Search Results for “Testing” – Page 15

Server Side Template Injection Payloads

July 6, 2020

[sc name=”ad_1″] Server-side template injection is when an attacker is able to use native template syntax to inject a malicious payload into a...

UsoDllLoader - Windows - Weaponizing Privileged File Writes With The Update Session Orchestrator Service

Exploitation Tools

UsoDllLoader – Weaponizing Privileged File Writes With The Update Session Orchestrator Service

July 3, 2020

Add Comment

[sc name=”ad_1″] 2020-06-06 Update: this trick no longer works on the latest builds of Windows 10 Insider Preview. This means that, although it...

Video Tutorials • Web Application Security

How to Scan a Web Application for XSS Vulnerability using XSpear

June 30, 2020

Add Comment

[sc name=”ad_1″] What is cross-site scripting (XSS)? Cross-site scripting (also known as XSS) is a web security vulnerability that allows an...

Kube-Bench - Checks Whether Kubernetes Is Deployed According To Security Best Practices As Defined In The CIS Kubernetes Benchmark

Security Tools

Kube-Bench – Checks If Kubernetes Is Deployed According To Security Best Practices

June 30, 2020

Add Comment

[sc name=”ad_1″] kube-bench is a Go application that checks whether Kubernetes is deployed securely by running the checks documented in the CIS...

Network Tools

Espionage – A Network Packet And Traffic Interceptor For Linux

June 28, 2020

Add Comment

[sc name=”ad_1″] Espionage is a network packet sniffer that intercepts large amounts of data being passed through an interface. The tool allows...

Security Tools • System Administration

Lynis 3.0.0 – Security Auditing Tool for Unix/Linux Systems

June 23, 2020

Add Comment

[sc name=”ad_1″] We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of...

Information Gathering

OSS-Fuzz – Continuous Fuzzing Of Open Source Software

June 21, 2020

Add Comment

[sc name=”ad_1″] Fuzz testing is a well-known technique for uncovering programming errors in software. Many of these detectable errors, like buffer...

Axiom - A Dynamic Infrastructure Toolkit For Red Teamers And Bug Bounty Hunters!

Information Gathering

Axiom – Infrastructure Toolkit For Red Teamers And Bug Bounty Hunters

June 16, 2020

Add Comment

[sc name=”ad_1″] Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty and pentesting. Axiom right...

URLCrazy - Generate And Test Domain Typos And Variations To Detect And Perform Typo Squatting, URL Hijacking, Phishing, And Corporate Espionage

Exploitation Tools

URLCrazy – Detect & Perform Typo Squatting, URL Hijacking, Phishing, And Corporate Espionage

June 10, 2020

Add Comment

[sc name=”ad_1″] URLCrazy is an OSINT tool to generate and test domain typos or variations to detect or perform typo squatting, URL hijacking...

Vault - A Tool For Secrets Management, Encryption As A Service, And Privileged Access Management

Exploitation Tools

Vault – Secrets Management, Encryption As A Service, And Privileged Access Management

June 1, 2020

Add Comment

[sc name=”ad_1″] Please note: We take Vault’s security and our users’ trust very seriously. If you believe you have found a security...

Search Results For - Testing

Server Side Template Injection Payloads

UsoDllLoader – Weaponizing Privileged File Writes With The Update Session Orchestrator Service

How to Scan a Web Application for XSS Vulnerability using XSpear

Kube-Bench – Checks If Kubernetes Is Deployed According To Security Best Practices

Espionage – A Network Packet And Traffic Interceptor For Linux

Lynis 3.0.0 – Security Auditing Tool for Unix/Linux Systems

OSS-Fuzz – Continuous Fuzzing Of Open Source Software

Axiom – Infrastructure Toolkit For Red Teamers And Bug Bounty Hunters

URLCrazy – Detect & Perform Typo Squatting, URL Hijacking, Phishing, And Corporate Espionage

Vault – Secrets Management, Encryption As A Service, And Privileged Access Management

Topics