Collaborate Disseminate
The ETOpen Ruleset is an excellent anti-malware IDS/IPS ruleset that enables users with cost constraints to significantly enhance their existing network-based malware detection. The ETOpen Ruleset is not a full coverage ruleset, and may not be sufficie… Continue reading Emerging Threats ETOpen – Anti-malware IDS/IPS Ruleset
Bearded is an open source Security Automation platform. The platform allows Development, QA, and Security team members to perform automated web security scans with a set of tools, and re-execute those scans as needed. All tools can be executed in the c… Continue reading Bearded – Security Automation Platform
In the world of web application security systems, there exists a myriad of systems to protect public-facing services in any number of ways. They come packed with all the elements necessary to play an action-packed round of buzzword bingo, but they often overlap in some ways that may make them sometimes seem similar. After the second […]
The…
Read the full post at darknet.org.uk
Continue reading An Introduction To Web Application Security Systems
IGHASHGPU is an efficient and comprehensive command line GPU based hash cracking program that enables you to retrieve SHA1, MD5 and MD4 hashes by utilising ATI and nVidia GPUs. It even works with salted hashes making it useful for MS-SQL, Oracle 11g, NTLM passwords and others than use salts. IGHASHGPU is meant to function with […]
The post…
Read the full post at darknet.org.uk
Continue reading IGHASHGPU – GPU Based Hash Cracking – SHA1, MD5 & MD4
PowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell “easier”. PowerOPS is an application written in C# that does not rely on powershell.exe but runs PowerShell commands and functions within a powershell runspace environment (.NET). It intends to include multiple offensive PowerShell modules to…
Read the full post at darknet.org.uk
Continue reading PowerOPS – PowerShell Runspace Portable Post Exploitation Tool
Right now there’s a ton of people talking about the NSA Hack, the severity, the repercussions and the value of what has been leaked. It seems the 0-day exploits in the cache of stolen aren’t super recent ones, as it appears they are from 2013. But even so, some of them haven’t been patched as […]
The post Shadow Brokers NSA Hack Leaks 0-day…
Read the full post at darknet.org.uk
Continue reading Shadow Brokers NSA Hack Leaks 0-day Vulnerabilities
UFONet is an open redirect DDoS tool designed to launch attacks against a target, using insecure redirects in third party web applications, like a botnet. Obviously, only for testing purposes. The tool abuses OSI Layer 7-HTTP to create/manage ‘zombies’ and to conduct different attacks using; GET/POST, multi-threading, proxies, origin spoofing…
Read the full post at darknet.org.uk
Pompem is an open source exploit & vulnerability finder tool, designed to automate the search for Exploits and Vulnerability in the most important databases. Developed in Python, has a system of advanced search, that help the work of pen-testers and ethical hackers. In the current version, it performs searches in PacketStorm security,…
Read the full post at darknet.org.uk
It seems this year bug bounties are getting really serious, especially on the secondary market involving exploit trading firms, not direct to the software producer or owner. $500,000 isn’t chump change and would be a good year for a small security team, especially living somewhere with a weaker currency. Even for a solo security researcher…
Read the full post at darknet.org.uk
Continue reading Bug Bounties Reaching $500,000 For iOS Exploits
CuckooDroid is an extension of Cuckoo Sandbox the Open Source software for automating analysis of suspicious files, for Android malware analysis. CuckooDroid brings to Cuckoo the capabilities of execution and analysis of android applications. CuckooDro… Continue reading CuckooDroid – Automated Android Malware Analysis