Faraday Community – Open Source Penetration Testing and Vulnerability Management Platform

Faraday was built from within the security community, to make vulnerability management easier and enhance our work. What IDEs are to programming, Faraday is to pentesting. Offensive security had two difficult tasks: designing smart ways of getting new information, and keeping track of findings to improve further work. This new update brings: New scanning, reportingRead More

Kali Linux 2022.3 – Penetration Testing and Ethical Hacking Linux Distribution

Time for another Kali Linux release! – Kali Linux 2022.3. This release has various impressive updates. The highlights for Kali’s 2022.3’s release: Discord Server – Kali’s new community real-time chat option has launched! Test Lab Environment – Quickly create a test bed to learn, practice, and benchmark tools and compare their results Opening Kali-Tools RepoRead More

Kali Linux 2022.2 – Penetration Testing and Ethical Hacking Linux Distribution

Time for another Kali Linux release! – Kali Linux 2022.2. This release has various impressive updates. The summary of the changelog since the 2022.1 release from February 2022 is: GNOME 42 – Major release update of the popular desktop environment KDE Plasma 5.24 – Version bump with a more polished experience Multiple desktop enhancements –Read More

Kali Linux 2022.1 – Penetration Testing and Ethical Hacking Linux Distribution

Time for another Kali Linux release! – Kali Linux 2022.1. This release has various impressive updates. The summary of the changelog since the 2021.4 release from December 2021 is: Visual Refresh – Updated wallpapers and GRUB theme Shell Prompt Changes – Visual improvements to improve readability when copying code Refreshed Browser Landing Page – FirefoxRead More

KaliIntelligenceSuite – Shall Aid In The Fast, Autonomous, Central, And Comprehensive Collection Of Intelligence By Executing Standard Penetration Testing Tools

  Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by automatically: executing Kali Linux tools (e.g., dnsrecon, gobuster, hydra, nmap, etc.) querying publicly available APIs (e.g., Censys.io, Haveibeenpwned.com, Hunter.io, Securitytrails.com, DNSdumpster.com, Shodan.io, etc.) storing the collected data in a central rational database (see next section) providing anRead More

ADLab – Custom PowerShell Module To Setup An Active Directory Lab Environment To Practice Penetration Testing

The purpose of this module is to automate the deployment of an Active Directory lab for practicing internal penetration testing. Credits to Joe Helle and his PowerShell for Pentesters course regarding the generation of the attack vectors. Instructions Preparation Optional but recommended: Move Module into PSModulePath # Display PSModulePath$env:PSModulePath.split(“;”)# Move module to pathMove-Item .ADLab “C:Windowssystem32WindowsPowerShellv1.0Modules”Read More

FUSE – A Penetration Testing Tool For Finding File Upload Bugs

FUSE is a penetration testing system designed to identify Unrestricted Executable File Upload (UEFU) vulnerabilities. The details of the testing strategy is in our paper, “FUSE: Finding File Upload Bugs via Penetration Testing”, which appeared in NDSS 2020. To see how to configure and execute FUSE, see the followings. Setup Install FUSE currently works onRead More

Kali Linux 2021.3 – Penetration Testing and Ethical Hacking Linux Distribution

Time for another Kali Linux release! – Kali Linux 2021.1. This release has various impressive updates. A summary of the changes since the 2021.2 release from June are: OpenSSL – Wide compatibility by default – Keep reading for what that means New Kali-Tools site – Following the footsteps of Kali-Docs, Kali-Tools has had a completeRead More

Peirates – Kubernetes Penetration Testing Tool

What is Peirates? Peirates, a Kubernetes penetration tool, enables an attacker to escalate privilege and pivot through a Kubernetes cluster. It automates known techniques to steal and collect service accounts, obtain further code execution, and gain control of the cluster. Where do I run Peirates? You run Peirates from a container running on Kubernetes. DoesRead More

Nettacker – Automated Penetration Testing Framework

OWASP Nettacker project is created to automate information gathering, vulnerability scanning and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information. This software will utilize TCP SYN, ACK, ICMP, and many other protocols in order to detect and bypass Firewall/IDS/IPS devices. By leveraging a unique method in OWASP Nettacker forRead More

X