As technology advances, so do the tactics of cybercriminals who are constantly on the lookout for vulnerabilities in software to exploit. Apache Tomcat, a popular Java web application server, is the latest software to...
dontgo403 dontgo403 is a tool to bypass 40X errors. Customization If you want to edit or add new bypasses, you can add them directly to the specific file in the payloads folder and the tool...
The Spring Framework is the backbone of countless Java enterprise applications. Its versatile nature accommodates the Java language in various enterprise settings while offering support for Groovy and Kotlin as alternative languages on the...
The Software Development Lifecycle (SDLC) is a term that refers to the process of creating software, from initial concept to completion. Namely, it is a set of seven stages, called the SDLC phases, that...
reNgine reNgine is an automated reconnaissance framework with a focus on a highly configurable streamlined recon process. reNgine is backed by a database, with data correlation and organization, the custom query “like” language for...
Cisco’s Talos threat intelligence and research unit has disclosed the details of several critical vulnerabilities affecting the WiFi 6 router made by an American computer networking company, Netgear. Talos researchers discovered that Netgear Orbi...
checkov Checkov is a static code analysis tool for infrastructure-as-code. It scans cloud infrastructure provisioned using Terraform, Cloudformation, or kubernetes and detects security and compliance misconfigurations. Checkov is written in Python and provides a...
Crassus Windows privilege escalation discovery tool Why “Crassus”? Accenture made a tool called Spartacus, which finds DLL hijacking opportunities on Windows. Using Spartacus as a starting point, we created Crassus to extend Windows privilege escalation...
WAF Bypass Tool WAF bypass Tool is an open-source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads. Check your WAF before an attacker...
APKHunt | OWASP MASVS Static Analyzer APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers...
