Just another IT & Cybersecurity Page
The main assumption of creating this tool was easier and faster delivery of commands sets to be performed on customer environments. As a result of such a scan I wanted to get the most useful information about system components that will be subjected to penetration tests and audits at a later time. Donwload: Here
Security experts have spotted an interesting case of a suspected ransomware attack that employed custom-made tools typically used by APT (advanced persistent threat) groups. Although no concrete connection between groups has been uncovered, the operational tactics, targeting scope, and malware customization capabilities signify a potential connection. As detailed in a report sent to Bleeping Computer […]
The new rules for apt-keys need some attentions: download an convert the .key file (Release.key) to .gpg create a new list file in /etc/apt/source.list.d/ After all reload source list
VAF :– very advanced (web) fuzzer. Features: Grepping Outputing results to a file Status code filtering Detect reflexivness (useful for finding xss) Add prefixes, suffixes Custom wordlists Fuzz any part of the url Fuzz POST data URL encode payload Disclaimer:- This project was created for educational purposes and should not be used in environments without […]
Cloudflare announced that it is taking drastic measures to protect data of customers in Eastern Europe under current conditions of the Russian invasion of Ukraine. The U.S.-based web infrastructure and security company known for its DDoS mitigation services announced its decision to stay in the Russian market, albeit with some aspects of its business suspended.“ […]
This is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes. It is similar to CVE-2016-5195 “Dirty Cow” but is easier to exploit. The vulnerability was fixed in Linux 5.16.11, […]
Nightingale:– It’s a Docker Environment of the KALI-Linux having all the required tools for #VAPT.Nightingale contains all the required well-known tools that will be required to the Pentesters at the time of Penetration Testing. This docker image has the base support of Debian and it is completely platform Independent. Disclaimer:- This project was created for […]
Awesome Tool, read HERE
Karma Version 2 – A OSINT framework. Karma v2 can be used by Infosec Researchers, Penetration Testers, Bug Hunters to find deep information, OSINT and more assets, WAF/CDN bypassed IPs, Internal/External Infra, Publicly exposed leaks and many more about their target. Shodan Premium API key is required to use this automation. Output from the is […]