Top 10 Most Used MITRE ATT&CK Tactics & Techniques In 2020

MITRE’s Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) is a curated knowledge base and model

Top 10 Most Exploited Vulnerabilities in 2020

We delved into the tons of vulnerability intelligence data we accumulated over the years. I

vFeed, Inc. Introduces Vulnerability Common Patch Format Feature

New Feature !Vulnerability Common Patch Format vFeed Vulnerability Intelligence Service was created to provide correlation

Efficiency of the Vulnerability Response With vFeed Intelligence

This paper is based on the report from Ponemon Institute “Costs and Consequences of Gaps

CVE In The Hook – Monthly Vulnerability Review (February 2020 Issue)

Almost for as long as computers have been around, there have been vulnerabilities and individuals

Fox Kitten -Iranian Espionage – leveraged 4 CVEs Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs

Security company ClearSky has released few days ago a very detailed report about Iranian hackers

Objective By The Sea & ToolsWatch To Organize The First Edition Of macOS “Aloha” Armory (CLOSED)

We are extremely pleased and excited to announce our recent partnership with the renowned Objective By The Sea to promote a security & hacking tools demonstration area exclusively macOS oriented....

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Introducing the 1st Arsenal Lab USA 2019

After several years of a dazzling success of the famous Black Hat Arsenal, the team has brainstormed to offer some new entertainment.Several ideas have been reviewed however the principle of an...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Purplemet Online Tool To Detect WebApp Technologies

Purplemet Security provides you an efficient and fast way to detect technologies used on web application as well their versions. It comes with 3 main features : Real-time Purplemet technology...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

T.rex_scan v0.2 – Integrate Tools to Audit Web Sites

T.rex_scan only facilitates the visualization when auditing a web page. With this script you can optimize your time, reducing the time you audit a page web since T.rex_scan executes the task you...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Enumdb Beta – Brute Force MySQL and MSSQL Databases

Enumdb is brute force and post exploitation tool for MySQL and MSSQL databases. When provided a list of usernames and/or passwords, it will cycle through each looking for valid credentials. By...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

GAN v1.0 – A SSL Subdomain Extractor

GetAltName (or GAN) is a tool that extracts sub-domains or virtual domains directly from SSL certificates found in HTTPS sites. It returns a handy list of sub-domains to ease the phase of information...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

PoT – Phishing on Twitter v0.1

PoT (Phishing on Twitter) is phishing tool. It is spoofing target’s friend and creating tweet like him. It all happens automatically. How it works? Collect data from target’s twitter...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

DNSTrails v1.0 – DNS intelligence database

DNSTrails is an intelligence database, featuring IP and Domain related data such as current and historical DNS records, current and historical WHOIS, technologies used, subdomains and the ability to...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]