scanning
Scan Ruby-based apps for security issues with Dawnscanner
Dawnscanner is an open source static analysis scanner designed to review the security of web applications written in Ruby. Dawnscanner’s genesis Its developer, Paolo …
Components of an effective vulnerability management process
Vulnerabilities continue to grab headlines. Whether it is a zero-day that affects “tens of millions” servers around the globe or an old unpatched flaw that leads to a data …
Nmap 7.30: New NSE scripts, Npcap, fingerprints
Nmap 7.30 is the first stable release since 7.12 back in March. Apart from bug fixes, it comes with new features, including more NSE scripts, an improved version of Npcap …
Too many Cisco ASA boxes still open to an EXTRABACON attack
Among the Equation Group exploits leaked by the Shadow Brokers, the one named EXTRABACON that targets Cisco ASA devices got the most attention from security researchers and …
36000 SAP systems exposed online, most open to attacks
ERPScan released the first comprehensive SAP Cybersecurity Threat Report, which covers three main angles: Product Security, Implementation Security, and Security Awareness. …
Pwnie Express open sources IoT and Bluetooth security tools
Pwnie Express announced the availability of open sourced versions of its Blue Hydra and Android build system software. The release of these tools enable comprehensive …
Web application scanning with Htcap
Htcap is a free web application scanner that can crawl single page applications in a recursive manner by intercepting Ajax calls and DOM changes. The app is focused mainly on …
Which passwords to avoid for Internet-facing systems?
For the last year or so, Rapid7 has been collecting login credentials via “Heisenberg,” a network of low-interaction honeypots that the company has set up to analyze login …
The top 7 improvements in Nmap 7
Nmap 7 is the product of three and a half years of work, nearly 3200 code commits, and more than a dozen point releases since the big Nmap 6 release in May 2012.The top 7 …
Yahoo open-sources Gryffin, a large scale web security scanning platform
Yahoo has open-sourced Gryffin, a scanning platform for web applications.The developers’ goal was to create a security scanner that will be able to both discover as much …
Qualys announces free global asset inventory service
At Black Hat USA 2015, Qualys announced the availability of Qualys AssetView, a free cloud-based asset inventory service that enables companies to search for information on …
Akamai and Trustwave unite to protect businesses from online threats
Akamai Technologies, provider of content delivery network services, and managed security services firm Trustwave announced at Infosecurity Europe 2015 a new strategic alliance …