Aggregator

Researchers at CYFIRMA have issued a warning about a new wave of cyberattacks leveraging malicious Android applications disguised as legitimate banking clients. These apps are designed to steal user credentials, intercept messages, and execute...

The post New Android Banking Malware Targets Indian Banks: Steals Credentials, Intercepts OTPs via Fake Apps appeared first on Penetration Testing Tools.

ropr ropr is a blazing fast multithreaded ROP Gadget finder What is an ROP Gadget? ROP (Return Oriented Programming) Gadgets are small snippets of a few assembly instructions typically ending in a ret instruction which...

The post ropr: blazing fast multithreaded ROP Gadget finder appeared first on Penetration Testing Tools.

In the first half of 2025, researchers observed the active exploitation of a new malware loader known as CastleLoader. Since its emergence, this tool has become a central element in the distribution infrastructure for...

The post CastleLoader Unleashed: New Stealthy Malware Loader Leverages ClickFix & Fake GitHub for Widespread Infections appeared first on Penetration Testing Tools.

TerraformGoat TerraformGoat is HuoCorp research lab’s “Vulnerable by Design” multi-cloud deployment tool. Currently, supported cloud vendors include Alibaba Cloud, Tencent Cloud, Huawei Cloud, Amazon Web Services, Google Cloud Platform, and Microsoft Azure. Scenarios ID...

The post TerraformGoat: “Vulnerable by Design” multi cloud deployment tool appeared first on Penetration Testing Tools.

You must login to view this content

You must login to view this content

The Leak Zone forum — widely known as a hub for publishing and distributing hacked databases, stolen credentials, and pirated software — has ironically become the source of a major data breach. According to...

The post Leak Zone Forum’s Own Elasticsearch Database Exposed, Revealing 22M+ User Records appeared first on Penetration Testing Tools.