Turbolist3r – An Automated Subdomain Scanning Tool

Turbolist3r is a subdomain enumeration tool which can identify subdomain takeovers. It is heavily based…

Read more

PrivilegeEsc-Linux – Open Source Script for Enumeration on Linux

PrivilegeEsc-Linux is a simple script which checks the security on a Linux machine. It can…

Read more

Galileo – Open Source Web Application Auditing Framework

Galileo is a free web application auditing framework that can perform various penetration testing tasks,…

Read more

Wifi Pumpkin – WiFi MITM Attack and Audit Framework

Wifi Pumpkin is a security audit framework used to test the security of wifi against…

Read more

BitB- Capture credentials with a fake browser login

What is a Browser in the Browser attack What’s up nerds! Mr.D0x has yet another…

Read more

Sitadel – An Open Source Tool for Finding Web Application Vulnerabilities

Sitadel is a python based web application scanner. It’s flexible and has many different scanning…

Read more

Wapiti – The Black Box Vulnerability Scanner for Web Applications

Wapiti is an open source tool that scans web applications for multiple vulnerabilities including data…

Read more

Harvest Subdomains with DNSHarvester

We’re back again with another banger from Dan Miessler so if you liked the post…

Read more

Subfinder – A Subdomain Discovery Tool

So what is this subfinder tool all about? Subfinder is a subdomain discovery tool that…

Read more

TIDoS – Open Source Reconnaissance and Web Application Audit Framework

TIDoS framework is a python based toolkit that performs a comprehensive audit of the web…

Read more

Powershell-RAT | A Backdoor Tool to Extract Data via Gmail

Powershell-RAT is a Python and Powershell script tool that has been made to help a pen…

Read more

Photon – A Very Handy Open Source OSINT Tool

Photon is a relatively fast crawler designed for automating OSINT (Open Source Intelligence) with a…

Read more

Latest Cyber Security News | Network Security Hacking

How CVE-2026-20253 Turns Splunk’s PostgreSQL Sidecar Into an Open Door

by Rebecca Sutton

CVE-2026-20253 is a CVSS 9.8 pre-auth flaw in Splunk Enterprise’s PostgreSQL sidecar service. An unauthenticated …

by Rebecca Sutton

LiteLLM Vulnerability Chain: What Security Teams Running AI Gateways Need to Do Now

by Rebecca Sutton

Palo Alto’s GlobalProtect Authentication Bypass Was Exploited Four Days After Disclosure

by Rebecca Sutton

Apple Silicon Is Not a Safe Harbor From Spectre-Class Attacks

by Rebecca Sutton

Atomic Arch: 400+ AUR Packages Backdoored with eBPF Rootkit and Credential Stealer

by Rebecca Sutton

Free Hacking Tools

BruteDum- A network attack bruteforce tool

by Tyler Loftus

I found a doozie here ladies and gentlemen, with a little python script called BruteDum.  …

by Tyler Loftus

MHDDoS – A DDoS Attack Script With Over 50 Different Methods

by Tyler Loftus

A Review of DNS Enumeration Tool: DNSEnum

by Tyler Loftus

Harvest Subdomains with DNSHarvester

by Tyler Loftus

Capture the Flag

DC: 2 Hacking Challenge Walkthrough (Vulnhub)

by Unallocated Author

Hello Community! We have just completed first vulnhub machine of DC series by DCAU in …

by Unallocated Author

DC: 1 Hacking Challenge Walkthrough (Vulnhub)

by Unallocated Author

Mr-Robot Hacking Challenge Walkthrough (Vulnhub)

by Unallocated Author

Rickdiculously – A CTF Designed for Rick And Morty Fans

by Unallocated Author

Did you know ?

Nmap for Beginners: Understanding Scans Before You Run Them

by Rebecca Sutton

Nmap measures port states, service versions, and OS fingerprints by analyzing how targets respond to …

by Rebecca Sutton

Reverse Shell Explained: Setup, Attack Chain, and Detection

by Rebecca Sutton

How Ransomware Works: Encryption Is the Least of Your Problems

by Rebecca Sutton

Why Credential and Session Exposure Monitoring Should Be a Baseline Security Practice

by Mic Johnson

AI Coding Agents Are Redefining Cyber Risk — Is Your Exposure Strategy Ready?

by Mic Johnson

Latest Hacking News