There are better ways than managing vulnerabilities with spreadsheets, especially when you are working with several tools. We know it’s easy to lose trail of your efforts. In faraday you can keep track of your scanners and your team in one place, This update is focused on improving your everyday tasks in managing information. TheRead More
Create a vulnerable active directory that’s allowing you to test most of active directory attacks in local lab.Main Features Randomize Attacks Full Coverage of the mentioned attacks you need run the script in DC with Active Directory installed Some of attacks require client workstation Supported Attacks Abusing ACLs/ACEs Kerberoasting AS-REP Roasting Abuse DnsAdmins Password inRead More
AuthMatrix is an extension to Burp Suite that provides a simple way to test authorization in web applications and web services. With AuthMatrix, testers focus on thoroughly defining tables of users, roles, and requests for their specific target application upfront. These tables are structured in a similar format to that of an access control matrixRead More
Vagrant VirtualBox Environment For Conducting An Internal Network Penetration Test. 1. Capsulecorp PentestThe Capsulecorp Pentest is a small virtual network managed by vagrant and ansible. It contains five virtual machines, including one Linux attacking system running xubuntu and 4 Windows 2019 servers configured with various vulnerable services. This project can be used to learn networkRead More
URLCrazy is an OSINT tool to generate and test domain typos or variations to detect or perform typo squatting, URL hijacking, phishing, and corporate espionage.Homepage: https://www.morningstarsecurity.com/research/urlcrazyUse Cases Detect typo squatters profiting from typos on your domain name Protect your brand by registering popular typos Identify typo domain names that will receive traffic intended for anotherRead More
This new release brings strong improvements to your security team’s daily performance, allowing them to operate quicker and smarter by increasing accessibility and stabilizing usual functionality. Major enhancements are focused on providing global visualization of findings, improvements on our API allowing better 3rd party integrations, and outstanding tailoring of the results with our new methodsRead More
FockCache – Minimalized Test Cache Poisoning Detail For Cache Poisoning : https://portswigger.net/research/practical-web-cache-poisoning FockCacheFockCache tries to make cache poisoning by trying X-Forwarded-Host and X-Forwarded-Scheme headers on web pages.After successful result, it gives you a poisoned URL.To be added soon:1 – Page Param Checker2 – Recursive Checking Installation1 – Install with installer.shchmod +x installer.sh./installer.sh2 – Install manualgoRead More
