Security Training Share
WPScan is a black box WordPress vulnerability scanner. Changelog v3.7.3 Fixed Incorrect parsing of theme data when new lines before/after comments were stripped from the CSS file – Ref #1404 Improved passive detection of WordPress...
kubesec Security risk analysis for Kubernetes resources Download Kubesec Kubesec is available as a: Docker container image at docker.io/kubesec/kubesec:v2 Linux/MacOS/Win binary (get the latest release) Kubernetes Admission Controller Kubectl plugin Or install the latest commit from...
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible. EyeWitness is designed to run on Kali Linux. It will auto-detect the file you give...
ODAT ODAT (Oracle Database Attacking Tool) is an open source penetration testing tool that tests the security of Oracle Databases remotely. Usage examples of ODAT: You have an Oracle database listening remotely and want to find valid SIDs and credentials in order...
Faraday introduces a new concept – IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distribution, indexation, and analysis of the data generated during a security audit. The main purpose of Faraday...
Aleph is a tool for indexing large amounts of both documents (PDF, Word, HTML) and structured (CSV, XLS, SQL) data for easy browsing and search. It is built with investigative reporting as a primary use...
Repo-supervisor A serverless tool that detects secrets and passwords in your pull requests – one file at a time. Introduction It happens sometimes that you can commit secrets or passwords to your repository by...
Spaces finder Spaces finder is a tool to quickly enumerate DigitalOcean Spaces to look for loot. It’s similar to a subdomain bruteforcer but is made specifically for DigitalOcean Spaces and also has some extra features that...
Redcloud is a powerful and user-friendly toolbox for deploying a fully featured Red Team Infrastructure using Docker. Harness the cloud’s speed for your tools. Deploys in minutes. Use and manage it with its polished web interface. Ideal...
(Y)et (A)nother (R)obber: Sail ye seas of git for booty is to be found Yar is a tool for plunderin’ organizations, users and/or repositories… In all seriousness though, yar is an OSINT tool for...
CloudMapper CloudMapper generates network diagrams of Amazon Web Services (AWS) environments and displays them via your browser. It helps you understand visually what exists in your accounts and identify possible network misconfigurations. There are...
slurp Blackbox/whitebox S3 bucket enumerator Overview Credit to all the vendor packages that made this tool possible. This is a security tool; it’s meant for pen-testers and security professionals to perform audits of s3...
Pentest Tools Framework Pentest Tools Framework is a database of exploits, Scanners, and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities,...
Findomain findomain is a cross-platform tool that uses Certificates Transparency logs to find subdomains. We currently support Linux, Windows, and MacOS. How does it work? It tool doesn’t use the common methods for sub(domains)...
Linux news