Stored XSS And SET ToolKit

Stored XSS is the most dangerous type of cross site scripting due to the fact that the user can be exploited just by visiting the web page where the vulnerability occurs.Also if that user happens to be the administrator of the website then this can lead to compromise the web application which is one of the…Read more Stored XSS And SET ToolKit

Deep Look Into a Chinese Advanced Attack

     “Many say the Chinese are behind many attacks on US companies. In this case, it is true. The Chinese have been successfully attacking this industry for years. We managed to detect and eradicate their attacks year after year and they up their game each time. The latest attack is more sophisticated and avoided many…Read more Deep Look Into a Chinese Advanced Attack

Moving Past Metasploit: Writing your first exploit

VIDEO BY Calvin Hedler So you want to be more than a script kiddy? Metasploit is useful, but it’s important to understand the _why_ and _how_ of exploiting software. A simple buffer overflow exploit provides a great opportunity to explore the process of writing exploits. With just a touch of coding, you can break things…Read more Moving Past Metasploit: Writing your first exploit

NoGoToFail: A Network Security Testing Tool For HTTPS And TLS/SSL Bugs

NoGoToFail: A Network Security Testing Tool For HTTPS and TLS/SSL Bugs. An on-path blackbox network traffic security testing tool. Nogotofail is a network security testing tool designed to help developers and security researchers spot and fix weak TLS/SSL connections and sensitive cleartext traffic on devices and applications in a flexible, scalable, powerful way. It includes…Read more NoGoToFail: A Network Security Testing Tool For HTTPS And TLS/SSL Bugs

Router Exploitation Toolkit – REXT

Router Exploitation Toolkit - REXT Small toolkit for easy creation and usage of various python scripts that work with embedded devices. core - contains most of toolkits basic functions databases - contains databases, like default credentials etc. interface - contains code that is being used for the creation and manipulation with interface modules - contains…Read more Router Exploitation Toolkit – REXT

KdExploitMe: A Kernel Driver To Practice Writing Exploits

KdExploitMe A kernel driver to practice writing exploits against, as well as some example exploits using public techniques. The intent of this driver is to educate security testers on how memory corruption issues in Windows kernel drivers can be exploited. Knowing how to exploit security issues allows security testers to prove that bugs are exploitable…Read more KdExploitMe: A Kernel Driver To Practice Writing Exploits