Wow I seem to have missed a lot of updates lately. This time, I missed an update about WPXF. We now have the WordPress Exploit Framework v1.6.1 amongst us! This new version among other things updates a major bug that occurred while updating the framework and adds multiple new modules and payloads! Read more about UPDATE: WordPress Exploit Framework v1.6.1!
Tool Updates Archives:
I seem to have missed about two updates made to the this mass audit toolkit. My last post about the Leviathan Framework can be found here. We now have the latest - Leviathan Framework v0.1.2! Read more about UPDATE: Leviathan Framework v0.1.2!
If you remember, I had posted about this Red Teaming Hardware Implant in an earlier post. It now happens that it was updated and we now have WarBerryPi Version 5! As you remember, it is a Raspberry Pi based hardware implant allowing you to be stealthy during red teaming scenarios, exfiltrating information with speed. Read more about UPDATE: WarBerryPi Version 5!
Sometime early last month, I made a post about OSRFramework which was version 0.16.8. A new version of this open sources research framework was released at the recently concluded BlackHat 2017 conference. To be precise, it was released on Wednesday, July 26 in the OSINT Arsenal category and was versioned as OSRFramework 0.17.0. Read more about UPDATE: OSRFramework 0.17.0 BlackHat Arsenal Version!
About a month and half ago, Nmap 7.50 was released. Today, a few minutes ago - Nmap 7.60 was made available with SSH support, improved SMB2/SMB3 support by Paulino Calderon (@calderpwn), addition of 14 NSE scripts and a new Npcap version. Nmap is now the default tool to discover services running on a remotely connected system. None of us really need any introduction to this very popular “network mapper“. Read more about UPDATE: Nmap 7.60 Now Available!
My first post about this open source OWASP project was about an older version. This post discusses the changes made to the open source software composition analysis utility in the latest release yesterday. This is the OWASP Dependency-Check 2.1.0! What I like about this release is that the patch-level verification for Ruby Bundler has been proven conclusive and is now fully implemented. Read more about UPDATE: OWASP Dependency-Check 2.1.0!
My first post regarding this malicious Microsoft Office document generator was about an older version. However a few hours ago, an update was released - Luckystrike 2.0! Major highlights for this awesome release include full support for Microsoft Word in addition to a new COM scriptlet payload and Excel DDE infection support. Along with this, support for Invoke-Obfuscation is inbuilt! Read more about UPDATE: Luckystrike 2.0!