Security

During the first week of January 2018, the world has been plunged into hot and anxious discussions concerning two newly discovered vulnerabilities in nearly all major ARM-based CPUs including smartphones, tablets, and some computers. The vulnerability itself even extends to the IBM’s POWER processors which run nearly all supercomputers! Starting …

RDPY is a Microsoft RDP Security Tool developed in pure Python with RDP Man in the Middle proxy support. This allows a user to record sessions and develop honeypot functionality. It supports both Microsoft RDP (Remote Desktop Protocol) protocol client and server side. RDPY supports standard RDP security layer, RDP …

Snifflab is a technical test environment for capturing and decrypting WiFi data transmissions. Snifflab creates a WiFi hotspot that is continually collecting all the packets sent over it. All connected clients’ HTTPS communications are subjected to a “Man-in-the-middle” attack, whereby they can later be decrypted for analysis. This article presents …

WPSeku is a black box WordPress vulnerability scanner that can be used to scan remote WordPress installations to find security issues. Features of WPSeku WordPress Security Scanner WPSeku supports various types of scanning including: Testing for XSS Vulnerabilities Testing for SQL Injection Vulnerabilities Testing for LFI Vulnerabilities Bruteforce login via …

It’s a rather embarrassing a bug that was discovered by developer Lemi Ergin that allows anyone to gain root access in macOS High Sierra with a blank password. Yes, all you need to do is just press enter enough times and you’re root. In fact everyone now using #iamroot just to …