Venom is a payload generating framework that uses msfvenom to create shellcodes for different operating systems and … [Read More...]
Featured Articles
Why Formula | CSV Injection – is a dangerous vulnerability
Today, almost every other web application provides its admins and users the facility to export or import data as a … [Read More...]
Nessus VS OpenVAS Advantages and Disadvantages Explained
When looking at the battle between Nessus VS OpenVAS for the best vulnerability scanner it may be hard to determine … [Read More...]
Latest Blog Updates
Loading...Why Venom Is The Ultimate Payload and Shellcode Generator
Venom is a payload generating framework that uses msfvenom to create shellcodes for different operating systems and environment. Msfvenom is a Metasploit utility that combines payloads generation and encoding techniques. Venom can generate payloads (shellcodes) in different formats, such as Python, Ruby, C, DLL, MSI (Microsoft Installer), HTA (HTML Application), and PSH. The shellcodes are transformed into executable files with the help of compilers like Pyinstaller, mingw32, and gnu cross compiler (gcc). Venom framework provides two payload delivery options. We can drop payload either through a fake web link … [Read More...]
Why A2SV is the best tool to Find SSL Vulnerabilities Automatically
A2SV is an open-source Python tool that automatically scans SSL vulnerabilities including CCS injection, HeartBleed, FREAK, Logjam, CRIME, Anonymous Cipher, SSL v2 Drown, and SSL v3 POODLE. CCS is a short form of ChangeCipherSpec messages exchanged during SSL connection. CCS messages indicate that the communication between two nodes (machines) is encrypted now. CCS is however vulnerable to eavesdropping, allowing the attacker to enforce weak SSL keys. The attacker, later on, can decrypt theses weak keys. HeartBleed is an OpenSSL cryptographic software library vulnerability that makes it easier to steal the … [Read More...]
Why Formula | CSV Injection – is a dangerous vulnerability
Today, almost every other web application provides its admins and users the facility to export or import data as a CSV/XLS/Spreadsheet file. This makes it very easy for users and admins to import or migrate this data to other websites or apply different operations to their data in Excel. Users and admins can also archive and backup their important data using this feature. This, however, can result in a dangerous vulnerability that can be used to compromise other's systems. This happens because of web applications taking inputs from users and exporting them without sanitizing them. And also queries in CSV/Excel … [Read More...]
Why this pentesting tool Morpheus is just like the character in the movie
Remember the movie the Matrix and the character Morpheus? He helped guide the other good characters in the movie and really helped bring all the good things that happened together. Well, the tool Morpheus for pentesting is similar to that in that it makes use of some great other tools and brings out the best in them. Morpheus is an open-source penetration testing tool that follows MAN IN THE MIDDLE (MITM) attack approach. The tool makes use of different back-end technologies like Ettercap, TCPKill, Msgsnarf, and Urlsnarf to launch a MITM attack and manipulate TCP/UDP data. Morpheus can automatically perform … [Read More...]
Why These Data Analytics Certifications Are Game Changers
Data analytics is huge now with so much unlimited career potential it is something you absolutely should be taking a look at if you are interested at all in the topic. We will explain more on what data analytics is but you should also know there are a couple key certifications you can get to further your career in this area as well. Data analytics is the process of transforming raw data into meaningful information. The process involves different tasks, such as inspecting, interpreting, filtering, modeling, and mapping data. Data can be classified into two generic categories i-e normal and big data. Big data … [Read More...]
Like Us On Facebook
Become a Member
