Hey there, cybersecurity enthusiasts! Ever wondered how to up your game in subdomain enumeration? Well, we’ve got some exciting news. Subfinder, a tool you probably know and love, is now integrated with RedHunt’s Attack Surface Recon API. Yep, you heard that right, your favourite subdomain enumeration tool just got even better with more comprehensive results.
Category: Tool-Release
Introduction In the ever-evolving landscape of cybersecurity, staying ahead of potential threats is paramount. As the digital realm expands, so does the attack surface of organizations, presenting a challenge for…
Intro Typosquatting and phishing are quite a headache for businesses. Creating fake websites that look almost identical to legitimate ones has become a piece of cake for attackers. Experts can…
RedHunt Labs introduces BucketLoot – a cutting-edge, automated S3-compatible Cloud Object Storage bucket inspector designed to empower users in securing their data. BucketLoot offers an array of powerful features, allowing users to seamlessly extract valuable assets, detect secret exposures, and search for custom keywords and Regular Expressions within publicly-exposed storage buckets.
Wave 9 of Project Resonance was conducted to determine the security posture of the exposed Kubernetes clusters around the internet. Over 500,000 unsecured Kubernetes instances were discovered during the course of the research.
Web applications are the cornerstone of anything on the publicly accessible internet. Due to the complexities of the software development life cycle, developers tend to embed secrets within the source code of the applications. As the code-base enlarges, developers often fail to redact the sensitive data before deploying it to production.
Say Hi to Octopii, an AI-powered Personal Identifiable Information scanner that uses Tesseract’s Optical Character Recognition (OCR) and a MobileNet Convolutional Neural Network (CNN) model to detect various forms of Government IDs, passports, debit cards, driver’s licenses, photos, signatures, etc. Let’s take a closer look at how Octopii works and why it’s essential to look out for exposed PII throughout your assets.
The Spring4Shell (CVE-2022-22963) is a RCE vulnerability in the Spring framework affecting JDK versions >= 9. We analyse the vulnerability and exploits in detail in this blog.