Yearly Archives: 2019

Syhunt Community 6.7 – Web And Mobile Application Scanner

Syhunt Community is a web and now mobile application security scanner. Syhunt is able to scan any kind of application source code for potential security vulnerabilities, pinpointing the exact lines of the code that need to be patched. Or you can simply enter a start URL and get detailed vulnerability …

Read More »

New Critical Exim Flaw Exposes Email Servers to Remote Attacks — Patch Released

A critical security vulnerability has been discovered and fixed in the popular open-source Exim email server software, which could allow a remote attacker to simply crash or potentially execute malicious code on targeted servers. Exim maintainers today released an urgent security update—Exim version 4.92.3—after publishing an early warning two days ago, giving system administrators …

Read More »

PlaystoreDownloader – A command line tool to download Android applications directly from the Google Play Store.

This project is intended for learning purposes only and is not affiliated with Google in any way. Configuration Before interacting with the Play Store you have to provide valid credentials and an ANDROID ID associated to your account. Please modify the credentials.json file and insert the required information before trying to use this tool: …

Read More »

Obfuscapk – A black-box obfuscation tool for Android apps

Obfuscapk is a modular Python tool for obfuscating Android apps without needing their source code, since apktool is used to decompile the original apk file and to build a new application, after applying some obfuscation techniques on the decompiled smali code, resources and manifest. The obfuscated app retains the same functionality as the original one, …

Read More »

safeside – A project to understand and mitigate software-observable side-channels

SafeSide is a project to understand and mitigate software-observable side-channels: information leaks between software domains caused by implementation details outside the software abstraction. Unlike other side-channel attacks — e.g. measuring power use or electromagnetic emissions — software-observable side-channels don’t require physical access or proximity. Our early focus is on transient execution attacks and leaks from software cryptography …

Read More »