In the never-ending arms race between threat actors and defenders, automation and machine learning have become your ultimate weapons. Today, threat actors employ automation in countless ways to speed up their attacks and evade detection. Outpacing attackers requires the effective use of automation and machine learning. Years ago, our research …
Read More »Information gathering and correlation with Unicornscan on Kali Linux
Unicornscan is a new information gathering and correlation engine built for and by members of the security research and testing communities. It was designed to provide an engine that is Scalable, Accurate, Flexible, and Efficient. It is released for the community to use under the terms of the GPL license. …
Read More »Catching bad guys
Ever wondered how the good guys catch bad guys? I meant to say, what’s the process of catching bad guys who create virus, malware, crypto-lockers? It’s sort of a grey area and mostly not discussed very openly about the different methodologies used for Catching bad guys who create and distribute …
Read More »Create MITM Test Environment using Snifflab
Snifflab is a technical test environment for capturing and decrypting WiFi data transmissions. Snifflab creates a WiFi hotspot that is continually collecting all the packets sent over it. All connected clients’ HTTPS communications are subjected to a “Man-in-the-middle” attack, whereby they can later be decrypted for analysis. This article presents …
Read More »WPSeku – WordPress Security Scanner
WPSeku is a black box WordPress vulnerability scanner that can be used to scan remote WordPress installations to find security issues. Features of WPSeku WordPress Security Scanner WPSeku supports various types of scanning including: Testing for XSS Vulnerabilities Testing for SQL Injection Vulnerabilities Testing for LFI Vulnerabilities Bruteforce login via …
Read More »