Processor Vulnerability – Spectre

Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre Spectre is harder to exploit […]

Processor Vulnerability – Meltdown

Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system. If your computer has a vulnerable processor and runs an unpatched operating system, it is not […]

krack attack scripts released

krack attack is a pseudonym for key reinstallation attacks. Krack attack uses a vulnerability in WPA2 (Wi-Fi Protected Access II ) handshake process. Wpa2 is used to protect communication of wireless devices. wpa2 has a mechanism that permits devices to join the network with a pre-shared password and a four-way […]

Cyberprobe open source real time monitoring SIEM

Cyberprobe open source real time monitoring SIEM

The Cyberprobe project is an open-source distributed architecture for real-time monitoring of networks against attack. The software consists of two components: a probe, which collects data packets and forwards it over a network in standard streaming protocols. a monitor, which receives the streamed packets, decodes the protocols, and interprets the […]

ThreatPinchLookup, threat intelligence extension for Chrome

ThreatPinchLookup, threat intelligence extension for Chrome

ThreatPinchLookup supplies threat intelligence information on hover tool tips. Creates on hover tooltips for every website for IPv4, MD5, SHA2, CVE or any custom IOC you define. Designed to work with any API, customization encouraged. Its the infosec threat and OSINT swiss army knife for your browser. Investigate less by […]

Inspector.py privilege escalation utility

The Inspector is a handy privilege escalation utility. Features; -can find processes with root privilege -find exploits for your kernel version with builtin exploit database. -The Inspector also analyses history files to find login information. Download: wget https://raw.githubusercontent.com/graniet/Inspector/master/inspector.py usage: python inspector.py i think inspector is a handy utility which all […]

torcrack: ssh brute force over TOR

torcrack:  ssh brute force over TOR

torcrack is a penetration testing utility which tries to crack SSH passwords multi-threaded and over TOR network. argparse, PyFiglet, PySocks, Paramiko, tor installation git clone https://github.com/norksec/torcrack.git pip3 install pyfiglet pysocks paramiko argparse apt-get install -y tor usage Make sure the tor service is running: service tor restart python3 torcrack.py -h […]

rapid7/ metasploitable3 – a VM for metasploit.

Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities. It is intended to be used as a target for testing exploits with metasploit. Metasploitable3 is released under a BSD-style license. See COPYING for more details. Building Metasploitable 3 System Requirements: OS […]