open source
Samba XSS and request forgery vulnerabilities
Two vulnerabilities have been reported in Samba, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks. 1. The Samba Web …
NetSecL Linux 3.2 released
NetSecL is a hardened, live and installable operating system based on OpenSuse suitable for desktop/server and penetration testing. Once installed you can fully enjoy the …
SSH client PuTTY 0.61 released
After four long years, here comes a new version of PuTTY, the popular free telnet/SSH client for Windows and Unix platforms. PuTTY 0.61 brings new features, bug fixes, and …
SquirrelMail multiple vulnerabilities
Multiple vulnerabilities have been reported in SquirrelMail, according to Secunia. These vulnerabilities can be exploited by malicious users to conduct script insertion …
CentOS 6.0 released
CentOS 6.0 for i386 and x86_64 architectures is now available. It is based on the upstream release EL 6.0 and includes packages from all variants. All upstream repositories …
Syringe: Windows injection utility
SecureState released Syringe, a general purpose injection utility for the windows platform. It supports injection of DLLs, and shellcode into remote processes as well as …
Faster password hashes cracking based on the DES algorithm on CPUs
Openwall released an updated version of John the Ripper, a password security auditing tool and open source project, providing the community with improvements in the …
Metasploit 3.7.2 adds 11 new exploits
Metasploit is a free, open source penetration testing solution. Metasploit now ships with 698 exploit modules, 358 auxiliary modules, and 54 post modules. 11 new exploits, 1 …
Wireshark 1.6.0 released
Wireshark is a popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education. The following features are new (or have been …
Wireshark 1.4.7 released
Wireshark is a popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education. The following vulnerabilities have been fixed: …
Web Application Attack and Audit Framework 1.0 released
The Web Application Attack and Audit Framework’s (w3af) goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. …
phpMyAdmin redirection weakness and script insertion vulnerability
A weakness and a vulnerability have been reported in phpMyAdmin, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to …
Featured news
Resources
Don't miss
- Building cyber talent through competition, residency, and real-world immersion
- Browser agents don’t always respect your privacy choices
- Anubis: Open-source web AI firewall to protect from scraper bots
- Session tokens give attackers a shortcut around MFA
- AI isn’t one system, and your threat model shouldn’t be either