KitPloit - PenTest Tools!-- Web shell analyzer is a cross platform stand-alone binary built solely for the purpose of identifying, decoding, and tagging files that are suspected to be web shells. The web shell analyzer is the bigger brother to the web shell scanner project (http://github.com/tstillz/webshell-scan), which only scans files via regex, no decoding or … Continue reading Webshell-Analyzer – Web Shell Scanner And Analyzer
The Hacker News-- A week after the US government issued an advisory about a "global intelligence gathering mission" operated by North Korean state-sponsored hackers, new findings have emerged about the threat group's spyware capabilities. The APT — dubbed "Kimsuky" (aka Black Banshee or Thallium) and believed to be active as early as 2012 — has been … Continue reading New Kimsuky Module Makes North Korean Spyware More Powerful
The Hacker News-- Google has patched a second actively exploited zero-day flaw in the Chrome browser in two weeks, along with addressing nine other security vulnerabilities in its latest update. The company released 86.0.4240.183 for Windows, Mac, and Linux, which it said will be rolling out over the coming days/weeks to all users. The zero-day flaw, tracked … Continue reading New Chrome Zero-Day Under Active Attacks – Update Your Browser
Dark Hacker World-- Voice Changer is a software that can modify the sound or add a twist to the user's voice. It can be used to share your modified voice on YouTube, Facebook, and Discord. Voice changers are widely used by gamers in their stream for fun or trolling purposes.Voice changer apps also allow you … Continue reading 5 Best Free Voice Changer Apps For Discord
InfoSec Write-ups - Medium-- The happiest moment for any hunter. What I did, a few strategies and resources to start withContinue reading on InfoSec Write-ups » View original article on InfoSec Write-ups - Medium
InfoSec Write-ups - Medium-- When fuzzing a subdomain, You may find admin panels or even sensitive files. Let’s say you got .git directory during directory fuzzing…Continue reading on InfoSec Write-ups » View original article on InfoSec Write-ups - Medium
KitPloit - PenTest Tools!-- The Trident project is an automated password spraying tool developed to meet the following requirements: the ability to be deployed on several cloud platforms/execution providers the ability to schedule spraying campaigns in accordance with a target’s account lockout policy the ability to increase the IP pool that authentication attempts originate from … Continue reading Trident – Automated Password Spraying Tool
InfoSec Write-ups - Medium-- Hello everyone today I am going to tell you how I did from Clickjacking to full account takeover so if anyone doesn’t know what is Clickjacking then I tell you in brief.Clickjacking is the attack that tricks a user into clicking a Webpage element which is invisible or disguised as another element. … Continue reading How I Did Full Account Takeover By Clickjacking
InfoSec Write-ups - Medium-- WebGoat first challengeThis is the first of four CTF-like challenges present in WebGoatThe challenge itself is not particularly complex but the process you have to go through is what’s important hereI have spent many hours trying to figure anything plausible on this challenge, thehackerish’s video that you can find below has been … Continue reading WebGoat Admin lost password Challenge
Malwarebytes Labs-- We had a very busy week at Malwarebytes Labs. We offered advice on Google’s patch for an actively exploited zero-day bug that affects Chrome users, our podcast talked about finding consumer value in Cybersecurity Awareness Month with Jamie Court, we provided guidance about keeping ransomware cash away from your business, pointed out how … Continue reading A week in security (October 26 – November 1)
Hacker's Directory 