Wifiphisher: Perform Automated Customized Phishing Attacks Against Wi-Fi Clients!

A human is the weakest link in cyber security and tools like Wifiphisher cement the fact. This tool exploits this weak link by launching a social-engineering attack leading the user to a phishing page and then you can get the users password or install your stuff.

Wifiphisher
Wifiphisher

Continue reading “Wifiphisher: Perform Automated Customized Phishing Attacks Against Wi-Fi Clients!”

Dagda: The Docker Security Suite!

The Docker security god must surely be smiling and thinking he must have done something right to have tools like Dagda that helps in performing static analysis of known vulnerabilities on Docker containers. If you did not get my “Docker security guard” analogy, I won’t blame you either. Google told me that Dagda is an important god of Irish mythology.

Dagda
Dagda

Continue reading “Dagda: The Docker Security Suite!”

Sysdig Falco: The Open Source Behavioral Activity Monitor!

Since my last posts (Anchore & Docker Scan) were about Docker security, I thought I should continue the trend and blog about Sysdig Falco, the open source behavioral activity monitor with container support.

Sysdig falco
Sysdig falco

Continue reading “Sysdig Falco: The Open Source Behavioral Activity Monitor!”

OWASP Dependency-Check: The Vulnerable Library Detector!

At work, I wanted to check if there were any vulnerabilities in the JAVA libraries that were being used. This is when I remembered of an old project – OWASP Dependency-Check. I was pleasantly surprised to see that it was still being updated and maintained by Jeremy Long.

OWASP Dependency-Check
OWASP Dependency-Check

It really did work for me and I ended up updating the few libraries that were being used in my project!
Continue reading “OWASP Dependency-Check: The Vulnerable Library Detector!”

Anchore – A Open Source Container Inspection & Analysis System!

Wow! It is raining container security suites now! What with our last post being about Dockerscan and this is about Anchore; a robust container analysis, inspection and control system. An automated tweet went out and Scott Francis alerted me about Anchore. I thought of checking it out and here we are.

Anchore
Anchore

Continue reading “Anchore – A Open Source Container Inspection & Analysis System!”

Dockerscan – A docker security analysis suite!

What better way to kick off the first blog post than talk about a tool which deals with Docker security. Docker is an open-source project that automates the deployment of applications inside software containers. These containers bundle up pieces of software in a complete filesystem that has everything it needs to run, so that you can package your applications into a singular unit. This is where Dockerscan comes into the picture.

Dockerscan
Dockerscan

Continue reading “Dockerscan – A docker security analysis suite!”

First post!

Hi there!

If you are reading this, that means you cared with what happened to the old PenTestIT. As a matter of factly, after we got hacked, I lost the persuasion of trying to come back.

PenTestIT
Le ‘ol PenTestIT

However, the desire of revival was strong all through these three years. With that in mind, I kept on renewing the domain even though I did not use it for anything. Some recent changes changed the desire into action and I went ahead to buy this VPS and brought the domain back online.

As you will see, none of the old content has been restored – that is how I want it to be.

That’s that! Here we go again. Hope to make ‘PenTestIT great again!’ 😉