HackDig : Dig high-quality web security articles

Google launches Open Source Vulnerabilities (OSV) database

Google announced the launch of OSV (Open Source Vulnerabilities), a vulnerability database and triage infrastructure for open source projects. Google last week announced the OSV (Open Source Vulnerabilities), a vulnerability database and triage infrastructure for open source projects. The database aims at helping both open source maintainers and consum
Publish At:2021-02-08 17:25 | Read:747 | Comments:0 | Tags:Breaking News Security Google Google Open Source Vulnerabili

Is E2EMail a new beginning or the end for Google’s End-to-End?

Google’s end-to-end email encryption project that it started back in 2014 has left home. But has the Chrome extension really “flown the nest” as Google claimed last week? Or has it simply been abandoned and left to fend for itself?Turn back the clocks to 2013. Google promises end-to-end encryption in an effort to regai
Publish At:2017-03-01 22:10 | Read:5259 | Comments:0 | Tags:Google Google Chrome Privacy email encryption open-source

ModSecurity – Open Source Web Application Firewall

ModSecurity is an open source web application firewall (WAF) module that is cross platform capable. Known as the “Swiss Army Knife” of WAFs, it enables web application defenders to gain visibility into HTTP(S) traffic and provides a power rules language and API to implement advanced protections.ModSecurity is a toolkit for real-time web applicati
Publish At:2015-11-14 02:25 | Read:4370 | Comments:0 | Tags:Countermeasures Security Software mod security modsecurity o

Metasploit Framework Open Source Installers

Rapid7 has long supplied universal Metasploit installers for Linux and Windows. These installers contain both the open source Metasploit Framework as well as commercial extensions, which include a graphical user interface, metamodules, wizards, social engineering tools and integration with other Rapid7 tools. While these features are very useful, we recogniz
Publish At:2015-10-06 21:05 | Read:4976 | Comments:0 | Tags:windows linux osx open-source metasploit_installation

PortEx- Java Library for Static Analysis of PE File

PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. some of the features are:Reading header information from: MSDOS Header, COFF File Header, Optional Header, Section TableReading standard
Publish At:2015-02-01 20:35 | Read:4516 | Comments:0 | Tags:Open-Source Tools Malware Analyses Malware Research open sou

Cartero- E-Mail phishing framework

Cartero is a tool that you can use to create and send phishing emails with the command line interface, the framework include several modules and allow user to create their own module as well. the framework include the following features:Cloner this allow to clone the website that you will use in the phishing attackMailer this module will send emails to the
Publish At:2015-01-25 19:30 | Read:4210 | Comments:0 | Tags:Open-Source Social engineering Tools Cartero open source Too

malwaRE- Malware repository framework

Malware exist with different behavior and many security research teams install distributed honeypots to detect new malwares. the honeypots will emulate vulnerable services that attract malwares and  they help to catch new binaries. if you are in the malware research field you can take a look at malwaRE project.malwaRE is a malware repository that helps rese
Publish At:2015-01-24 14:10 | Read:6569 | Comments:0 | Tags:Open-Source Tools Malware Malware Analyses Malware repositor

12 Days of HaXmas: Metasploit, Nexpose, Sonar, and Recog

This post is the tenth in a series, 12 Days of HaXmas, where we take a look at some of more notable advancements and events in the Metasploit Framework over the course of 2014.The Metasploit Framework uses operating system and service fingerprints for automatic target selection and asset identification. This blog post describes a major overhaul of the finger
Publish At:2015-01-04 03:50 | Read:6652 | Comments:0 | Tags:recog fingerprints sonar metasploit nexpose open open-source

12 Days of HaXmas: Metasploit Yearly Wrapup

This post is the seventh in a series, 12 Days of HaXmas, where we take a look at some of more notable advancements and events in the Metasploit Framework over the course of 2014.Since today happens to be the last day of the year, let's take a moment to reflect on another year of amazing Metasploit exploit development, and see what we've all been up to over t
Publish At:2015-01-01 04:30 | Read:5500 | Comments:0 | Tags:haxmas weekly-wrapup open-source

PuttyRider- Tool to hijack putty sessions

Putty is a very useful tool for running secure shell and remote administration on servers. If you are looking to make a pentest against putty sessions you can use PuttyRider. this is an open source tool that will inject and hook putty execuable to log sensitive information including:Sniff all conversation between admin and servers including passwordsInject
Publish At:2014-12-22 03:05 | Read:4096 | Comments:0 | Tags:Open-Source Pentesting Tools open source penetration testing

nogotofail- Blackbox network traffic security testing tool

Nogotofail is an automated tool that you can use for testing network security on any device. this to allow finding security vulnerabilities , to verify fixes and monitor regression and understand the application traffic generated by the network device.The tool is written by Android engineers Chad Brubaker, Alex Klyubin and Geremy Condra, that works on Andro
Publish At:2014-11-22 20:40 | Read:5053 | Comments:0 | Tags:Open-Source Tools nogotofail open source SSL TLS/SSL Tool

Pam_steal Plugin – Pam password logger

PAM (Pluggable Authentication Modules) is a set of shared libraries that enable the integration of a variety of low-level authentication methods in a single high-level API. This allows you to provide a uniform mechanism for managing, integrating applications in the authentication process. it is also one part of the standard security mechanism in UNIX-system
Publish At:2014-11-16 16:10 | Read:4705 | Comments:0 | Tags:Open-Source Tools PAM Pam_steal Plugin Password logger

Heybe – Penetration Testing Automation Toolkit

Heybe is Penetration Testing Automation Kit. It consists of modules that can be used to fully automate pen-tests and make them mode effective. With Heybe you can 0wn all systems in a target company in matter of minutes.Heybe modules:Fener: fast network discovery tool optimized for speed. Fener leverages several networking tools to discover all hosts within
Publish At:2014-11-09 08:40 | Read:4255 | Comments:0 | Tags:Open-Source Tools Heybe penetration testing Tool

Dependency-Check – Utility to detect publicly disclosed vulnerabilities in project dependencies

Any new application should be reviewed and verified against security issues. some application use third parties or libraries and this will take some time to manually review the source code and review online information. Dependency-Check is a tool that you can use for automating the verification of all components you use with your application.Dependency-Chec
Publish At:2014-11-05 10:10 | Read:6391 | Comments:0 | Tags:Open-Source Tools Dependency-Check SDLC Secure SDLC Vulnerab

tinfoleak- Tool to provide detailed information about a Twitter user activity

Today major companies and people are using social media to promote their products and have more exposure to what activities they are performing. this will help in communicating ideas and information but at the same time it may harm users privacy and their virtual life.If you are looking to conduct information gathering for users on Twitter you can check tin
Publish At:2014-11-04 20:40 | Read:4437 | Comments:0 | Tags:Open-Source Tools open source Privacy Social Media tinfoleak

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud