My older post about Prowler can be found here. This post is about an update made to the AWS CIS Benchmark Tool - Prowler 1.3! Read more about UPDATE: Prowler 1.3!
Open Source Archives:
If you read my last post about V1D0m and liked it, I'm sure you will LOVE this post. As you will remember, the older post was about subdomain enumeration using VirusTotal, this post is about enumerating subdomains and DNS information using the following services: CloudFlare, Censys & Crtsh using Python! Read more about Subdomain Enumeration Using Censys & Crtsh!
VirusTotal for long has provided a free online file and URL scanning service. Infact, I think it is THE site that started this kind of service more than 10 years ago. Wikipedia mentions that it was started in the year 2004! It also offers a "search" service which helps us to find more interesting details about a file hash or a URL. Leveraging this feature, we have an open source script called V1D0m! Read more about V1D0m: Enumerate Subdomains via Virustotal!
As PowerShell becomes more prevalent in the Windows environment, so will it's use for vulnerability assessment and penetration tests. I have covered a few of them earlier such as PowerSploit, PSAttack. However none of the ones I mentioned help you detect network vulnerabilities. That is set to change with NetworkRecon, a script that helps you find anomalies in observable network protocols. What is NetworkRecon? NetworkRecon is an open source PowerShell network reconnaissance module which will Read more about NetworkRecon: PowerShell to Identify Network Vulnerabilities!
This is a short post about an open source domain administrative dashboard finder - Cangibrina that is coded in Python. The name Cangibrina is Brazilian for Cachaça in local slang, which is a distilled spirit made from fermented sugarcane juice. Read more about Cangibrina: A Domain Admin Dashboard Finder!
An older post of mine - MicroSploit dealt with generating backdoored documents for the Office platform. This post is about another open source framework, called WinPayloads which helps you create custom malicious payloads for the Microsoft Windows operating system. Read more about WinPayloads: Generate Undetectable Windows Payloads!
My first post about this OWASP project can be found here. This post discusses the changes made to the open source software composition analysis utility in the latest release yesterday. This is the OWASP Dependency-Check 2.0.1! Read more about UPDATE: OWASP Dependency-Check 2.0.1!