Latest News


Quick Vulnerability Assessment of Web Application & Server

Today we going to emulate quick and simple vulnerability assessment of our web application with help of some open source security tools. List of tools we going to use is available below:
Blackwidow scanner


BlackWidow is a python based web application spider to gather subdomains, URL's, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer to scan dynamic...
What is penetration testing

What is penetration testing

Many companies without own security department or competencies ask what penetration testing is and why it is needed. First of all, I propose to sort out the question - what is it...
OWASP TOP10 2017

OWASP TOP10 2017

New OWASP TOP10 classification was improved with the latest trends in information security and web application security. Some points were removed, some new added or merged into one. Below we can see...
Masscan php mysql

Masscan: How to import results into MySQL with PHP

Many of you heard of such tool like masscan which doing network scanning really fast and can even scan the whole internet for a short period of time. This...
Online security testing services

Useful online services for penetration testers

Hey, did you know that to execute security checks on your server and web application you don't need any kind of tools to be installed locally ? Yes, right!...
Computer plate and flag of China

Chinese cyberspies hacked MSP, retailer and law firm in economic espionage campaign

The Chinese state-sponsored threat actor APT10 used stolen remote access software credentials to infiltrate the network of Norwegian managed services provider Visma last year, likely in an effort to launch secondary attacks against the...
Outdated android vulnerabilities

The most dangerous Android vulnerabilities for outdated versions

As you know, operating systems are developed by people. Some people, however, are confident that Android created reptilians, but this is not true: many errors were found in the Google mobile platform,...
Scanning with nmap

How to grab banners with nmap and scan for vulnerabilites

Nmap is very popular tool for security engineers. Nmap scan mostly used for ports scanning, OS detection, detection of used software version and in some other cases for example like vulnerability scanning. Let's see 2...
Sergei Yarets is free

Sergei Yarets is free! Revelations of Andromeda botnet operator Ar3s

"If the FBI, Interpol and the" K "arrived, they have something on me." That same hacker known as Ar3s from Rechitsa for the first time talks about his case with facts and numbers. Sergei Yarets, known...

Bug Bounty