Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Thursday, 28 September, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Obrela sponsors open-source Commix project

Created by Team Leader at Obrela Labs, Anastasios Stasinopoulos, the tool provides everything needed to perform command injection attacks

by Guru Writer
June 16, 2022
in Cyber Bites
GitHub screen
Share on FacebookShare on Twitter

Obrela Security Industries, a security analytics and cyber risk management services, has announced its sponsorship of Commix, an open-source pen-testing tool, to address command injection vulnerabilities. Obrela aims to address the emerging demand for end-to-end security services by offering an ‘umbrella’ of security solutions.

George Patsis, CEO, at Obrela Security Industries said that this sponsorship would would, “Provide penetration testers and information security researchers with everything they need in order to perform a successful command injection attack”.

Command injection attacks are one of the most common types of attacks on vulnerable applications. The Open Web Application Security Project Foundation found that injection attacks were the number 1 most common type of globally recognized web application security risks.

The method exploits vulnerable systems with insufficient input validation by forcing the application to execute arbitrary operating system (OS) commands and compromising the application and its data. A successful command injection attack can allow for the complete takeover of applications.

A prime example of a real, infamous command injection vulnerability that clearly depicts the threats of this type of code injection was the Shellshock bug which executed tens of thousands of attacks on vulnerable systems.

Commix, as a find and test tool, automates the process of locating and exploiting command injection vulnerabilities. The end goal allows end-users an automated way to find and address their application’s own weaknesses.

George Patsis, CEO at Obrela Security Industries: “In being able to perform such attacks, pen-testers give the InfoSec community the opportunity to adequately identify injection vulnerabilities and perform the necessary remediations to secure their applications”.

Commix is an open-source project whose base code is open and available to the wider InfoSec community. This not only enables trust in the product but allows the wider community on GitHub to expand its applications. As an open-source and modular command injection exploiter Commix allows end-users to adapt the tool to their specific applications needs and is compatible with other tools and frameworks.

 

FacebookTweetLinkedIn
ShareTweet
Previous Post

Survey Finds IT Leaders Eager to Eliminate Passwords

Next Post

New Zimbra Bug Allows Data Stealing With No User Interaction

Recent News

Guide to ransomware and how to detect it

Guide to ransomware and how to detect it

September 28, 2023
software security

Research reveals 80% of applications developed in EMEA contain security flaws

September 27, 2023
Cyber insurance

Half of organisations with cyber insurance implemented additional security measures to qualify for the policy or reduce its cost

September 27, 2023
Fraud and online banking

Akamai Research Finds the Number of Cyberattacks on European Financial Services More Than Doubled in 2023

September 27, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information