software
Faraday: Collaborative pen test and vulnerability management platform
Faraday is an integrated multi-user penetration testing environment that maps and leverages all the knowledge you generate in real time. It gives CISOs a better overview of …
Exploit for GNU wget RCE flaw revealed
Technical details about a serious vulnerability affecting all but the latest version of the GNU wget software have been released online, along with PoC exploit scenarios. …
ApocalypseVM ransomware decrypter released
AV company Emsisoft has added yet another ransomware decrypter tool to its stable: a decrypter for ApocalypseVM. The tool works on the latest versions of the ransomware in …
Pestudio: Initial malware assessment made simple
Malicious executables often attempt to hide their behavior and evade detection. By doing so, they present anomalies and suspicious patterns. Pestudio is a free tool that …
Tactical exploitation with Warberry Pi
WarBerry Pi was built for red team engagements where it’s essential to obtain as much information as possible in a short period of time, while going undetected. All you need …
Developing Hashcat, a tool for advanced password recovery
As general-purpose computing on graphics processing units (GPGPU) became more viable around 2009, professional software developer Jens “atom” Steube wanted to …
Google Chrome update includes 15 security fixes
Google has released Chrome 51.0.2704.79 to address multiple vulnerabilities for Windows, Linux, and OS X. Exploitation of some of these vulnerabilities may allow a remote …
Tor Browser 6.0 released
The Tor Browser lets you use Tor on Windows, OS X, or Linux without needing to install any software. It can run off a USB flash drive, comes with a pre-configured web browser …
Improving software security through a data-driven security model
The current software security models, policies, mechanisms, and means of assurance are a relic of the times when software began being developed, and have not evolved along …
Review: Signal for iOS
Open Whisper Systems’ Signal is an encrypted voice and text communication application available for Android and iOS. The technology is built upon the …
OWASP set to address API security risks
OWASP has started a new project and is set to publish a new guide on security risks. The issue they aim to tackle this time is API security. The new OWASP API Security Project …
The end of TeslaCrypt: Master decryption key released
The operators of TeslaCrypt ransomware have decided to close up shop and have published a master key that decrypts the files encrypted by the malware. They also wrote that the …
Featured news
Resources
Don't miss
- A new way to think about zero trust for workloads
- Heisenberg: Open-source software supply chain health check tool
- Securing real-time payments without slowing them down
- Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)
- CISA and partners take action as Microsoft Exchange security risks mount