Information Security News Blog
Entraspray Entraspray is a rewrite of MSOLSpray in Python. The main purpose of this tool remains the same: to perform password spraying against Microsoft Azure accounts while also providing detailed information about account status...
Concealment Layer – Reverse Proxy for Concealing and Deceiving Website Information CLay offers a unique and powerful feature that goes beyond traditional security measures. CLay takes deception to a new level by mimicking the...
MultCheck MultCheck is a malware-analysis tool that can be used to test the detection of a file by multiple AV engines. It is designed to be easy to use and to be able to...
Cookie dumper for Chrome and Edge CookieKatz is a project that allows operators to dump cookies from Chrome, Edge, or Msedgewebview2 directly from the process memory. Chromium-based browsers load all their cookies from the...
SploitScan SploitScan is a powerful and user-friendly tool designed to streamline the process of identifying exploits for known vulnerabilities and their respective exploitation probability. Empowering cybersecurity professionals with the capability to swiftly identify and...
FormThief FormThief is a project designed for spoofing Windows desktop login applications using WinForms and WPF. Windows Forms (WinForms) and Windows Presentation Foundation (WPF) are two powerful UI frameworks provided by Microsoft for building...
Hiado Cross-projects Repository permissions enumeration Tool for Azure DevOps What does Hiado do? Hiado is a Python script that helps you enumerate information about the repositories your organization manages within Azure DevOps. Particular focus...
The HTTP Garden The HTTP Garden is a collection of HTTP servers and proxies configured to be composable, along with scripts to interact with them in a way that makes finding vulnerabilities much easier....
Reconic | All-in-One Reconnaissance Tool Reconic is a network scanning and discovery tool designed to empower cybersecurity professionals and bug hunters in mapping, analyzing, and securing digital infrastructures. Features WHOIS Lookup: Automates the retrieval...
Brazilian banking institutions have become the target of a new campaign disseminating a specialized variant of the AllaKore remote access trojan (RAT) for Windows, named AllaSenha. This RAT is designed to steal credentials necessary...
Check Point has reported that since late April, cybercriminals have been actively exploiting a critical vulnerability in the Check Point VPN remote access system, allowing them to steal Active Directory data for further infiltration...
Recently, Netflix reported that since the launch of its Bug Bounty program in 2016, the streaming giant has paid researchers over one million dollars in rewards for identifying bugs and vulnerabilities in the company’s...