RouterSploit: The Metasploit For Routers!

There are exploitation frameworks and then there is Metasploit. Though it has a few modules targeted towards embedded devices, it is your “general purpose” framework. If you are looking at a comprehensive¬†embedded devices/router exploitation framework you now have RouterSploit!

RouterSploit
RouterSploit: The Metasploit for Routers!

Continue reading “RouterSploit: The Metasploit For Routers!”

WPSeku: A Simple WordPress Security Scanner!

There are a lot of open source WordPress security scanners out there right now and WPSeku is one more of them. Since it’s release about a month ago, it has a few static cross-site scripting, local file inclusion and SQL injection strings which it tries to leverage while scanning a website.

WPSeku
WPSeku

Continue reading “WPSeku: A Simple WordPress Security Scanner!”

Leviathan: An All In One Security Audit Toolkit!

Fresh off the GitHub repository РLeviathan, an open source, wide-range  security audit toolkit that helps you with service discovery, brute force, SQL injection detection and running custom exploit. One of the guys behind this project is Utku Sen. If you remember he was the one who wrote open source ransomware РEDA2 and Hidden Tear.

Leviathan
Leviathan

Continue reading “Leviathan: An All In One Security Audit Toolkit!”

Acra: Database Protection With Encryption & Intrusion Detection!

This year at RSA, I remember meeting with a vendor who dealt with database security by encrypting the database. I forget the name, but found a open source project – Acra, which I think is a promising product if designed & developed right.

Acra
Acra

Continue reading “Acra: Database Protection With Encryption & Intrusion Detection!”