Tools

METASPLOIT CHEAT SHEET

Metasploit is a popular open-source framework for creating, testing, and deploying exploits. It is used by hackers (ethical and otherwise) and security researchers to test the security of machines, networks, and infrastructure.

Metasploit’s collection of exploits, payloads, and tools to conduct penetration testing can speed up the testing process and take on much of the heavy lifting…Read more

N-MAP COMMANDS CHEAT SHEET

N-map (“Network Mapper”) is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. N-map uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. N-map runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X…Read more

OFFENSIVE SECURITY TOOL: DONTGO403

DontGo403 by devploit is a tool designed to help Pentesters and Red Teams identify vulnerabilities in web servers that could be exploited to gain unauthorized access to resources. The tool does this by bypassing HTTP error code 403 responses, which are typically used to indicate that a user is not authorized to access a particular resource or webpage…Read more

Offensive Security Tool: Go365

Go365 by optiv, is a tool designed to help security professionals and researchers perform user enumeration* and password guessing attacks on organizations that use Office365. Go365 uses a unique SOAP API endpoint on login.microsoftonline.com that most other tools do not use. When queried with an email address and password, the endpoint responds with an Azure AD Authentication and Authorization code. This code is then processed by Go365 and the result is printed to screen or an…Read more

OSINT Tool: wholeaked

wholeaked by Utkusen, is designed to help individuals and organizations identify if their email addresses have been exposed in a data breach. The tool works by searching through a database of leaked email addresses and cross-referencing them with the email addresses provided by the user…Read more

Best Vulnerability Scanners for Kali Linux

You won’t be able to hack anything until you first define your attack surface. That is why you are interested in learning about the finest vulnerability scanners for Kali Linux… Read more

Chrome Zero-Day Vulnerability (CVE-2025-6554) Patched: Urgent Update Required

Malicious Chromium Extension Campaign Infects 722 Devices Across Multiple Countries

Chrome Extensions With 4 Million Installs Are Putting Your Privacy at Risk – How to Stay Safe

Mobile Security Crisis: Chinese Hackers Target iPhones

Popular Chrome Extensions Leak User Data via Unencrypted Connections

New Rust-Developed InfoStealer Drains Sensitive Data from Chromium-Based Browsers

New ransomware decryptor “White Phoenix”

BurpGPT – ChatGPT Powered Automated Vulnerability Detection Tool

Browser Hacking with BeEF

Best Vulnerability Scanners for Kali Linux

METASPLOIT CHEAT SHEET

N-MAP COMMANDS CHEAT SHEET

OFFENSIVE SECURITY TOOL: DONTGO403

Offensive Security Tool: Go365

OSINT Tool: wholeaked

Best Vulnerability Scanners for Kali Linux