Anthropic と OpenAI が拡大するフロンティア AI へのアクセス：専門家たちが懸念する問題点とは？ iototsecnews.jp/2026/06/03/a… このフロンティア AI モデルに関する記事は、 ソフトウェアのバグを自動で見つけて攻撃コードまで作成してしまう高度な AI の登場と、その悪用リスクに伴う各国の管理体制の動向を解説した内容となっています。この問題の本質は、守る側だけではなく、攻撃者にとっても強力な武器になり得るという、AI の二面性にあります。人間の処理能力を超えるスピードで大量の弱点を発見してしまうため、本番環境で意図しない動作やポリシー違反を引き起こすリスクがあります。 #AI #ML #Anthropic #Glasswing #OpenAI #SecTools #Vulnerability

Anthropic が Project Glasswing を拡大：Claude Mythos Preview を 150 組織へ提供 iototsecnews.jp/2026/06/02/a… 多くの組織のコードベースに潜む、高リスクなセキュリティ欠陥が問題視されています。この問題を引き起こす主な原因は、電力や医療といった重要インフラを支える広範なプログラムの中に、未発見の脆弱性が数多く取り残されていることにあります。さらに、メモリ・セーフティが約束されないレガシーコードの継続的な運用や、攻撃を防ぐための強固な安全対策が確立されない状態での高度な AI モデルの公開といったリスクも存在します。こうした潜在的な脆弱性がもたらすサイバー攻撃の脅威に対して、AI を活用した迅速な自動スキャンやパッチ適用による早期の根本解決が求められています。 #AI #ML #Anthropic #ClaudeMythosPreview #Glasswing #SecTools #Vulnerability

7AI が PLAID Elite を公開：SOC のための AI ベースのマネージド・セキュリティ・サービス iototsecnews.jp/2026/05/29/7… AI を悪用する攻撃者たちが、マシン・スピードで高度なサイバー攻撃を展開していることが、私たちに大きな問題をもたらしています。新しく発見された脆弱性を悪用する攻撃コードが、数時間という短期間で自動的に生成されてしまうため、人間の手だけでは防御が追いつかなくなっています。こうしたマシン・スピードの攻撃により、セキュリティ担当者に過度な負担が生じることが懸念されます。それに対抗するためには、AI エージェントを活用した自動化や分散型のアプローチが必要だと、この記事は主張しています。 #7AI #AI #ML #PLAIDElite #SecTools

BlackIce は AI ペンテスト環境：14 種類の AI セキュリティ・ツールを Docker コンテナで提供 iototsecnews.jp/2026/01/29/b… Databricks が CAMLIS Red 2025 で発表した BlackIce は、AI セキュリティ・ツールのセットアップに伴う複雑な工程や、依存関係の競合という、従来のレッドチームが直面してきた大きな障壁を解消する、画期的なオープンソース・ツールキットです。 これまで、AI システムのセキュリティ検証を行う際のエンジニアは、ツールごとに異なる Python の実行環境や Node.js のセットアップに膨大な時間を費やしていました。BlackIce は、Kali Linux の AIセキュリティ版とも言えるアプローチを採り、14 種類の主要なセキュリティ・ツールを単一の Docker コンテナに統合しています。これにより、ライブラリの衝突を気にすることなく、迅速にテスト環境を構築することが可能になります。 このツールキットは、Docker Hub を通じて提供されており、docker pullコマンドで容易に取得できます。 #AIML #BlackIce #Docker #SecTools

🛠️ New Tool: Audit #Salesforce Aura Aura framework misconfigurations can often leak data to unauthenticated guests. ☁️ @Mandiant's AuraInspector automates the recon & exploitation of these hidden flaws. ⚔️ Features: 🔹 Guest Access Enum 🔹 Endpoint Fuzzing 🔹 UI Bypass 💻 github.com/google/aura-inspe… #CloudBreach #AppSec #RedTeam #CloudSec #BugBounty #InfoSec #CyberSecurity #Pentesting #BlueTeam #SecTools #DevSecOps #Hacking #ThreatIntel #GoogleCloud #Automation

这起事件是欧加供应链安全失控与底层防护缺位的直接恶果——核心firehose文件泄露，暴露其权限管理与数据管控的低级疏漏，堪比“丢金库钥匙”。 所谓“OTA熔断”绝非主动防御，而是被动甩锅：用提升ARB版本的不可逆手段一刀切，将正常降级需求与恶意刷机混为一谈，本质是让用户为厂商失误买单，以剥夺用户系统选择权掩盖自身安全无能。危机中信息披露不透明，还放任谣言扩散，进一步暴露公关与安全治理的双重短板。 终端厂商重显性卖点、轻底层安全，把高通安全框架当“免死金牌”，却忽视供应链全链路管控，这种“重事后兜底、轻事前防范”的逻辑，完全背离安全本质。 酷安链接（原文作者就是我自己）：coolapk.com/feed/69935474 sectools下载：123912.com/s/bOG4vd-NBLA3

熔断的本质——一场欧加供应链安全失控与底层防护缺位却由用户担责的“闹剧” 前几个月有离职内鬼泄露了欧加大部分高通机型的firehose给ch***ra（奇美拉工具），导致ch***ra可以畅刷欧加真高通设备（不包含mtk、 不包含8 芯片、不包含一加15及以后型号），后有人从ch***ra提取了firehose，公布到互联网。再然后有人开发了更便捷的刷机工具可以方便的使用这些firehose，而oppo也采取了相应的措施，通过OTA更新禁止掉熔断这次免授权9008。 但熔断代码具体存在于全量包哪个分区？熔断后为什么既阻止了免授权edl却又阻止了用户正常降级？是否像网上某些人所说的是谷歌/骁龙下发了补丁来阻止这次泄露？“熔断EDL”和“反降级Anti-Rollback (ARB)”是否可以分开进行？ 本文将从代码层面深度分析和探索OTA是如何做到熔断的 首先，我们知道，要做到Anti-Rollback (ARB)，则理论上可以通过进入到bootloader内输入 fastboot getavar anti fastboot getavar rollback_index fastboot getavar all…… 等等，一般都能从免熔断升级（x.com/i/status/2013081490511…） 到Coloros16.0.3.501后再从bootloader处获取到ARB的版本 然而…… 很显然，欧加真为了防止用户对着版本降级屏蔽了fastbootd/bootloader对ARB查询的接口，且fastboot getavar all也没有输出任何关于反降级和熔断的任何信息（据我所知欧真加系是唯一一个这么做的厂商😡）（图一） 所以只能转换思路，从OTA全量包下手，将一加13的Coloros16.0.3.501解压后得到一个巨大的payload.bin，使用TIK工具箱将其解包后得到其中所包含的分区 ['system', 'system_ext', 'product', 'vbmeta_system', 'boot', 'init_boot', 'vendor_boot', 'recovery', 'vendor', 'vendor_dlkm', 'system_dlkm', 'odm', 'dtbo', 'vbmeta', 'vbmeta_vendor', 'xbl', 'xbl_config', 'engineering_cdt', 'uefi', 'aop', 'aop_config', 'tz', 'hyp', 'modem', 'bluetooth', 'abl', 'dsp', 'keymaster', 'spuservice', 'devcfg', 'qupfw', 'uefisecapp', 'imagefv', 'shrm', 'cpucp', 'featenabler', 'oplus_sec', 'splash', 'xbl_ramdump', 'pvmfw', 'cpucp_dtb', 'soccp_debug', 'soccp_dcd', 'pdp', 'pdp_cdb', 'oplusstanvbk', 'my_product', 'my_engineering', 'my_stock', 'my_heytap', 'my_carrier', 'my_region', 'my_bigball', 'my_manifest'] 然后，我们挑选一些很有可能是熔断代码所在的分区使用16进制编辑器HxD - Freeware Hex Editor and Disk Editor进行搜索字段 然而……我搜遍了abl,xbl,tz,uefi……等等分区均未能找到anti/rollback等字样……难道是被编译后混淆隐藏了？😡😡😡 那就不得不…… 逆向，启动！🤬 我使用老美的Ghidra工具，整个反编译了abl和xbl分区 然后我就傻眼了，我又是比较一加15的502版本的分区又是搜索字段，可读性代码确实多了，但都跟ARB毛关系都没有！🤬🤬愣是一点痕迹都找不到！ 然后迫不得已走投无路问了下DeepSeek鲸哥 DeepSeek表示：找不到明确字段的另一个深层原因， 机制本身可能已实现硬件化。 商通过熔断主板上的物理电子熔 CPU内部OTP寄存器值来实现防 这种硬件级别的版本号不会以可 现在任何软件镜像中，而是在启 ootloader读取硬件状态并与固件 期值比对。硬件级防回滚更彻底 级便无法逆转。 我了个豆，真是硬件级别的反熔断，oddo这招太狠了。如果没有专门的读取工具，根本无从知晓ARB的版本！挂不得无论怎么分析全量包都没有结果，因为真正熔断的代码在芯片内部，OTA全量包里只有字段，除非高通内部内鬼泄露安全工具否则根本无从得知ARB值在哪个字段、哪个img分区、哪个位置😢😢 所以……就真的束手无策了吗？😭😭😭 XDA，上号！ 在国际友人Soft_M的帮助下，我获得了一个工具sectools 我查了一下，查不到这个命令行工具的源码，只找到高通的一篇文档（docs.qualcomm.com/doc/80-700…），我只能说，懂的都懂😉😉😉 根据文档内的工具，我打开命令提示符CMD，将xbl_config.img放在和sectools.exe同一目录下，然后cd到那个目录，之后输入命令 sectools.exe secure-image --inspect xbl_config.img | findstr /C:"Anti-Rollback Version" 我发现一加15的502版本的xbl_config.img会返回（图四上半部分） 而一加13Coloros16.0.3.501的xbl_config.img则返回0x1 于是我测试了一加13Coloros16.0.3.501的其他分区，发现tz.img/uefi.img/xbl.img的值都返回了 Anti-Rollback Version: | 0x0 可见501版本不是XBL和ABL的Anti-Rollback发生了改变，而是xbl_config的Anti-Rollback值发生了改变，我们都错了🥵🥵🥵 由此得知，根本就没有什么谷歌/高通发布补丁，oddo就是通过增加ARB值并在全量包内更新EDL证书签名来废除掉泄露的免授权EDL签名（防止降级攻击） 而玩机佬也可以通过拆包后用Sectools来判断Anti-Rollback值是否增加，来判断之后的更新全量包是否会导致熔断了😋😋😋

Big thanks to @yesimxev for joining SecTools Podcast and sharing his journey into infosec & his long-time contributions to Kali NetHunter.

Here are secret websites for ethical hackers🌐💻⌨️ 1. Exploit Database 💻: Repository of exploits and vulnerabilities for ethical hacking. 2. Hack The Box 🔒: Platform for practicing penetration testing skills on vulnerable machines. 3. Metasploit Framework 🛠️: Open-source penetration testing framework for developing and executing exploits. 4. Packet Storm ☠️: Archive of security tools, exploits, and advisories for ethical hackers. 5. VulnHub 🧩: Provides downloadable vulnerable virtual machines for penetration testing practice. 6. Hack This Site 🎯: Offers a variety of challenges and missions to test hacking skills. 7. CTF365 🏆: Continuous Capture The Flag (CTF) platform for honing hacking skills. 8. Hack Forums 🌐: Community forum for discussing hacking techniques and sharing knowledge. 9. PentesterLab 📈: Provides hands-on exercises and labs for learning penetration testing techniques. 10. SecurityTube 📹: Platform offering video tutorials and courses on various security topics. 11. Offensive Security 🔓: Offers advanced penetration testing training and certifications. 12. XSS Game 🎮: Google's XSS (Cross-Site Scripting) testing platform for web security enthusiasts. 13. Pwnable.kr 💾: Platform for solving hacking challenges and improving skills. 14. DVWA (Damn Vulnerable Web Application) 🕸️: Web application intentionally designed to be vulnerable for practice. 15. Shellter 🐚: Dynamic shellcode injection tool for bypassing antivirus software. 16. PentesterAcademy 🎓: Provides online courses and labs for cybersecurity professionals. 17. Damn Small Vulnerable Web 🌐: Lightweight vulnerable web application for practicing web security. 18. RingZer0 Team Online CTF 🎯: Online capture the flag challenges for ethical hackers. 19. OverTheWire 🛡️: Provides a range of war games and challenges to improve hacking skills. 20. XSS Payloads 🚀: Collection of cross-site scripting payloads for testing web applications. 21. Hacksplaining 📚: Offers interactive lessons and tutorials on web security vulnerabilities. 22. CTFtime 🕒: Platform for finding upcoming Capture The Flag events and competitions. 23. Hack.me 🖥️: Provides a platform for creating and sharing vulnerable web applications. 24. Root Me 📊: Offers hacking challenges and exercises for improving cybersecurity skills. 25. Exploit-DB 📡: Database of exploits and vulnerability information for security researchers. 26. Google Hacking Database 🔍: Repository of Google dorks for finding vulnerable websites and information leaks. 27. Netcat 🌐: Swiss army knife tool for network debugging and penetration testing. 28. SecurityFocus 📃: Provides security advisories, vulnerabilities, and discussions for ethical hackers. 29. XSS Cheat Sheet 📝: Reference guide for cross-site scripting payloads and techniques. 30. Hacker Typer 🖥️: Simulates typing like a hacker for entertainment and demonstration purposes. 31. The XSS Rat 🐭: Online XSS scanner and exploitation tool for web security testing. 32. Shodan 🌐: Search engine for finding internet-connected devices and services. 33. Hackbar 🛠️: Firefox add-on for web security testing and exploitation. 34. Wireshark 📶: Open-source packet analyzer for network troubleshooting and security analysis. 35. SecurityHeaders.io 🛡️: Online tool for analyzing HTTP security headers of web applications. 36. XSS Hunter 🎯: Tool for tracking and capturing cross-site scripting attacks in real-time. 37. OWASP Juice Shop 🍹: Insecure web application for learning and practicing web security testing. 38. SecTools 🔧: Collection of security tools and resources for ethical hackers. 39. Malware Domain List 🦠: Provides a list of known malware domains for research and analysis. 40. XSS Payloads 🚀: Collection of cross-site scripting payloads and evasion techniques.

Do you know that 📈🐖 $PORK has consistently ranked in the top 15 on @DEXToolsApp every single week since its creation! 🚀 #Crypto #Blockchain #SecTools #PORKToken

Here are secret websites for ethical hackers: 1. Exploit Database 💻: Repository of exploits and vulnerabilities for ethical hacking. 2. Hack The Box 🔒: Platform for practicing penetration testing skills on vulnerable machines. 3. Metasploit Framework 🛠️: Open-source penetration testing framework for developing and executing exploits. 4. Packet Storm ☠️: Archive of security tools, exploits, and advisories for ethical hackers. 5. VulnHub 🧩: Provides downloadable vulnerable virtual machines for penetration testing practice. 6. Hack This Site 🎯: Offers a variety of challenges and missions to test hacking skills. 7. CTF365 🏆: Continuous Capture The Flag (CTF) platform for honing hacking skills. 8. Hack Forums 🌐: Community forum for discussing hacking techniques and sharing knowledge. 9. PentesterLab 📈: Provides hands-on exercises and labs for learning penetration testing techniques. 10. SecurityTube 📹: Platform offering video tutorials and courses on various security topics. 11. Offensive Security 🔓: Offers advanced penetration testing training and certifications. 12. XSS Game 🎮: Google's XSS (Cross-Site Scripting) testing platform for web security enthusiasts. 13. Pwnable.kr 💾: Platform for solving hacking challenges and improving skills. 14. DVWA (Damn Vulnerable Web Application) 🕸️: Web application intentionally designed to be vulnerable for practice. 15. Shellter 🐚: Dynamic shellcode injection tool for bypassing antivirus software. 16. PentesterAcademy 🎓: Provides online courses and labs for cybersecurity professionals. 17. Damn Small Vulnerable Web 🌐: Lightweight vulnerable web application for practicing web security. 18. RingZer0 Team Online CTF 🎯: Online capture the flag challenges for ethical hackers. 19. OverTheWire 🛡️: Provides a range of war games and challenges to improve hacking skills. 20. XSS Payloads 🚀: Collection of cross-site scripting payloads for testing web applications. 21. Hacksplaining 📚: Offers interactive lessons and tutorials on web security vulnerabilities. 22. CTFtime 🕒: Platform for finding upcoming Capture The Flag events and competitions. 23. Hack.me 🖥️: Provides a platform for creating and sharing vulnerable web applications. 24. Root Me 📊: Offers hacking challenges and exercises for improving cybersecurity skills. 25. Exploit-DB 📡: Database of exploits and vulnerability information for security researchers. 26. Google Hacking Database 🔍: Repository of Google dorks for finding vulnerable websites and information leaks. 27. Netcat 🌐: Swiss army knife tool for network debugging and penetration testing. 28. SecurityFocus 📃: Provides security advisories, vulnerabilities, and discussions for ethical hackers. 29. XSS Cheat Sheet 📝: Reference guide for cross-site scripting payloads and techniques. 30. Hacker Typer 🖥️: Simulates typing like a hacker for entertainment and demonstration purposes. 31. The XSS Rat 🐭: Online XSS scanner and exploitation tool for web security testing. 32. Shodan 🌐: Search engine for finding internet-connected devices and services. 33. Hackbar 🛠️: Firefox add-on for web security testing and exploitation. 34. Wireshark 📶: Open-source packet analyzer for network troubleshooting and security analysis. 35. SecurityHeaders.io 🛡️: Online tool for analyzing HTTP security headers of web applications. 36. XSS Hunter 🎯: Tool for tracking and capturing cross-site scripting attacks in real-time. 37. OWASP Juice Shop 🍹: Insecure web application for learning and practicing web security testing. 38. SecTools 🔧: Collection of security tools and resources for ethical hackers. 39. Malware Domain List 🦠: Provides a list of known malware domains for research and analysis. 40. XSS Payloads 🚀: Collection of cross-site scripting payloads and evasion techniques.

Here are secret websites for ethical hackers: 1. Exploit Database 💻: Repository of exploits and vulnerabilities for ethical hacking. 2. Hack The Box 🔒: Platform for practicing penetration testing skills on vulnerable machines. 3. Metasploit Framework 🛠️: Open-source penetration testing framework for developing and executing exploits. 4. Packet Storm ☠️: Archive of security tools, exploits, and advisories for ethical hackers. 5. VulnHub 🧩: Provides downloadable vulnerable virtual machines for penetration testing practice. 6. Hack This Site 🎯: Offers a variety of challenges and missions to test hacking skills. 7. CTF365 🏆: Continuous Capture The Flag (CTF) platform for honing hacking skills. 8. Hack Forums 🌐: Community forum for discussing hacking techniques and sharing knowledge. 9. PentesterLab 📈: Provides hands-on exercises and labs for learning penetration testing techniques. 10. SecurityTube 📹: Platform offering video tutorials and courses on various security topics. 11. Offensive Security 🔓: Offers advanced penetration testing training and certifications. 12. XSS Game 🎮: Google's XSS (Cross-Site Scripting) testing platform for web security enthusiasts. 13. Pwnable.kr 💾: Platform for solving hacking challenges and improving skills. 14. DVWA (Damn Vulnerable Web Application) 🕸️: Web application intentionally designed to be vulnerable for practice. 15. Shellter 🐚: Dynamic shellcode injection tool for bypassing antivirus software. 16. PentesterAcademy 🎓: Provides online courses and labs for cybersecurity professionals. 17. Damn Small Vulnerable Web 🌐: Lightweight vulnerable web application for practicing web security. 18. RingZer0 Team Online CTF 🎯: Online capture the flag challenges for ethical hackers. 19. OverTheWire 🛡️: Provides a range of war games and challenges to improve hacking skills. 20. XSS Payloads 🚀: Collection of cross-site scripting payloads for testing web applications. 21. Hacksplaining 📚: Offers interactive lessons and tutorials on web security vulnerabilities. 22. CTFtime 🕒: Platform for finding upcoming Capture The Flag events and competitions. 23. Hack.me 🖥️: Provides a platform for creating and sharing vulnerable web applications. 24. Root Me 📊: Offers hacking challenges and exercises for improving cybersecurity skills. 25. Exploit-DB 📡: Database of exploits and vulnerability information for security researchers. 26. Google Hacking Database 🔍: Repository of Google dorks for finding vulnerable websites and information leaks. 27. Netcat 🌐: Swiss army knife tool for network debugging and penetration testing. 28. SecurityFocus 📃: Provides security advisories, vulnerabilities, and discussions for ethical hackers. 29. XSS Cheat Sheet 📝: Reference guide for cross-site scripting payloads and techniques. 30. Hacker Typer 🖥️: Simulates typing like a hacker for entertainment and demonstration purposes. 31. The XSS Rat 🐭: Online XSS scanner and exploitation tool for web security testing. 32. Shodan 🌐: Search engine for finding internet-connected devices and services. 33. Hackbar 🛠️: Firefox add-on for web security testing and exploitation. 34. Wireshark 📶: Open-source packet analyzer for network troubleshooting and security analysis. 35. SecurityHeaders.io 🛡️: Online tool for analyzing HTTP security headers of web applications. 36. XSS Hunter 🎯: Tool for tracking and capturing cross-site scripting attacks in real-time. 37. OWASP Juice Shop 🍹: Insecure web application for learning and practicing web security testing. 38. SecTools 🔧: Collection of security tools and resources for ethical hackers. 39. Malware Domain List 🦠: Provides a list of known malware domains for research and analysis. 40. XSS Payloads 🚀: Collection of cross-site scripting payloads and evasion techniques.

Here are the top free cyber security certifications for 2024!! 1. 📜 **Cybrary Free Courses**: Offers various free courses covering cybersecurity fundamentals. 2. 🌐 **Google IT Support Professional Certificate**: Teaches essential IT skills including security basics. 3. 📚 **IBM Cybersecurity Analyst Professional Certificate**: Provides training in cybersecurity analysis and defense. 4. 🛡️ **Cisco Networking Basics Specialization**: Covers network security concepts and best practices. 5. 🌟 **Microsoft Azure Fundamentals**: Introduces cloud security concepts and Azure services. 6. 🎓 **Coursera Cybersecurity Specialization**: Offers a series of courses covering different aspects of cybersecurity. 7. 🛠️ **Splunk Fundamentals 1**: Provides training in using Splunk for security and IT operations. 8. 📝 **Open Security Training**: Offers free security training materials and courses. 9. 🧩 **Kali Linux Revealed**: Teaches penetration testing and ethical hacking using Kali Linux. 10. 🌐 **Cybersecurity Essentials by CISCO**: Covers foundational cybersecurity concepts and skills. 11. 📊 **SecurityTube Training**: Provides free videos and tutorials on various cybersecurity topics. 12. 📚 **Sans Cyber Aces Online**: Offers free online cybersecurity courses and challenges. 13. 🎓 **edX Cybersecurity MicroMasters Program**: Consists of multiple courses covering cybersecurity topics. 14. 🛠️ **OWASP WebGoat**: Teaches web application security concepts through hands-on exercises. 15. 📝 **CyberPatriot Cyber Camps**: Offers free cybersecurity camps for students interested in the field. 16. 🕵️ **The Honeynet Project Challenges**: Provides free challenges to test and improve cybersecurity skills. 17. 📚 **Cybersecurity Course by Stanford University**: Offers a free online course on cybersecurity fundamentals. 18. 🌟 **Cloudflare Learning Center**: Provides free resources on cybersecurity and web performance. 19. 📜 **US Department of Homeland Security Cybersecurity Training**: Offers free cybersecurity training materials. 20. 🛡️ **NIST Cybersecurity Framework Training**: Provides free resources on implementing the NIST framework. 21. 📝 **Cyber FastTrack by SANS Institute**: Offers free cybersecurity challenges and scholarships. 22. 🧩 **Hack The Box Challenges**: Provides free penetration testing challenges for learning and practice. 23. 🌐 **Cybrary Insider Pro Community**: Grants access to free cybersecurity courses and resources. 24. 📊 **HackThisSite Challenges**: Offers free challenges to test and improve hacking skills. 25. 🎓 **Cisco Networking Academy**: Provides free online courses on networking and security. 26. 🛠️ **PentesterLab**: Offers free exercises and tutorials for learning penetration testing. 27. 📝 **SecTools**: Provides free reviews and guides on cybersecurity tools and resources. 28. 🧩 **Exploit Database**: Offers free exploits and vulnerabilities for educational purposes. 29. 🌟 **MIT OpenCourseWare**: Provides free course materials on cybersecurity and computer science. 30. 📜 **Cyber Aces Online**: Offers free cybersecurity training and competitions. 31. 🛡️ **ESET Cybersecurity Awareness Training**: Provides free online training on cybersecurity awareness. 32. 📚 **Security Onion Training**: Offers free resources and training on network security monitoring. 33. 🌐 **Palo Alto Networks Cybersecurity Academy**: Provides free training on network security. 34. 📊 **DVWA (Damn Vulnerable Web Application)**: Offers a free web application for practicing web security testing. 35. 🎓 **SecurityTube Training**: Offers free video tutorials and courses on cybersecurity topics. 36. 🛠️ **Metasploit Unleashed**: Provides free training on using the Metasploit framework for penetration testing. 37. 📝 **SANS Cyber Aces Online**: Offers free online cybersecurity courses and resources. 38. 🧩 **OWASP Juice Shop**: Provides a free intentionally vulnerable web application for security testing.

Keep your friends close and your network scanner closer. KrustyLoader's not invited to our Linux party! 🎉🔍 #PartyPooper #SecTools linuxsecurity.com/news/hacks…

SecTools Podcast - Episode #52 Conversation with @mrexodia about @x64dbg. infoseccampus.com/podcast/se… #hackertools #sectools #ReverseEngineering #podcast

SecTools Podcast - Episode #51 Conversation with @Ch0pin about Medusa and Mobile Security. infoseccampus.com/podcast/se…

SecTools Podcast – Episode #50 Conversations with @AngelinaTsuboi about SatIntel, Fly Catcher and Aerospace Security. infoseccampus.com/podcast/se…

ℹ Za účasti zástupců CRoCS lab z Masarykovy univerzity proběhl na NÚKIB workshop k projektu IMPAKT SecTools. Tématem bylo diskové šifrování a zranitelnosti v generování náhody, projekt SecCerts nebo reverzní inženýrství pomocí odběrové analýzy. #jsmeNÚKIB

Doing some maintenance work for @InfoSecCampus SecTools Podcast in the next few days and preparing for a new year announcement. Stay tuned 🔔

1. Nmap 2. Wireshark 3. Metasploit 4. Burp Suite 5. Nikto 6. Aircrack-ng 7. Hydra 8. John the Ripper 9. Nessus 10. OpenVAS 11. Acunetix 12. OWASP ZAP 13. Snort 14. Kali Linux 15. Gobuster 16. SQLMap 17. Netcat 18. THC-Hydra 19. WiFite 20. Ettercap 21. W3af 22. BeEF 23. Nikto 24. Arachni 25. OWASP Amass 26. Medusa 27. Cain and Abel 28. XSStrike 29. THC-SSL-DOS 30. THC-IPV6 31. BruteSpray 32. DirBuster 33. Firewalk 34. Scapy 35. Hping 36. Nipper 37. Wfuzz 38. Enum4linux 39. SMBclient 40. Ncat 41. Tcpdump 42. Yersinia 43. THCaude 44. SMBenum 45. Dnswalk 46. Paros 47. Ratproxy 48. OWTF 49. HydraGTK 50. SecTools