Cansina – Open Source Hidden Content Discovery Tool

Reconnaissance is one of the first steps to conduct within a pen test engagement. During…

Read more

Webvulnscan – An Automated Web Application Vulnerability Scanner

Webvulnscan is a web application scanner that automates vulnerability assessment tasks. The tool can automatically…

Read more

Zarp – A Free Network Attack Framework

Zarp is a powerful tool used for scanning and attacking networks. The tool is capable…

Read more

Minimalistic OffSec Scanner – A Powerful TCP and UDP Scanner

Here we have a compilation of tools by InfoSecMatter that is used for scanning open…

Read more

CMSeeK | An Open Source Content Management System Detection and Exploitation Tool

CMSeek is an open-source tool that analyzes the regex of websites in order to detect…

Read more

webscreenshot.py | A Simple script that aids in testing large websites

Web Screenshot – webscreenshot.py is a great tool which comes in handy when a penetration…

Read more

BinGoo- A Command Line Dorking Tool

What is BinGoo? Welcome to BinGoo, the all-in-one dorking tool written in bash. It uses…

Read more

WiFiDuck BadUSB Tester

I found this one while doings some research on BadUSBs and thought it would be…

Read more

PhishX –Spear Phishing Tool for Capturing Credentials

PhishX is a python tool that can capture user credentials using a spear phishing attack.…

Read more

Impersonate Local Microsoft Users with msImpersonate

What is msImpersonate? What’s up nerds! Captain AMayorica hooked us up again with another Microsoft…

Read more

Leviathan – Mass Audit Toolkit for Networks and Applications

Leviathan is an open source toolkit that can be used for auditing networks and web…

Read more

Raccoon – Open Source Enumeration and Information Gathering Tool

Raccoon is an offensive security tool known for reconnaissance and information gathering. The tool can…

Read more

Latest Cyber Security News | Network Security Hacking

How CVE-2026-20253 Turns Splunk’s PostgreSQL Sidecar Into an Open Door

by Rebecca Sutton

CVE-2026-20253 is a CVSS 9.8 pre-auth flaw in Splunk Enterprise’s PostgreSQL sidecar service. An unauthenticated …

by Rebecca Sutton

LiteLLM Vulnerability Chain: What Security Teams Running AI Gateways Need to Do Now

by Rebecca Sutton

Palo Alto’s GlobalProtect Authentication Bypass Was Exploited Four Days After Disclosure

by Rebecca Sutton

Apple Silicon Is Not a Safe Harbor From Spectre-Class Attacks

by Rebecca Sutton

Atomic Arch: 400+ AUR Packages Backdoored with eBPF Rootkit and Credential Stealer

by Rebecca Sutton

Free Hacking Tools

BruteDum- A network attack bruteforce tool

by Tyler Loftus

I found a doozie here ladies and gentlemen, with a little python script called BruteDum.  …

by Tyler Loftus

MHDDoS – A DDoS Attack Script With Over 50 Different Methods

by Tyler Loftus

A Review of DNS Enumeration Tool: DNSEnum

by Tyler Loftus

Harvest Subdomains with DNSHarvester

by Tyler Loftus

Capture the Flag

DC: 2 Hacking Challenge Walkthrough (Vulnhub)

by Unallocated Author

Hello Community! We have just completed first vulnhub machine of DC series by DCAU in …

by Unallocated Author

DC: 1 Hacking Challenge Walkthrough (Vulnhub)

by Unallocated Author

Mr-Robot Hacking Challenge Walkthrough (Vulnhub)

by Unallocated Author

Rickdiculously – A CTF Designed for Rick And Morty Fans

by Unallocated Author

Did you know ?

Reverse Shell Explained: Setup, Attack Chain, and Detection

by Rebecca Sutton

A reverse shell makes the target machine initiate the connection back to the attacker, bypassing …

by Rebecca Sutton

How Ransomware Works: Encryption Is the Least of Your Problems

by Rebecca Sutton

Why Credential and Session Exposure Monitoring Should Be a Baseline Security Practice

by Mic Johnson

AI Coding Agents Are Redefining Cyber Risk — Is Your Exposure Strategy Ready?

by Mic Johnson

How to Develop a Risk Management Framework

by Mic Johnson

Latest Hacking News