Category: Web Vulnerability Analysis

October 10, 2019

kubesec v2.3.1 releases: Security risk analysis for Kubernetes resources

kubesec Security risk analysis for Kubernetes resources Changelog v2.3.1 f48e177 Bumped the minor version and added patch summary. abb3339 Added tests for YAML and JSON, expected and unexpected prefix 981d3f9 Added non-breaking fix for form-data submissions that...

Web Vulnerability Analysis

December 5, 2019

finds publicly known security vulnerabilities in a website’s frontend JavaScript libraries

is-website-vulnerable finds publicly known security vulnerabilities in a website’s frontend JavaScript libraries Install npm install -g is-website-vulnerable Use npx is-website-vulnerable https://example.com [–json] [–js-lib] [–mobile|–desktop] [–chromePath] Copyright 2019 Liran Tal <liran.tal@gmail.com> Source: https://github.com/lirantal/

Web Exploitation / Web Vulnerability Analysis

August 2, 2019

WhatWaf v1.9 releases: Detect & bypass web application firewalls and protection systems

WhatWaf is an advanced firewall detection tool whose goal is to give you the idea of “There’s a WAF?”. WhatWaf works by detecting a firewall on a web application and attempting to detect a...

Web Information Gathering / Web Vulnerability Analysis

June 28, 2019

Osmedeus v2.2 releases: Automatic Reconnaisance and Scanning in Penetration Testing

Osmedeus Automatic Reconnaissance and Scanning in Penetration Testing What is Osmedeus? Osmedeus allows you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. Feature Subdomain Scan. Subdomain TakeOver...

Defense / Web Vulnerability Analysis

July 30, 2019

cloudmapper v2.8.1 releases: creates network diagrams of AWS environments

CloudMapper CloudMapper generates network diagrams of Amazon Web Services (AWS) environments and displays them via your browser. It helps you understand visually what exists in your accounts and identify possible network misconfigurations. There are...

Web Vulnerability Analysis

November 24, 2019

Corsy v0.2 beta releases: CORS Misconfiguration Scanner

Corsy Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations. Tests implemented Pre-domain bypass Post-domain bypass Backtick bypass Null origin bypass Invalid value Wild card value Origin reflection test...

Web Vulnerability Analysis

July 24, 2019

Brakeman v4.7.2 released: A static analysis security vulnerability scanner for Ruby on Rails applications

Brakeman Brakeman is an open-source static analysis tool that checks Ruby on Rails applications for security vulnerabilities. It can detect: Possibly unescaped model attributes or parameters in views (Cross-Site Scripting) Bad string interpolation in...

Web Vulnerability Analysis

May 4, 2019

jwt_tool v1.3.2 releases: A toolkit for testing, tweaking and cracking JSON Web Tokens

The JSON Web Token Toolkit jwt_tool.py is a toolkit for validating, forging and cracking JWTs (JSON Web Tokens). Its functionality includes: Checking the validity of a token Testing for the RS/HS256 public key mismatch vulnerability Testing for...

Web Vulnerability Analysis

October 26, 2017

xsser v1.8.2 releases: automatic -framework- to detect, exploit and report XSS vulnerabilities

Cross-Site “Scripter” (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities. It provides several options to try to bypass certain filters and various special techniques for code injection. XSSer has...

Defense / Web Vulnerability Analysis

June 26, 2019

Scout Suite v5.5 releases: Multi-Cloud Security Auditing Tool

Scout Suite is a multi-cloud security auditing tool, which enables assessing the security posture of cloud environments. Using the APIs exposed by cloud providers, Scout gathers configuration data for manual inspection and highlights risk...

Category: Web Vulnerability Analysis

kubesec v2.3.1 releases: Security risk analysis for Kubernetes resources

finds publicly known security vulnerabilities in a website’s frontend JavaScript libraries

WhatWaf v1.9 releases: Detect & bypass web application firewalls and protection systems

Osmedeus v2.2 releases: Automatic Reconnaisance and Scanning in Penetration Testing

cloudmapper v2.8.1 releases: creates network diagrams of AWS environments

Corsy v0.2 beta releases: CORS Misconfiguration Scanner

Brakeman v4.7.2 released: A static analysis security vulnerability scanner for Ruby on Rails applications

jwt_tool v1.3.2 releases: A toolkit for testing, tweaking and cracking JSON Web Tokens

xsser v1.8.2 releases: automatic -framework- to detect, exploit and report XSS vulnerabilities

Scout Suite v5.5 releases: Multi-Cloud Security Auditing Tool

Search

Suggested Reading

BREAKING NEWS

TRENDING

Linux news