A critical flaw in Gitea’s official Docker image let anyone impersonate an admin with one …
Now, the MP3 is officially dead. Well, more “dead,” anyway. Based on previous research, the …
cSploit is now considered EOL and is not being updated by the developers. Current version…
Wifi Pumpkin is a security audit framework used to test the security of wifi against…
NoSQLMap is an open source python based tool, designed to audit and automate injection attacks…
Social Mapper is an open source tool that searches for profile information from social media…
Security company NCC Group have released an open source tool for penetration testing named Singularity,…
AutoRecon is an enumeration tool that performs automated enumeration with multi-threaded capabilities. It is purposely…
Wapiti is an open source tool that scans web applications for multiple vulnerabilities including data…
Modlishka is a go based phishing proxy that takes your phishing campaigns to the next…
Kalitorify is a shell based script for Kali Linux. It uses iptables and TOR to…
We’re back again with another banger from Dan Miessler so if you liked the post…
With Sherlock you can search across a vast number of social platforms for a username.…
Tulpar is an open source penetration testing tool that can find web application vulnerabilities such…
A critical flaw in Gitea’s official Docker image let anyone impersonate an admin with one …
I found a doozie here ladies and gentlemen, with a little python script called BruteDum. …
Hello Community! We have just completed first vulnhub machine of DC series by DCAU in …
A practitioner’s breakdown of the CSRF attack: how the forged request works, two documented exploits, …
Now, the MP3 is officially dead. Well, more “dead,” anyway. Based on previous research, the …
Phishing is the attempt to get sensitive information such as usernames, passwords, and credit card …
