Caracal Caracal is a static analyzer tool over the SIERRA representation for Starknet smart contracts. Features Detectors to detect vulnerable Cairo code Printers to report information Taint analysis Data flow...
Defense / Vulnerability Analysis / Web Vulnerability Analysis
by do son · Published August 8, 2023 · Last modified December 10, 2023
CVE Prioritizer Tool CVE_Prioritizer is a powerful tool that helps you prioritize vulnerability patching by combining CVSS, EPSS, and CISA’s Known Exploited Vulnerabilities. It provides valuable insights into the likelihood of exploitation and...
ADCSKiller – An ADCS Exploitation Automation Tool ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities. It leverages features...
Sirius Scan Sirius is the first truly open-source general purpose vulnerability scanner. Today, the information security community remains the best and most expedient source for cybersecurity intelligence. The community itself...
Vulnerability Analysis / Web Vulnerability Analysis
by do son · Published July 17, 2023 · Last modified November 6, 2023
Daksh SCRA (Source Code Review Assist) The tool currently offers the following functionalities: Options to use programming language-specific rules specific for finding areas of interests Option to extend or add...
IaC Scan Runner The IaC Scanner is an inspection service that aims to scan IaC (Infrastructure as Code) in order to find the problems and security vulnerabilities so that the users...
Platbox UEFI and SMM Assessment Tool Features Platbox is a tool that helps assessing the security of the platform: Dumps the platform registers that are interesting security-wise Flash Locks MMIO...
Information Gathering / Vulnerability Analysis
by do son · Published April 27, 2023 · Last modified May 23, 2023
KeePwn A python script to help red teamers discover KeePass instances and extract secrets. Features & Roadmap KeePass Discovery Accept multiple target sources (IP, range, hostname, file) Automatically look for...
Kubestroyer Kubestroyer aims to exploit Kubernetes clusters misconfigurations and be the swiss army knife of your Kubernetes pentests. Kubestroyer is a Golang exploitation tool that aims to take advantage of Kubernetes...
Vulnerability Analysis / Web Vulnerability Analysis
by do son · Published February 12, 2023 · Last modified February 19, 2023
Grepmarx – source code static analysis platform for security auditors Grepmarx is a web application providing a single platform to quickly understand, analyze and identify vulnerabilities in possibly large and...
FirmAE FirmAE is a fully-automated framework that performs emulation and vulnerability analysis. FirmAE significantly increases the emulation success rate (From Firmadyne‘s 16.28% to 79.36%) with five arbitration techniques. We tested FirmAE...
Defense / Vulnerability Analysis
by do son · Published January 26, 2023 · Last modified July 1, 2023
Locksmith A tiny tool to identify and remediate common misconfigurations in Active Directory Certificate Services. Mode 0 (Default) – Identify Issues and Output to Console PS> .\Invoke-Locksmith.ps1 Running Invoke-Locksmith.ps1 with...
Am I Exploitable? ‘Am I Exploitable?’ is a python open source project that comes to meet the need of validating if your system is exploitable to specific vulnerabilities. The project...
KubeStalk KubeStalk is a tool to discover Kubernetes and related infrastructure-based attack surfaces from a black-box perspective. This tool is a community version of the tool used to probe for...
SEVulDet SEVulDet is a semantics-enhanced deep learning-based framework that can accurately pinpoint vulnerability patterns by extracting, preserving, and learning more semantics. Details of SEVulDet Recent years have seen increased attention...
Support Securityonline.info site. Thanks!
Mozi Botnet Re-Emerges as Androxgh0st in New Wave of IoT Exploits
November 11, 2024
