Offensive Security

TCP Stream Analysis with Tcpick: A Security Professional’s Guide to PCAP Forensics

Blue-Team

TCP Stream Analysis with Tcpick: A Security Professional’s Guide to PCAP Forensics

Tcpick provides security teams with specialized capabilities for reconstructing and analyzing TCP streams from packet captures. This...

VulnNodeApp: A Purposefully Vulnerable Node.js Application for Security Training

News

VulnNodeApp: A Purposefully Vulnerable Node.js Application for Security Training

VulnNodeApp serves as an intentionally vulnerable Node.js application specifically designed for security education and training purposes. This...

Ashok OSINT Reconnaissance Tool: The Swiss Army Knife for Security Professionals

Security Tools & Research

Ashok OSINT Reconnaissance Tool: The Swiss Army Knife for Security Professionals

Ashok has emerged as a powerful open-source OSINT reconnaissance tool that consolidates multiple information-gathering capabilities into a...

ModTracer: Open-Source Tool Detects Hidden Linux Kernel Rootkits

Security Tools & Research

ModTracer: Open-Source Tool Detects Hidden Linux Kernel Rootkits

A new open-source security tool called ModTracer provides critical visibility into Linux Kernel Module (LKM) rootkits that...

Imperius: Exposing Hidden Linux Kernel Rootkits for Security Teams

Red-Team

Imperius: Exposing Hidden Linux Kernel Rootkits for Security Teams

A new tool called Imperius has emerged, designed to detect and expose Linux Kernel Module (LKM) rootkits...

Bug Bounty Programs: The Complete Guide to Vulnerability Hunting

Bug Bounties & Responsible Disclosure

Bug Bounty Programs: The Complete Guide to Vulnerability Hunting

Bug bounty programs have become a proven strategy for strengthening system security through collaboration with external researchers....

Mobile App Pentesting: A Critical Need in Cybersecurity

News

Mobile App Pentesting: A Critical Need in Cybersecurity

Mobile applications have become central to daily operations, from banking transactions to enterprise communications. However, this reliance...

Internal and External Penetration Testing: A Comprehensive Approach to Enterprise Security

News

Internal and External Penetration Testing: A Comprehensive Approach to Enterprise Security

Internal and external penetration testing (pentesting) are critical components for evaluating an organization’s security posture. These simulated...

Red Team Simulations and Physical Pentesting: Strengthening Organizational Resilience

Red-Team

Red Team Simulations and Physical Pentesting: Strengthening Organizational Resilience

In an era of evolving cyber threats, organizations are adopting realistic methods to test their defenses. Red...

Maximizing Penetration Testing: A Comprehensive Guide for Cybersecurity Professionals

Blue-Team
Exploitation

Maximizing Penetration Testing: A Comprehensive Guide for Cybersecurity Professionals

Penetration testing, often referred to as pentesting, is a critical component of modern cybersecurity strategies. It involves...

Cyber Essentials ‘Pathways’: A New Approach to Cybersecurity Certification for Large Organizations

Cyber Laws & Regulations

Cyber Essentials ‘Pathways’: A New Approach to Cybersecurity Certification for Large Organizations

The UK’s National Cyber Security Centre (NCSC) is taking a significant step forward in cybersecurity certification with...

CVE-2024-9880 – Apache Pandas Command Injection Vulnerability

Exploitation

CVE-2024-9880 – Apache Pandas Command Injection Vulnerability

A high-severity vulnerability, CVE-2024-9880, has been identified in the Apache Pandas library, a cornerstone of data analysis...

Cobalt Strike 4.11: Shhhhhh, Beacon is Sleeping….

Fig. 1 – A screenshot showing the results of Get-InjectedThreadEx scanning a process into which a 4.11 Beacon has just been injected.

C2-Updates

Cobalt Strike 4.11: Shhhhhh, Beacon is Sleeping….

DNS Over HTTPS Beacon The new DoH implementation blends DNS C2 with legitimate web traffic: Default configuration...

Posts pagination

Previous 1 … 3 4 5 6

Offensive Security

TCP Stream Analysis with Tcpick: A Security Professional’s Guide to PCAP Forensics

VulnNodeApp: A Purposefully Vulnerable Node.js Application for Security Training

Ashok OSINT Reconnaissance Tool: The Swiss Army Knife for Security Professionals

ModTracer: Open-Source Tool Detects Hidden Linux Kernel Rootkits

Imperius: Exposing Hidden Linux Kernel Rootkits for Security Teams

Bug Bounty Programs: The Complete Guide to Vulnerability Hunting

Mobile App Pentesting: A Critical Need in Cybersecurity

Internal and External Penetration Testing: A Comprehensive Approach to Enterprise Security

Red Team Simulations and Physical Pentesting: Strengthening Organizational Resilience

Maximizing Penetration Testing: A Comprehensive Guide for Cybersecurity Professionals

Cyber Essentials ‘Pathways’: A New Approach to Cybersecurity Certification for Large Organizations

CVE-2024-9880 – Apache Pandas Command Injection Vulnerability

Cobalt Strike 4.11: Shhhhhh, Beacon is Sleeping….

You may have missed

Procolored Printer Drivers Distributed Malware for Six Months: Technical Analysis and Mitigation

Tor Oniux: Kernel-Level Network Anonymization for Linux Applications

Google Chrome’s Security Update: Blocking Admin-Level Launches in Windows

Australian Human Rights Commission Data Breach: Technical Analysis and Impact