Security Training Share
Attack Surface Analyzer Attack Surface Analyzer (ASA) is a Microsoft-developed open source security tool that analyzes the attack surface of a target system and reports on potential security vulnerabilities introduced during the installation of...
sparrow-wifi – Graphical WiFi Analyzer for Linux Sparrow-wifi has been built from the ground up to be the next generation 2.4 GHz and 5 GHz Wifi spectral awareness tool. At its most basic it...
What is Sippts? Sippts is a suite of tools to audit VoIP servers and devices using SIP protocol. It is programmed in Perl script and it allows us to check the security of a...
uptux Privilege escalation checks for Linux systemd. This tool checks for issues on Linux systems that may lead to privilege escalation. The core focus in on systemd configuration. This tool is under active development...
BEEMKA – Electron Exploitation Toolkit Modules Available modules [ rshell_cmd ] Windows Reverse Shell [ rshell_linux ] Linux Reverse Shell [ screenshot ] Screenshot Module [ rshell_powershell ] PowerShell Reverse Shell [ keylogger ]...
The lunar script generates a scored audit report of a Unix host’s security. It is based on the CIS and other frameworks. Where possible there are references to the CIS and other benchmarks in...
HubbleStack (Hubble for short) is a modular, open-source, security & compliance auditing framework which is built in python, using SaltStack as a library. It provides on-demand profile-based auditing, real-time security event notifications, alerting and...
As a penetration tester, I know that you usually choose to use Kali Linux like penetration testing distribution. Kali Linux is a powerful distribution. It includes many, many pentesting tools. If you are Ubuntu/...
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber’s PowerShell attacks and the PowerShell bypass technique presented by David Kennedy (TrustedSec) and...
PowerHub PowerHub is a web application which aids a pentester in transferring files, in particular, code which may get flagged by endpoint protection. During an engagement where you have a test client available, one...
DefectDojo is an open-source application vulnerability correlation and security orchestration application. It allows you to manage your application security program, maintain product and application information, schedule scans, triage vulnerabilities and push findings into defect...
Donut is a shellcode generation tool that creates position-independent shellcode payloads from .NET Assemblies. This shellcode may be used to inject the Assembly into arbitrary Windows processes. Given an arbitrary .NET Assembly, parameters, and...
objection Runtime Mobile Exploration introduction – objection Runtime Mobile Exploration objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without...
Dependency-Track Modern applications leverage the availability of existing components for use as building blocks in application development. By using existing components, organizations can dramatically decrease time-to-market. Reusing existing components, however, comes at a cost....
Suggested Reading TRENDING Linux news