Caido.io

Caido.io is a lightweight web security auditing toolkit. According to the documentation: Caido is available as both a desktop application and a standalone command-line interface (CLI) binary, offering users the flexibility to choose the installation method that best suits their needs. Pricing The basic version of this tool is free to use but has some limitations. Install Here we will cover the Desktop version, for more installation options (VPS or

Cvemap from ProjectDiscovery

Introduction Cvemap is a new tool developed by Project Discovery to deliver a structured and easily navigable interface to Common Vulnerabilities and Exposures (CVEs) within multiple databases. It takes a comprehensive approach to prioritize CVEs, moving beyond the usual Common Vulnerability Scoring System (CVSS) score. It looks at aspects like how likely a vulnerability can be exploited, critical deadlines, probability assessments, and real-world exploit data. Cvemap integrates diverse and high-value

Parrot OS 6.0 Revealed

Last week, one of the premier security-oriented operating systems received a significant upgrade to version 6.0. Updates Main System Raspberry Pi Images Alternate Install Script Architect Upgrading from a Previous Version Now, it’s time to either upgrade your existing system or install Parrot OS 6.0 if you haven’t already. For more details, visit the official Parrot website and explore the documentation site.

Packet Crafting and Network Exploration with Scapy

According to its main page, Scapy is a powerful interactive packet manipulation library written in Python. Scapy is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. https://scapy.net/ Install Depending on your OS and the installation method you want to use there are several options to install Scapy. pip install scapy sudo apt

ZXPY – Shell scripts made simple

Zxpy is a tool that simplifies the integration of shell commands into Python, making your scripting experience smoother and more efficient. Installation ❯ pip install zxpy If you have pipx installed, you can try out zxpy without installing it, by running: ❯ pipx run zxpy If you have an Arch-like distro you can as well use AUR ❯ yay -Ss zxpy ❯ yay -S zxpy Basic Usage ❯ nvim script.py❯

OWASP Juicy Shop – Score Board Challenge

Some time ago we explained how to install the OWASP Juicy Shop. This first post of 2024 will explain how to start with this nice vulnerable application. The first step is finding the scoreboard. To find it, we observe several matches in the Javascript files using the browser inspector just searching for «score».Checking some of those matches we can find a promising option: /score-board If we test it: http://localhost:3000/#/score-board we

Merry Catmas! See You After the Holidays

Hi everyone! We wish you a wonderful pawsome Christmas. Thank you for being part of our community this year. To celebrate the holidays, we’re taking a short break. There are no new articles for now, but we’ll return with fresh content soon! Have a merry Christmas and a happy New Year! See you in 2024. Warm wishes from rffuste.com

AWS Penetration Testing Checklist

Today I will share a nice AWS pentest checklist I found at https://guide.offsecnewbie.com/cloud-pentesting. You can find on this site much information and notes from many other aspects such as Recon phases, attack types, shells, SQL, password cracking… It is worth checking out.

Kali 2023.4

2023 is coming to its end but before that, it’s time again to update our Kalis with version 2023.4 What can be found in this new version? How to update an existing installation:(As described in the Kali blog post)

Lazynvim

LazyVim is a Neovim setup powered by lazy.nvim to make it easy to customize and extend your config. LazyVim is a curated configuration for Vim that integrates various plugins, settings, and key mappings to simplify the Vim experience. By bundling together popular plugins and optimizing configurations, LazyVim provides a powerful, ready-to-use setup that eliminates the hassle of manually configuring Vim. Based on lazyvim install documentation: Install For Arch-based systems: For Debian-based systems: