Archive for the ‘Open-Source’ Category

Bypassing Lockscreen Vulnerability on Ubuntu 14.04 Patched

On the 16th of April a vulnerability report has been issued for Ubuntu operating system that allow user to bypass lock screen interface password protection. The system can be accessed without authorization, payload or any code while all what you need to do is just to hold the ENTER button which seems to be unusual [...]

Share

WPScan WordPress Vulnerability Scanner

New version of the wordpress security assessment tool – WPScan, the tool already included in many popular pentest distributions such as BackBox Linux, Kali Linux ,Pentoo and SamuraiWTF. The new release is 2.4 include new fingerprints for WP 3.8.3 & 3.7.3, 3.9 and addition vulnerabilities for wordpress CMS. There is also update for the theme [...]

Share

DSploit Android Toolkit for Security Testing

dSploit is a very comfortable tool that you can install on Android to run a pentest or network security assessment. The toolkit allows fingerprinting the remote operating systems and identifying different hosts, scans the network for system vulnerabilities and performing MITM to sniff sensitive information such as user’s password. The features included in dSploit are: [...]

Share

Faker script to generate fake data

Sometimes you need to generate big number of fake data that should look legitimate for other user.you can consider Faker for such purpose, Faker is a Python package that generates fake data for you. Whether you need to bootstrap your database, create good-looking XML documents, fill-in your persistence to stress test it, or anonymize data taken [...]

Share

Surku – mutation-based fuzzer

Fuzz testing is widely used in auditing application by providing some invalid or random data to see how the application will be working with such behavior. The testing usually is automated using some open source program that may assist in fuzzing and monitoring the application in case of crash. One of the tools that you [...]

Share
iOS

Snoop-it tool to assist security assessments and dynamic analysis of iOS Apps

iOS applications may contain security risk that expose user’s sensitive information to attackers. Auditing programs used on mobile devices is important to make sure that they are safe and do not contain security vulnerabilities. Snoop-it is a tool that you can consider for analyzing mobile applications and debugging the software packages. Some of the features [...]

Share

Brakeman – Rails Security Scanner

Code static analysis in applications is important to identify security vulnerabilities. if you need to check Ruby on Rails it is possible to use Brakeman. The project is intended to verify the security troubles in Ruby on Rails web framework source code at any phase of the development. It works on Rails 2.x, 3.x, and [...]

Share