Red Team vs Blue Team: What’s the Difference?
Discover the key differences between Red Team and Blue Team in cybersecurity. Understand Red Team vs Blue Team: What’s the Difference and Why It Matters
Tagged: penetration testing
Become an Ethical Hacker: A Step-by-Step Beginner’s Guide
Learn How to Start a Career in Ethical Hacking – A Complete Beginner’s Guide. Discover the steps to become an ethical hacker with our comprehensive guide.
Ethical Hacking 101: Understanding the Basics
We explore ‘What Is Ethical Hacking and How Does It Work? (Beginner’s Guide)’ to help you understand the fundamentals of cybersecurity and kickstart your career in ethical hacking.
Dep-Scan – Fully Open-Source Security Audit For Project Dependencies Based On Known Vulnerabilities And Advisories. Supports Both Local Repos And Container Images. Integrates With Various CI Environments Such As Azure Pipelines, CircleCI, Google CloudBuild
dep-scan is a fully open-source security audit tool for project dependencies based on known vulnerabilities, advisories and license limitations. Both local repositories and container images are supported as input. The tool is ideal for...
Http-Desync-Guardian – Analyze HTTP Requests To Minimize Risks Of HTTP Desync Attacks (Precursor For HTTP Request Smuggling/Splitting)
Overview HTTP/1.1 went through a long evolution since 1991 to 2014: HTTP/0.9 – 1991 HTTP/1.0 – 1996 HTTP/1.1 RFC 2068 – 1997 RFC 2616 – 1999 RFC 7230 – 2014 This means there is...
goCabrito – Super Organized And Flexible Script For Sending Phishing Campaigns
Super organized and flexible script for sending phishing campaigns. Features Sends to a single email Sends to lists of emails (text) Sends to lists emails with first, last name (csv) Supports attachments Splits emails...
Inject-Assembly – Inject .NET Assemblies Into An Existing Process
This tool is an alternative to traditional fork and run execution for Cobalt Strike. The loader can be injected into any process, including the current Beacon. Long-running assemblies will continue to run and send...
reFlutter – Flutter Reverse Engineering Framework
This framework helps with Flutter apps reverse engineering using the patched version of the Flutter library which is already compiled and ready for app repacking. This library has snapshot deserialization process modified to allow...
Registry-Spy – Cross-platform Registry Browser For Raw Windows Registry Files
Registry Spy is a free, open-source cross-platform Windows Registry viewer. It is a fast, modern, and versatile explorer for raw registry files. Features include: Fast, on-the-fly parsing means no upfront overhead Open multiple hives...
TokenUniverse – An Advanced Tool For Working With Access Tokens And Windows Security Policy
Token Universe is an advanced tool that provides a wide range of possibilities to research Windows security mechanisms. It has a convenient interface for creating, viewing, and modifying access tokens, managing Local Security Authority...
Raven – Advanced Cyber Threat Map (Simplified, Customizable, Responsive)
Raven – Advanced Cyber Threat Map (Simplified, customizable and responsive. It uses D3.js with TOPO JSON, has 247 countries, ~100,000 cities, and can be used in an isolated environment without external lookups!. Live –...
Iptable_Evil – An Evil Bit Backdoor For Iptables
iptable_evil is a very specific backdoor for iptables that allows all packets with the evil bit set, no matter the firewall rules. The initial implementation is in iptable_evil.c, which adds a table to iptables...
Narthex – Modular Personalized Dictionary Generator
Narthex (Greek: Νάρθηξ, νάρθηκας) is a modular & minimal dictionary generator for Unix and Unix-like operating system written in C and Shell. It contains autonomous Unix-style programs for the creation of personalised dictionaries that...
Espoofer – An Email Spoofing Testing Tool That Aims To Bypass SPF/DKIM/DMARC And Forge DKIM Signatures
espoofer is an open-source testing tool to bypass SPF, DKIM, and DMARC authentication in email systems. It helps mail server administrators and penetration testers to check whether the target email server and client are...
AlphaGolang – IDApython Scripts For Analyzing Golang Binaries
AlphaGolang is a collection of IDAPython scripts to help malware reverse engineers master Go binaries. The idea is to break the scripts into concrete steps, thus avoiding brittle monolithic scripts, and mimicking the methodology...
Wifi-Framework – Wi-Fi Framework For Creating Proof-Of-Concepts, Automated Experiments, Test Suites, Fuzzers, And More…
We present a framework to more easily perform Wi-Fi experiments. It can be used to create fuzzers, implement new attacks, create proof-of-concepts to test for vulnerabilities, automate experiments, implement test suites, and so on....
