Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Wednesday, 22 March, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Obrela sponsors open-source Commix project

Created by Team Leader at Obrela Labs, Anastasios Stasinopoulos, the tool provides everything needed to perform command injection attacks

by Guru Writer
June 16, 2022
in Cyber Bites
GitHub screen
Share on FacebookShare on Twitter

Obrela Security Industries, a security analytics and cyber risk management services, has announced its sponsorship of Commix, an open-source pen-testing tool, to address command injection vulnerabilities. Obrela aims to address the emerging demand for end-to-end security services by offering an ‘umbrella’ of security solutions.

George Patsis, CEO, at Obrela Security Industries said that this sponsorship would would, “Provide penetration testers and information security researchers with everything they need in order to perform a successful command injection attack”.

Command injection attacks are one of the most common types of attacks on vulnerable applications. The Open Web Application Security Project Foundation found that injection attacks were the number 1 most common type of globally recognized web application security risks.

The method exploits vulnerable systems with insufficient input validation by forcing the application to execute arbitrary operating system (OS) commands and compromising the application and its data. A successful command injection attack can allow for the complete takeover of applications.

A prime example of a real, infamous command injection vulnerability that clearly depicts the threats of this type of code injection was the Shellshock bug which executed tens of thousands of attacks on vulnerable systems.

Commix, as a find and test tool, automates the process of locating and exploiting command injection vulnerabilities. The end goal allows end-users an automated way to find and address their application’s own weaknesses.

George Patsis, CEO at Obrela Security Industries: “In being able to perform such attacks, pen-testers give the InfoSec community the opportunity to adequately identify injection vulnerabilities and perform the necessary remediations to secure their applications”.

Commix is an open-source project whose base code is open and available to the wider InfoSec community. This not only enables trust in the product but allows the wider community on GitHub to expand its applications. As an open-source and modular command injection exploiter Commix allows end-users to adapt the tool to their specific applications needs and is compatible with other tools and frameworks.

 

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Survey Finds IT Leaders Eager to Eliminate Passwords

Next Post

New Zimbra Bug Allows Data Stealing With No User Interaction

Recent News

security

What Is Observability, And Why Is It Crucial To Your Business?

March 21, 2023
Organisational Cybersecurity.jpg

How Emerging Trends in Virtual Reality Impact Cybersecurity

March 21, 2023
Nominations are Open for 2023’s European Cybersecurity Blogger Awards

Nominations are Open for 2023’s European Cybersecurity Blogger Awards

March 20, 2023
TikTok to be banned from UK Government Phones

TikTok to be banned from UK Government Phones

March 17, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information