Daily Live Feed

WebView2 Cookie Stealer The main advantage of using WebView2 for attackers is the rich functionality it provides when phishing for credentials and sessions. Stealing Chrome Cookies WebView2 allows you to launch with an existing... The post WebView2 Cookie Stealer: Attacking With WebView2 Applications appeared first on Penetration Testing. Read more »

reFlutter This framework helps with Flutter apps reverse engineering using the patched version of the Flutter library which is already compiled and ready for app repacking. This library has a snapshot deserialization process modified... The post reFlutter: Flutter Reverse Engineering Framework appeared first on Penetration Testing. Read more »

On June 30, 2022, GitLab officially issued a security notice to fix a vulnerability (CVE-2022-2185) in the Community Edition (CE) and Enterprise Edition (EE), with a CVSS score of 9.9. GitLab is an open-source... The post CVE-2022-2185: GitLab Remote Code Execution Vulnerability appeared first on Penetration Testing. Read more »

Verdict-as-a-Service Verdict-as-a-Service (VaaS) is a service that provides a platform for scanning files for malware and other threats. It allows easy integration in your application. With a few lines of code, you can start scanning... The post Verdict-as-a-Service v2.2 releases: Analyze files for malicious content appeared first on Penetration Testing. Read more »

Semgrep Semgrep is a command-line tool for offline static analysis. Use pre-built or custom rules to enforce code and security standards in your codebase. You can try it now with our interactive live editor. Semgrep combines the... The post semgrep v0.102 releases: Fast and syntax-aware semantic code pattern search appeared first on Penetration… Read more »

Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything... The post maltrail v0.47 releases: Malicious traffic detection system appeared first on Penetration Testing. Read more »

PHP malware scanner Traversing directories for files with php extensions and testing files against text or regexp rules, the rules-based on self-gathered samples and publicly available malwares/webshells. The goal is to find infected files... The post PHP malware scanner v1.0.15 releases: Scans PHP files for malwares and known threats appeared… Read more »

YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe)... The post YARA v4.2.2 releases, The pattern matching swiss knife appeared first on Penetration Testing. Read more »

GShark The project is based on golang with AdminLTE to build a management system to manage the Github search results. Github API has utilized to scrawl the related results according to keywords and some... The post gshark v0.9.8 releases: Scan for sensitive information in Github easily and effectively appeared first… Read more »

GoAccess GoAccess is an open-source real-time web log analyzer and interactive viewer that runs in a terminal on *nix systems or through your browser. It provides fast and valuable HTTP statistics for system administrators that require a visual server report... The post goaccess v1.6.1 releases: real-time web log analyzer and interactive viewer appeared first on Penetration… Read more »