Today, we are going to talk about a powerful web application scanner named WAScan. WAScan stands for Web Application Scanner, it also completely open source. The purpose of the tool is to gather information and find various vulnerabilities assuming a”black-box” model. WAScan is built on Python 2.7 and can run on any platform which has a Python environment. The […]
Sitadel is basically an update for WAScan making it compatible for python >= 3.4 It allows more flexibility for you to write new modules and implement new features Frontend framework detection Content Delivery Network detection Define Risk Level to allow for scans Plugin system Docker image available to build and run Requirement Warning This project […]
zeebsploit is a tool for hacking, searching web information and scanning vulnerabilities on the web. Installation $ apt-get install git python $ git clone https://github.com/jaxBCD/Zeebsploit.git $ cd Zeebsploit $ python -m pip install -r requirements.txt $ python zsf.py $ * and follow instruction exploits 14 scanners 10 footprinting 8 requirements: required: requests asyncio aiohttp python-whois […]
Spaghetti is an Open Source web application scanner, it is designed to find various default and insecure files, configurations and misconfigurations. Spaghetti is built on python2.7 and can run on any platform which has a Python environment. Some of its features include: Fingerprinting (Server and Web Frameworks (CakePHP,CherryPy,…) Discovery: (Bruteforce, Admin Interface, Common Backdoors) Disclosure: (Emails, Private IPs) Attacks: […]
In some phases of information gathering. Pentester do require to scan some of the IP addresses that are most commonly used. As per ethical hacking researcher if International Institute of Cyber Security, scanning is the most important phase of penetration testing. The most common addresses can be of routers or search engines. These common scan […]
WPScan is a WordPress security scan for detecting and reporting WordPress vulnerabilities. WordPress is a free online Open source content Managed system focused on PHP and MySQL. It is one of the powerful and most used blogging tools. As there is too many up’s and down’s in WordPress usage, it requires a security improvement, so […]
It seems like all the security measures (in-display fingerprint scanning, 3D face unlock, and more) in our smartphones are not as secure as we think. A new report suggests that Samsung’s recent flagship, the Galaxy S10 can be easily fooled by a fake fingerprint. A user (named Darkshark), via a post on Imgur.com, says that he […]
Call it killer malware? Israeli researchers have developed a new malware that highlights some very critical and dangerous security vulnerabilities in medical imaging equipment, which is commonly used to diagnose serious health conditions like cancer and hypertrophic cardiomyopathy (HCM). Not only can the malware impact the diagnosis of the imaging equipment but can also compromise […]
Scan WordPress websites for vulnerabilities WPScan Kali Linux WPScan is a black box vulnerability scanner for WordPress websites. WPScan comes pre-installed in Kali Linux. Kali Linux is a popular Linux distribution built on Debian Kali Linux comes with many of the best ethical hacking tools pre-installed. If you’re not using Kali Linux and you […]
Osmedeus allows you to run a collection of tools to simplify the reconnaissance and vulnerability scanning phase against the target. Features Subdomain Scan. Subdomain TakeOver Scan. Screenshot the target. Basic recon like Whois, Dig info. IP Discovery. CORS Scan. SSL Scan. Headers Scan. Port Scan. Vulnerable Scan. Seperate workspaces to store all scan output and […]
Osmedeus is a fully automated tool that allows you to run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. How to use If you have no idea what are you doing just type the command below or check out the Advance Usage. ./osmedeus.py -t example.com Installation in detail For Kali Linux […]
KillShot is a penetration testing tool that can be used to gather useful information and scan vulnerabilities in target host devices and web applications. KillShot makes use of the Shodan search engine to find information about target devices. Web application information gathering process is carried out by using inbuilt scripts. The KillShot tool can crawl […]
GoScan is an Interactive Network Scanner Client written in Go, featuring auto-completion, which provides abstraction and automation over Nmap – a well-known network scanner tool. You can use it to perform host discovery, port scanning, and service enumeration tasks, for both casual and professional purposes. GoScan: An Interactive Network Scanner Client GoScan Network Scanner is particularly […]
Hackers are after anyone seeking Pakistani passport while there is no response from the website’s administrator. Researchers at information security firm Trustwave have made a startling new discovery about the data breach on a Pakistani government website involving the Scanbox Framework. It is worth noting that the Scanbox is a dangerous payload and this is […]
Honor has been teasing a 3D variant of its Magic 2 smartphone, called the Honor Magic 2 3D for which we now have an official launch date. According to a post on micro-blogging site Weibo, the Honor Magic 2 3D will launch on March 7 in China. Honor’s 3D smartphone will come with a 3D […]
To identify vulnerabilities that can compromise your security, performance, or functionality, you need to have a vulnerability assessment in place. It is a method used by a qualified provider of your network, applications, systems, and data. It is a tool that is used to analyze your environment and identify any vulnerabilities such as unpatched systems, […]
Altair is a Python tool that can be used to scan for web related vulnerabilities, some of which include database vulnerabilities (SQL), Cross Site Scripting (XSS), Local File Inclusion (LFI), Remote File Inclusion (RFI), potential sensitive files, and directories containing sensitive information. The tool scans files and directories of the target host to find potential […]
SQLiv – Massive SQL injection scanner SQLiv Massive SQL injection scanner Features multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo targetted scanning by providing specific domain (with crawling) reverse domain scanning both SQLi scanning and domain info checking are done in multiprocessing so the script is super fast at scanning many […]
MassBleed is an open source tool used for scanning SSL vulnerabilities in web applications. The tool can scan Heartbleed, CCS, Poodle, Winshock, and DROWN attack vulnerabilities in target web applications. MassBleed Installation MassBleed requires the following scripts to perform its scan. Heartbleed POC OpenSSL CCS script Winshock Script Unicornscan Nmap sslscan Heartbleed, OpenSSL, and Winshock […]
At MWC 2019, LG unveiled its flagship G8 device that carries several intriguing features and brings upgrades over its hugely popular G7 ThinQ. Talking about specs, LG G8 sports a 6.1-inch QHD+ display with a notch. The smartphone from LG comes with 6GB RAM and 128 GB internal storage that can be expanded up to 2TB with […]
Tulpar is an open source penetration testing tool that can find web application vulnerabilities such as SQL injection, Cross-site Scripting (XSS), Command injection, Directory traversal, E-mail disclosure, Credit card disclosure, and File inclusion attacks. Apart from these vulnerabilities assessments, Tulpar can do the following tests. Web crawling Whois information Server information Certification information Technology information […]