concern with a lot of people. A recently released tool – Deepstar is now here to help you detect deepfake videos. Where does this come into picture from a security point of view? According to me, it directl...

UPDATE: Ostinato 1.0

Ostinato 1.0 was released a while ago. I covered this open source tool some time ago in a post titled – Ostinato: The Network Traffic Generator and Analyzer! A lot has changed such as the code has now been ported to Qt5 with an improved UI for variable fields widget. What is Ostinato? Ostinato is...

UPDATE: Empire v3.2.2

Empire v3.2.2 was released a couple of days ago! If you remember, I briefly mentioned about this tool in my five month old post titled – List of Open Source C2 Post-Exploitation Frameworks. This version adds a newer Mimikatz version with a new API endpoint. What is Empire? Empire 3.0 is an open...

UPDATE: Infection Monkey 1.8.0

Infection Monkey 1.8.0 was released a while ago. My first post about this tool can be found in a post titled the List of Adversary Emulation Tools. This is a big, exciting release, which enhances the Monkey’s capabilities. The Monkey now maps its actions to the MITRE ATT knowledge base and as...

UPDATE: Kali Linux 2020.2 Release

Kali Linux 2020.2 is now available. This is the second release right on time and the last release was Kali Linux 2020.1. This release improves Kali Linux support on the ARM platform. Visually, there are new key packages, icons and KDE Plasma has had a makeover. A short summary is posted in the...

UPDATE: Empire 3.1.4

Empire 3.1.4 was released a couple of days ago! If you remember, I briefly mentioned about this tool in my five month old post titled – List of Open Source C2 Post-Exploitation Frameworks. This version adds evasive methods to the HTTP payloads along with with a few fixes. What is Empire? Empire 3...

UPDATE: Octopus v1.0

Octopus v1.0 is now available. A brief mention about this tool can be found in my previous post titled List of Open Source C2 Post-Exploitation Frameworks. This is the first stable version of Octopus C2 which now supports Cobalt Strike deployment, auto kill functionality, command logging, bug fix...

UPDATE: MITRE CALDERA 2.6.5

MITRE CALDERA 2.6.5 is now available! My last post about CALDERA from MITRE was about MITRE CALDERA 2.5.1 and as you remember, this awesome adversary emulation system was listed in my older post titled – List of Adversary Emulation Tools. This release includes a new plugin – Training. It has been...

UPDATE: Tsurugi Linux 2020.1

Tsurugi Linux 2020.1 has now been released. I briefly mentioned it in my older post titled List of Operating Systems for OSINT and my last post was about Tsurugi Linux 2019.2. This post discusses the updates made to the latest version of Tsurugi Linux such as bug fixes, updates and addition of ne...

UPDATE: FudgeC2 0.5.5

FudgeC2 0.5.5 was released recently. As you may remember, this awesome adversary emulation system was listed in my older post titled – List of Open Source C2 Post-Exploitation Frameworks and FudgeC2 0.5.4. This newer version allows you to screenshot the desktop of any hosts with an implant. What ...

Tentacle: A Vulnerability & Exploitation Test Framework

Yesterday, I was searching for a PoC of a Spring Cloud Config vulnerability. The first result that Google returned was for a cool vulnerability and exploit testing framework – Tentacle. Cherry on the top was that this is open source and has been coded in Python3! This post is an attempt at listin...

UPDATE: APfell 1.4

APfell 1.4 was released a few hours ago! If you remember, I briefly mentioned about this tool in my seven month old post titled – List of Open Source C2 Post-Exploitation Frameworks. When this project started out, it was targeted more at MacOS alone. But what excites me about this newer release i...

UPDATE: Empire 3.1.0

Empire 3.1.0 was released a few hours ago! If you remember, I briefly mentioned about this tool in my five month old post titled – List of Open Source C2 Post-Exploitation Frameworks. It’s a very good thing that, BC-Security has taken over the development of the tool and has made some awesome...

UPDATE: Electronegativity v1.4.0

Electronegativity v1.4.0 was released some time ago. My first post about this open source Electron Security tool was titled – Electronegativity: An Open Source Electron Security Auditor which contains several bug fixes and a new feature. What is Electronegativity? Electronegativity is an open...

UPDATE: Prowler 2.2.0

Prowler 2.2.0 was released a couple of days ago. A lot has changed my last post about this AWS CIS Benchmark tool. This new incorporates more than 130 checks, many cool new features such as support for FreeBSD, lots of improvements and fixes in documentation and code! What is Prowler? Prowler is ...

UPDATE: FudgeC2 0.5.4

FudgeC2 0.5.4 was released recently. As you may remember, this awesome adversary emulation system was listed in my older post titled – List of Open Source C2 Post-Exploitation Frameworks. This newer version brings in refactored code, improvements to the stager, bug fixes among other changes...

UPDATE: Tsurugi Linux 2019.2

Tsurugi Linux 2019.2 has now been released. I briefly mentioned it in my older post titled List of Operating Systems for OSINT. This post discusses the updates made to the latest version of Tsurugi Linux such as bug fixes, updates and addition of new tools. What is Tsurugi Linux? Tsurugi Linux,...

UPDATE: Kali Linux 2020.1 Release

Kali Linux 2020.1 is now available. The last release was Kali Linux 2019.4. The first release of this year and this new decade was released a few hours ago. This release introduces / non-root credentials by default, along with a Kali single installer image and the introduction of a Kali NetHunter...

UPDATE: MITRE CALDERA 2.5.1

MITRE CALDERA 2.5.1 is now available since the last release – MITRE CALDERA 2.5.0, which was released a couple of days ago. As you remember, this awesome adversary emulation system was listed in my older post titled – List of Adversary Emulation Tools. Among major changes, what I like is that now...

UPDATE: OWASP Dependency-Check 5.3.0

My first post about this open source OWASP project was about an older version. A while ago, a new version - OWASP Dependency-Check 5.3.0 was released. This post discusses the changes made to the open source software composition analysis utility in the latest release that includes a lot of bug fix...

UPDATE: MITRE CALDERA 2.5.0

MITRE CALDERA 2.5.0 is now available since the last release - MITRE CALDERA 2.4.0, which was released in the month of December. As you remember, this awesome adversary emulation system was listed in my older post titled – List of Adversary Emulation Tools. What is MITRE CALDERA? CALDERA is an...

UPDATE: PoshC2 v5.2

Back in November 2019, PoshC2 v5.0 was released and now, a couple of days ago PoshC2 v5.2 was released as well. This release has significant refactoring changes to make this open source post-exploitation C2 framework more intuitive to use and contribute to. The guys at Nettitude labs have taken...

UPDATE: Infection Monkey 1.7.0

Infection Monkey 1.7.0 was released a while ago. My first post about this tool can be found in a post titled the List of Adversary Emulation Tools. This is a big, exciting release, with a ton of new features and improvements and as always, this post will list down the changes for this version. Wh...

UPDATE: Empire 3.0.1

Empire 3.0.1 release was a real surprise for me as about a week ago Empire 3.0 was released. I hadn't gotten around to test it all and then we have a new release already! If you remember, I briefly mentioned about this tool in my five month old post titled - List of Open Source C2 Post-Exploitati...

UPDATE: MITRE CALDERA 2.4.0

MITRE CALDERA 2.4.0 is now available! It has been just four months since the release of MITRE CALDERA 2.3.0. As you remember, this awesome adversary emulation system was listed in my older post titled – List of Adversary Emulation Tools. This release has a lot of new feature, breaking and...

UPDATE: Sysdig Falco v0.18.0

Sysdig Falco v0.18.0 was released a while ago which I detected when I was using this tool and hence this blog. It has been some time since I last blogged about this open source behavorial activity monitor which has container support and a lot has changed in this version as well. What is Sysdig...

UPDATE: TrevorC2 version 1.3

TrevorC2 version 1.3 was just released yesterday! I briefly mentioned about TrevorC2 in my older post titled as the List of Open Source C2 Post-Exploitation Frameworks. Infact, there have been two updates which I missed blogging about and hence, this post will cover those changes as well. What is...

UPDATE: Kali Linux 2019.4 Release

Kali Linux 2019.4 is now available in the last quarter of this year and what an update this is! This is the fourth 2019 release, which comes after Kali Linux 2019.3. It comes packed with a new theme, improved desktop environment, a new Kali Undercover mode, full Kali desktop on NetHunter, and mor...

UPDATE: Tsurugi Linux 2019.1

Tsurugi Linux 2019.1 has now been released. I briefly mentioned it in my older post titled List of Operating Systems for OSINT. This post discusses the updates made to the latest version of Tsurugi Linux, that was released at BlackHat USA. This release includes a lot of bug fixes, updates, additi...

UPDATE: PoshC2 v5.0

A couple of days ago, PoshC2 v5.0 was released to the public. I briefly mentioned PoshC2 in my post titled – List of Open Source C2 Post-Exploitation Frameworks. Significant changes and improvements have been made to this version, most notably - PoshC2 has been completely rewritten in Python3. Wh...

UPDATE: Covenant v0.4

Yesterday, Covenant v0.4 was released. My last about Covenant was titled Covenant v0.3.2. Majorly, this version provides options that allow developers to integrate custom C2 communication protocols into an operation within Covenant. This version really makes the development of new listeners is mu...

UPDATE: AutoSploit 4.0

PenTestIT RSS Feed AutoSploit 4.0 was released a month ago. I wrote about AutoSploit in a post titled AutoSploit = Shodan/Censys/Zoomeye + Metasploit and it’s subsequent update to AutoSploit 3.0. This version primarily adds support for running nmap scans within the same terminal. What is...

UPDATE: FactionC2 2019-10-20

PenTestIT RSS Feed FactionC2 2019-10-20 was released a couple of days ago by the author. This C2 framework was briefly mentioned in my previous post titled List of Open Source C2 Post-Exploitation Frameworks. This release most importantly contains upgrades to .Net Core 3 version among additional...

UPDATE: Covenant v0.3.2

PenTestIT RSS Feed A few weeks ago an update – Covenant v0.3.2 was released. There was a brief mention about Covenant in my post titled – List of Open Source C2 Post-Exploitation Frameworks. This updated version includes new persistence modules - PersistWMI, PersistAutorun, PersistStartup, a...

UPDATE: Kali Linux 2019.3 Release

PenTestIT RSS Feed Kali Linux 2019.3, the latest and the greatest Kali Linux release is now officially available! This is the third 2019 release, which comes after Kali Linux 2019.2. This release includes the normal bugs fixes, updates the kernel to version 5.2.9, and includes various new feature...

UPDATE: Merlin v0.8.0

PenTestIT RSS Feed A week ago an update - Merlin v0.8.0 was released. There was a brief mention about Merlin in my post titled - List of Open Source C2 Post-Exploitation Frameworks. This new version includes several new features to increase Operations Security OPSEC and usability. One of the more...

UPDATE: MITRE CALDERA 2.3.0

PenTestIT RSS Feed A month ago, MITRE Caldera 2.2.0 was released and a couple of days back now MITRE CALDERA 2.3.0 was released as well. If you remember, I wrote briefly about this automated adversary emulation system in my post titled – List of Adversary Emulation Tools. A lot of changes have be...

UPDATE: Infection Monkey 1.6.3

PenTestIT RSS Feed Some days ago, Infection Monkey 1.6.3 was released. The first post about this tool can be found in a post titled the List of Adversary Emulation Tools. This is a small bugfix release, mostly around integration and packaging. It contains two user facing changes as well. What is...

UPDATE: FOCA v3.4.6.0

PenTestIT RSS Feed My last post about this Fingerprinting & Organisation with Collected Archives was almost two year ago. I also mentioned that this tool was open sourced. Now, FOCA v3.4.6.0 has been released! I missed a lot of the older updates to this tool. What is FOCA? FOCA stands for...