UPDATE: Sysdig Falco v0.15.0

PenTestIT RSS Feed
Three days ago, an updated version – Sysdig Falco v0.15.0 – was released. It has been some time since I last blogged about this open source behavorial activity monitor which has container support.  This release incorporates a lot of rule updates that are now also tagged the for MITRE ATT&CK Framework and patches CVE-2019-8339, a medium severity vulnerability.Read more about UPDATE: Sysdig Falco v0.15.0
The post UPDATE: Sysdig Falco v0.15.0 appeared first on PenTestIT.

Link: http://pentestit.com/update-sysdig-falco-v0-15-0/

FTP Fuzzer

This has been used to fuzz and discover a number of previously undisclosed bugs with FTP and other plain-text protocols. The project is hosted on github and can be found at the links below: https://github.com/nullsecuritynet/tools/blob/master/fuzzer/ftp-fuzz/release/ftp-fuzz.py

Link: https://www.thexero.co.uk/tools/ftp-fuzzer/

TFTP Fuzzer

This has been used to fuzz and discover a number of previously undisclosed bugs with TFTP and other simple UDP based protocols. The project is hosted on github and can be found at the links below: https://github.com/nullsecuritynet/tools/blob/master/fuzzer/tftp-fuzz/release/tftp-fuzz.py

Link: https://www.thexero.co.uk/tools/tftp-fuzzer/

The Canary Tool, Thinkst – Paul’s Security Weekly #601

Haroon Meer is the CEO and Researcher at Thinkst. He is coming on the show to talk about why hackers should create companies, and some of the technical details behind Thinkst’ tool Canary! Full Show Notes Follow us on Twitter: https://www.twitter.com/securityweekly Hosts             Announcements
The post The Canary Tool, Thinkst – Paul’s Security Weekly #601 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/Z9MoAvhZNmA/

UPDATE: MITRE CALDERA 2.0

PenTestIT RSS Feed
I read a tweet about two days ago and today, MITRE CALDERA 2.0 is out already! If you remember, I wrote briefly about this automated adversary emulation system in my post titled – List of Adversary Emulation Tools. This is a major update and this post is about the changes I personally see in thisRead more about UPDATE: MITRE CALDERA 2.0
The post UPDATE: MITRE CALDERA 2.0 appeared first on PenTestIT.

Link: http://pentestit.com/update-mitre-caldera-2-0/

UPDATE: Sysdig Falco v0.14.0

PenTestIT RSS Feed
Recently, an updated version – Sysdig Falco v0.14.0 – was released. It has been some time since I last blogged about this open source behavorial activity monitor which has container support. What is Sysdig Falco? Sysdig Falco is an open source, behavioral activity monitor designed to detect anomalous activity in your applications. This is projectRead more about UPDATE: Sysdig Falco v0.14.0
The post UPDATE: Sysdig Falco v0.14.0 appeared first on PenTestIT.

Link: http://feedproxy.google.com/~r/PenTestIT/~3/g1jJgLF7oGQ/

UPDATE: AutoSploit 3.0 – The New Year’s edition

PenTestIT RSS Feed
I wrote about AutoSploit in a post titled AutoSploit = Shodan/Censys/Zoomeye + Metasploit and it’s subsequent update to AutoSploit 2.2. Recently, AutoSploit 3.0 was released. This post tries to describe the changes between the last release and the newest version as this release adds a number of features and bug fixes. This release is codeRead more about UPDATE: AutoSploit 3.0 – The New Year’s edition
The post UPDATE: AutoSploit 3.0 – The New Year’s edition appeared first on PenTestIT.

Link: http://pentestit.com/update-autosploit-3-0-the-new-years-edition/

UPDATE: Kali Linux 2019.1 Release!

PenTestIT RSS Feed
Kali Linux 2019.1 is the latest Kali Linux release. This is the first 2019 release, which comes after Kali Linux 2018.4, that was made available in the month of October. This new release includes all patches, fixes, updates, and improvements since the last release – Kali Linux 2018.3, including a shiny new Linux kernel versionRead more about UPDATE: Kali Linux 2019.1 Release!
The post UPDATE: Kali Linux 2019.1 Release! appeared first on PenTestIT.

Link: http://pentestit.com/update-kali-linux-2019-1-release/

DetectionLab, Chris Long – Paul’s Security Weekly #593

    DetectionLab is a collection of Vagrant and Packer scripts that allows you to automate the creation of a small active directory network that is pre-loaded with endpoint security tooling and logging best practices with a single command. It’s cross-platform and the only requirements to bring up the lab are are Virtualbox / VMware […]
The post DetectionLab, Chris Long – Paul’s Security Weekly #593 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/mJc4L-kj7U4/

BEEMKA: Basic Electron Post-Exploitation Framework

PenTestIT RSS Feed
There are a lot of applications today that use Electron Framework, as it helps you build cross platform desktop apps with JavaScript, HTML, and CSS. Examples are applications such as Skype, Station, etc. A new post-exploitation framework – BEEMKA can now help you in maintaining access and exfiltration. What is BEEMKA? BEEMKA is a modular,Read more about BEEMKA: Basic Electron Post-Exploitation Framework
The post BEEMKA: Basic Electron Post-Exploitation Framework appeared first on PenTestIT.

Link: http://pentestit.com/beemka-basic-electron-exploitation-framework/