Gobuster – An Elegant CLI Utility for Brute Forcing URI Directories

Every reconnaissance phase has a standard checklist that is to be followed. If you’ve ever…

Read more

Dalfox – An Automated XSS Finder

Dalfox is a fast, powerful parameter analysis and XSS scanner based on a DOM parser.…

Read more

BLACKEYE – Open Source LAN Phishing Tool for Penetration Testing

BLACKEYE is a LAN phishing tool that can clone more than 30 networks templates to…

Read more

Harvest Subdomains with DNSHarvester

We’re back again with another banger from Dan Miessler so if you liked the post…

Read more

Dirhunt – Search and Analyze Target Domain Directories

Dirhunt is a python tool that can quickly search directories on target domains to find…

Read more

DumpsterFire – A Tool That Generates Network Shenanigans to Facilitate Blue Team...

DumpsterFire is an open-source tool made by blue team member to edit create and control…

Read more

Morpheus –TCP/UDP Manipulation Framework

Morpheus is an open source framework that can launch multiple attacks on the network using…

Read more

DSXS | An open source, simple and effective XSS scanner that can...

Damn Small XSS Scanner (DSXS) is a great tool for finding cross site scripting vulnerabilities,…

Read more

Knock – Open Source Subdomain Scanner Tool

Knock is a python based tool for enumerating subdomains on a targeted domain. You can…

Read more

Aquatone | An Open Source Domain Flyover Tool

Aquatone is a tool programmed by go-lang to inspect domains/check their status and also provide…

Read more

Macro_Pack – Open Source tool for obfuscating MS documents and VBS scripts

The macro_pack is a tool for automating obfuscation in an MS document or VBS script…

Read more

Wifi Pumpkin – WiFi MITM Attack and Audit Framework

Wifi Pumpkin is a security audit framework used to test the security of wifi against…

Read more

Latest Cyber Security News | Network Security Hacking

The ASLR Caveat on NGINX’s Critical HTTP/3 Flaw Changes Nothing About Urgency

by Rebecca Sutton

CVE-2026-42530, the NGINX HTTP/3 vulnerability rated CVSS 9.2, is collecting dismissals because exploitation requires ASLR …

by Rebecca Sutton

CVE-2026-48907: How the Joomla JCE Exploit Works and What to Do About It

by Rebecca Sutton

SpyCloud Report Finds Phishing Attacks Surge as Employee Data Is Exposed at 86% of Fortune 100 Companies

by CyberNewswire

Heimdal Survey: Executives Four Times More Confident About AI Risk Than the Teams Managing It

by CyberNewswire

How CVE-2026-20253 Turns Splunk’s PostgreSQL Sidecar Into an Open Door

by Rebecca Sutton

Free Hacking Tools

BruteDum- A network attack bruteforce tool

by Tyler Loftus

I found a doozie here ladies and gentlemen, with a little python script called BruteDum.  …

by Tyler Loftus

MHDDoS – A DDoS Attack Script With Over 50 Different Methods

by Tyler Loftus

A Review of DNS Enumeration Tool: DNSEnum

by Tyler Loftus

Harvest Subdomains with DNSHarvester

by Tyler Loftus

Capture the Flag

DC: 2 Hacking Challenge Walkthrough (Vulnhub)

by Unallocated Author

Hello Community! We have just completed first vulnhub machine of DC series by DCAU in …

by Unallocated Author

DC: 1 Hacking Challenge Walkthrough (Vulnhub)

by Unallocated Author

Mr-Robot Hacking Challenge Walkthrough (Vulnhub)

by Unallocated Author

Rickdiculously – A CTF Designed for Rick And Morty Fans

by Unallocated Author

Did you know ?

Privilege Escalation: The Step Between Foothold and Full Compromise

by Rebecca Sutton

Privilege escalation is the pivot point in almost every serious intrusion. This guide explains where …

by Rebecca Sutton

Nmap for Beginners: Understanding Scans Before You Run Them

by Rebecca Sutton

Reverse Shell Explained: Setup, Attack Chain, and Detection

by Rebecca Sutton

How Ransomware Works: Encryption Is the Least of Your Problems

by Rebecca Sutton

Why Credential and Session Exposure Monitoring Should Be a Baseline Security Practice

by Mic Johnson

Latest Hacking News