SecLists – A Pentester’s BFF

SecLists is a pentesting tool used by security professionals around the globe, it contains various…

Read more

Brosec – An Open Source Interactive Tool to Utilize Payloads and Commands

Brosec is an open source terminal based tool to help all the security professionals generate…

Read more

Trape – A Free GUI Based Phishing/Tracking Tool

Trape is a tool written in python that can aid in tracking a client after…

Read more

YAWAST – Open Source Web Application Information Gathering Toolkit

YAWAST is a web application penetration testing toolkit that can perform information gathering and basic…

Read more

Impersonate Local Microsoft Users with msImpersonate

What is msImpersonate? What’s up nerds! Captain AMayorica hooked us up again with another Microsoft…

Read more

Morpheus –TCP/UDP Manipulation Framework

Morpheus is an open source framework that can launch multiple attacks on the network using…

Read more

Lnkbomb- Exploit Insecure File Shares

Today I have a tool that exploits insecure file shares and allows penetration testers to…

Read more

CMSeeK | An Open Source Content Management System Detection and Exploitation Tool

CMSeek is an open-source tool that analyzes the regex of websites in order to detect…

Read more

Sqlmap – Free Tool for SQL Injection Discovery And Exploitation

Sqlmap is an open source tool used to test the SQL injection vulnerabilities within web…

Read more

InfoG v1.0 – An Open Source Information Gathering Tool

Note that InfoG 1 is now deprecated, use version 2 instead: https://github.com/Tech-Sec/InfoG.git InfoG is a Shellscript…

Read more

Aquatone | An Open Source Domain Flyover Tool

Aquatone is a tool programmed by go-lang to inspect domains/check their status and also provide…

Read more

Eyewitness – Open Source Target Visualization and Recon Tool

Got a huge list of targets that you’d like to enumerate but can’t really visit…

Read more

Latest Cyber Security News | Network Security Hacking

Cisco Unified CM SSRF Flaw Is Being Exploited to Drop Webshells

by Rebecca Sutton

CVE-2026-20230, an SSRF in Cisco Unified CM’s WebDialer component, is being actively exploited via Tor …

by Rebecca Sutton

PostCSS npm Typosquat: How to Check If Your Machine Is Compromised

by Rebecca Sutton

SonicWall CVE-2024-40766 Proves Patching Is Not Remediation

by Rebecca Sutton

usbliter8 Exploit Achieves Code Execution in Apple’s Unpatchable SecureROM

by Rebecca Sutton

The ASLR Caveat on NGINX’s Critical HTTP/3 Flaw Changes Nothing About Urgency

by Rebecca Sutton

Free Hacking Tools

BruteDum- A network attack bruteforce tool

by Tyler Loftus

I found a doozie here ladies and gentlemen, with a little python script called BruteDum.  …

by Tyler Loftus

MHDDoS – A DDoS Attack Script With Over 50 Different Methods

by Tyler Loftus

A Review of DNS Enumeration Tool: DNSEnum

by Tyler Loftus

Harvest Subdomains with DNSHarvester

by Tyler Loftus

Capture the Flag

DC: 2 Hacking Challenge Walkthrough (Vulnhub)

by Unallocated Author

Hello Community! We have just completed first vulnhub machine of DC series by DCAU in …

by Unallocated Author

DC: 1 Hacking Challenge Walkthrough (Vulnhub)

by Unallocated Author

Mr-Robot Hacking Challenge Walkthrough (Vulnhub)

by Unallocated Author

Rickdiculously – A CTF Designed for Rick And Morty Fans

by Unallocated Author

Did you know ?

VPN Internals Explained: Protocols, Leaks, and What the Kill Switch Actually Does

by Rebecca Sutton

A technical breakdown of how a VPN works: packet handling, protocol comparisons, DNS and WebRTC …

by Rebecca Sutton

SQL Injection: Why It Persists and How to Prevent It

by Rebecca Sutton

Virus vs Worm: Why the Propagation Difference Actually Matters

by Rebecca Sutton

Man in the Middle Attack: Techniques, Real Examples, and Defences

by Rebecca Sutton

How to Detect a Keylogger on Your System

by Rebecca Sutton

Latest Hacking News