scanning
Telegram-based Katyusha SQL injection scanner sold on hacker forums
Despite regularly achieving one of the top spots on the OWASP Top 10 list of the most critical web application security risks, injection vulnerabilities continue to plague …
Eternal Blues: A free EternalBlue vulnerability scanner
It is to be hoped that after the WannaCry and NotPetya outbreaks, companies will finally make sure to install – on all their systems – the Windows update that …
Intel’s CHIPSEC can detect CIA’s OS X rootkit
As details about CIA’s hacking capabilities and tools are, bit by bit, popping to the surface, companies are trying to offer users some piece of mind. In the wake of …
Qualys and Bugcrowd bring automation, crowdsourcing to web app security
At RSA Conference 2017, Qualys and Bugcrowd announced joint development integrations allowing joint customers the ability to share vulnerability data across automated web …
Irregular application testing: App security in healthcare
Nearly half (45%) of NHS trusts scan for application vulnerabilities just once a year, with less only 8% doing so on a daily basis, according to Veracode. This potentially …
Scan Ruby-based apps for security issues with Dawnscanner
Dawnscanner is an open source static analysis scanner designed to review the security of web applications written in Ruby. Dawnscanner’s genesis Its developer, Paolo …
Components of an effective vulnerability management process
Vulnerabilities continue to grab headlines. Whether it is a zero-day that affects “tens of millions” servers around the globe or an old unpatched flaw that leads to a data …
Nmap 7.30: New NSE scripts, Npcap, fingerprints
Nmap 7.30 is the first stable release since 7.12 back in March. Apart from bug fixes, it comes with new features, including more NSE scripts, an improved version of Npcap …
Too many Cisco ASA boxes still open to an EXTRABACON attack
Among the Equation Group exploits leaked by the Shadow Brokers, the one named EXTRABACON that targets Cisco ASA devices got the most attention from security researchers and …
36000 SAP systems exposed online, most open to attacks
ERPScan released the first comprehensive SAP Cybersecurity Threat Report, which covers three main angles: Product Security, Implementation Security, and Security Awareness. …
Pwnie Express open sources IoT and Bluetooth security tools
Pwnie Express announced the availability of open sourced versions of its Blue Hydra and Android build system software. The release of these tools enable comprehensive …
Web application scanning with Htcap
Htcap is a free web application scanner that can crawl single page applications in a recursive manner by intercepting Ajax calls and DOM changes. The app is focused mainly on …