Webvulnscan – An Automated Web Application Vulnerability Scanner

Webvulnscan is a web application scanner that automates vulnerability assessment tasks. The tool can automatically…

Read more

Harvest Subdomains with DNSHarvester

We’re back again with another banger from Dan Miessler so if you liked the post…

Read more

Wifi Pumpkin – WiFi MITM Attack and Audit Framework

Wifi Pumpkin is a security audit framework used to test the security of wifi against…

Read more

W3af – Web Application Attack and Audit Framework

W3af is a GUI based framework that helps in auditing and identifying vulnerabilities in web…

Read more

Aquatone | An Open Source Domain Flyover Tool

Aquatone is a tool programmed by go-lang to inspect domains/check their status and also provide…

Read more

Yuki Chan – The Auto Web Penetration Testing Tool

Yuki Chan is an open source tool that automates some of the information gathering and…

Read more

CMSeek – CMS Detection and Information Gathering

CMSeek is a python tool that is used to detect Content Management System (CMS) within…

Read more

Nmap Automator – a tool I used during OSCP for simple recon

Nmap Automator is a great tool for initial port scans of a given ip address.…

Read more

Just Scan It with JFScan

What is JFScan? JFScan is a great enumeration tool  created by nullt3r written mainly in…

Read more

PhishX –Spear Phishing Tool for Capturing Credentials

PhishX is a python tool that can capture user credentials using a spear phishing attack.…

Read more

Eyewitness – Open Source Target Visualization and Recon Tool

Got a huge list of targets that you’d like to enumerate but can’t really visit…

Read more

PuTTY SSH Bruteforce Login Script

I came across this python script that can perform SSH login bruteforce attacks and decided…

Read more

Latest Cyber Security News | Network Security Hacking

Palo Alto’s GlobalProtect Authentication Bypass Was Exploited Four Days After Disclosure

by Rebecca Sutton

CVE-2026-0257’s GlobalProtect authentication bypass went from advisory to active exploitation in four days. The recurring …

by Rebecca Sutton

Apple Silicon Is Not a Safe Harbor From Spectre-Class Attacks

by Rebecca Sutton

Atomic Arch: 400+ AUR Packages Backdoored with eBPF Rootkit and Credential Stealer

by Rebecca Sutton

Check Point VPN Authentication Bypass (CVE-2026-50751): Client-Controlled IKEv1 Auth Flipped by Ransomware Affiliate

by Rebecca Sutton

RaccoonLine Publishes Analysis of VPN Data Disclosure Risks and the Shift Toward Decentralized Routing

by CyberNewswire

Free Hacking Tools

BruteDum- A network attack bruteforce tool

by Tyler Loftus

I found a doozie here ladies and gentlemen, with a little python script called BruteDum.  …

by Tyler Loftus

MHDDoS – A DDoS Attack Script With Over 50 Different Methods

by Tyler Loftus

A Review of DNS Enumeration Tool: DNSEnum

by Tyler Loftus

Harvest Subdomains with DNSHarvester

by Tyler Loftus

Capture the Flag

DC: 2 Hacking Challenge Walkthrough (Vulnhub)

by Unallocated Author

Hello Community! We have just completed first vulnhub machine of DC series by DCAU in …

by Unallocated Author

DC: 1 Hacking Challenge Walkthrough (Vulnhub)

by Unallocated Author

Mr-Robot Hacking Challenge Walkthrough (Vulnhub)

by Unallocated Author

Rickdiculously – A CTF Designed for Rick And Morty Fans

by Unallocated Author

Did you know ?

How Ransomware Works: Encryption Is the Least of Your Problems

by Rebecca Sutton

Ransomware still encrypts files with a hybrid AES/RSA scheme, but the data theft and backup …

by Rebecca Sutton

Why Credential and Session Exposure Monitoring Should Be a Baseline Security Practice

by Mic Johnson

AI Coding Agents Are Redefining Cyber Risk — Is Your Exposure Strategy Ready?

by Mic Johnson

How to Develop a Risk Management Framework

by Mic Johnson

The Supply Chain Is the New Battlefield: How One Weak Link Compromises Entire Ecosystems

by Mic Johnson

Latest Hacking News