World cybersecurity news


Gobuster v3.0 – Directory/File, DNS And VHost Busting Tool Written In Go

Gobuster is a tool used to brute-force: URIs (directories and files) in web sites. DNS subdomains (with wildcard support). Virtual Host names on target web servers. Oh dear God.. WHY!?Because I wanted: … something that didn’t have a fat Java GUI (console FTW). … to build something that just worked on the command line. … […]


RITA – Real Intelligence Threat Analytics

RITA is an open source framework for network traffic analysis.The framework ingests Bro/Zeek Logs in TSV format, and currently supports the following major features: Beaconing Detection: Search for signs of beaconing behavior in and out of your network DNS Tunneling Detection Search for signs of DNS based covert channels Blacklist Checking: Query blacklists to search […]


Eaphammer v1.9.0 – Targeted Evil Twin Attacks Against WPA2-Enterprise Networks

by Gabriel Ryan (s0lst1c3)(gryan[at] EAPHammer is a toolkit for performing targeted evil twin attacks against WPA2-Enterprise networks. It is designed to be used in full scope wireless assessments and red team engagements. As such, focus is placed on providing an easy-to-use interface that can be leveraged to execute powerful wireless attacks with minimal manual configuration. […]


Postenum – A Clean, Nice And Easy Tool For Basic/Advanced Privilege Escalation Techniques

Postenum is a clean, nice and easy tool for basic/advanced privilege escalation vectors/techniques. Postenum tool is intended to be executed locally on a Linux box.Be more than a normal user. be the ROOT.USE ./ [option]./ -s./ -c Options : -a : All-s : Filesystem [SUID, SGID, Config/DB files, etc.]-l : Shell escape and development tools-c […]


Unicorn-Bios – Basic BIOS Emulator For Unicorn Engine

Basic BIOS emulator/debugger for Unicorn Engine.Written to debug the XEOS Operating System boot sequence.Usage: Usage: unicorn-bios [OPTIONS] BOOT_IMGOptions: –help / -h: Displays help. –memory / -m: The amount of memory to allocate for the virtual machine (in megabytes). Defaults to 64MB, minimum 2MB. –break / -b Breaks on a specific address. –break-int: Breaks on interrupt […]


uniFuzzer – A Fuzzing Tool For Closed-Source Binaries Based On Unicorn And LibFuzzer

uniFuzzer is a fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer. Currently it supports fuzzing 32-bits LSB ELF files on ARM/MIPS, which are usually seen in IoT devices.中文介绍 Features very little hack and easy to build can target any specified function or code snippet coverage-guided fuzzing with considerable speed dependence resolved and loaded […]


SMTPTester – Tool To Check Common Vulnerabilities In SMTP Servers

SMTPTester is a python3 tool to test SMTP server for 3 common vulnerabilities: Spoofing – The ability to send a mail on behalf of an internal user Relay – Using this SMTP server to send email to other address outside of the organization user enumeration – using the SMTP VRFY command to check if specific […]


Tylium – Primary Data Pipelines For Intrusion Detection, Security Analytics And Threat Hunting

These files contain configuration for producing EDR (endpoint detection and response) data in addition to standard system logs. These configurations enable the production of these data streams using F/OSS (free and / or open source tooling.) The F/OSS tools consist of Auditd for Linux; Sysmon for Windows and Xnumon for the Mac. Also included is […]

Android iOS Linux TIPS WORLD

Fsmon – Monitor Filesystem On iOS / OS X / Android / FirefoxOS / Linux

FileSystem Monitor utility that runs on Linux, Android, iOS and OSX.Brought to you by Sergi Àlvarez at Nowsecure and distributed under the MIT license.Contact: [email protected] tool retrieves file system events from a specific directory and shows them in colorful format or in JSON.It is possible to filter the events happening from a specific program name […]


Traxss – Automated XSS Vulnerability Scanner

Automated Vulnerability Scanner for XSS | Written in Python3 | Utilizes Selenium Headless Traxss is an automated framework to scan URLs and webpages for XSS Vulnerabilities. It includes over 575 Payloads to test with and multiple options for robustness of tests. View the gif above to see a preview of the fastest type of scan.Getting […]