-
Pentests often have parts that can easily be automated. Some tools could be automatically triggered, parsed, and added as issue to a report.
#41 would allow us to protocol commands and their output…
-
## NixOS for Pentesting
This represents an effort to bring Security and Forensics software to NixOS, so that it can become a viable alternative to projects like Kali Linux and BlackArch.
Expect up…
-
All
While operating in a large SOC, we are trying to use RITA and have seen tremendous number of potential beacons from the "show beacons" command. What are some best practices for filtering resul…
-
## Actual behavior
Vulnerabilities are linked to a project and are either created manually from scratch or imported from tools integration.
## Expected behavior
Having a vulnerability databas…
-
## To register, companies must meet the following criteria:
* Deliver cybersecurity products or services, category definitions can be [found here](categories.md)
* Hold a valid Australian Business…
-
Hi! First of all, thank you for an awesome tool. Windapsearch and Impacket are by far the most useful tools for pentesting Windows from Linux machines. One thing it would be great to have is the optio…
-
- use cmd for interactive shell
- use argparse for parsing arguments
- implement laps password dumping
- implement msDS-ManagedPassword dumping
- redo query/add/modify/changeuser
-
**Describe the bug**
There are missing http security headers on, https://challenges.topcoder-dev.com .
**To Reproduce / Actual Behavior**
Steps to reproduce the behavior:
1. Go to 'https://chall…
-
**Is your feature request related to a problem? Please describe.**
I use distrobox to automatically create new containers for each pentest engagement I work on keeping the client files and data sepa…
-
We've been running a simple penetration test with https://pentest-tools.com/ against a RC 0.62 with NGINX reverse proxy. It reveals a security risk, as the `connect.sid` cookie does not have a `secur…
rasos updated
3 years ago