Blog

Latest news around the world

07

Dec'21

Building an Incident Response Process for SSRF Attacks by Gilad David Maayan

What is Server-Side Request Forgery (SSRF)? It is quite common for web applications to perform requests between HTTP servers, also …

Read More

06

Dec'21

OffensiveRust - Rust Weaponization for Red Team Engagements

OffensiveRust My experiments in weaponizing Rust for implant development and general offensive operations. Table of Contents OffensiveRust Why Rust? Examples in this …

Read More

24

Nov'21

SillyRAT - a Cross Platform multifunctional (Windows/Linux/Mac) RAT

Getting Started Description A cross platform RAT written in pure Python. The RAT accept commands alongside arguments to either perform …

Read More

19

Nov'21

Fhex - A Full-Featured HexEditor compatible with Linux/Windows/MacOS

This project is born with the aim to develop a lightweight, but useful tool. The reason is that the existing …

Read More

17

Nov'21

ATM Hacking: Advanced methods for finding security vulnerabilities by Anastasis Vasileiadis

The ATM is a machine that allows customers to make banking transactions without entering the bank. Using an ATM, the …

Read More

09

Nov'21

ddosify - a high-performance load testing tool, written in Golang

Features ✔️ Protocol Agnostic - Currently supporting HTTP, HTTPS, HTTP/2. Other protocols are on the way. ✔️ Scenario-Based - Create your flow in …

Read More

09

Nov'21

The Russian Kerbrute by Ivan Glinkin

The first thing every penetration tester performs getting into a controller domain subnet is to brute force discovery of users …

Read More

08

Nov'21

PeTeReport - open-source application vulnerability reporting tool

PeTeReport (PenTest Report) is an open-source application vulnerability reporting tool designed to assist pentesting/redteaming efforts, by simplifying the task of writting …

Read More

05

Nov'21

NetworKit - a growing open-source toolkit for large-scale network analysis

NetworKit is an open-source tool suite for high-performance network analysis. Its aim is to provide tools for the analysis of large …

Read More

04

Nov'21

GC2 - Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrate data using Google Drive

GC2 (Google Command and Control) is a Command and Control application that allows an attacker to execute commands on the …

Read More
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013