Introducing scans2any: A Smarter Way to Merge Network Scans
Mar 19, 2025 2 minutessoftScheck proudly announces the open-source release of scans2any, a powerful tool for merging and formatting network scan results.
softScheck proudly announces the open-source release of scans2any, a powerful tool for merging and formatting network scan results.
Drones are becoming increasingly popular, but they are also vulnerable. Hackers can take control of a drone, steal its data, or even crash it. We explored possible attacks and countermeasures against civilian UAVs.
During a security test at one of our customers, we came across a web application with integrated helpdesk software. In this context, we identified a critical zero-day vulnerability in Zammad's software. This existed because Zammad did not …
On November 24th a critical vulnerability in Log4j was reported to Apache. It was later made public under the name Log4Shell (CVE-2021-44228); it can be exploited effortlessly remotely and allows an attacker to execute his own code (RCE). …
ILIAS is a free and open source learning platform which can be used to create and distribute web-based teaching and learning materials. It is often used by universities and companies for e-learning. This blog post describes how we …
Netatmo Welcome is a smart camera, which is capable of recognizing faces, streaming recordings into the cloud or alerting the owner in case of a burglary. As part of ongoing research into the Internet of Things security, we continued our …
Netatmo Welcome is a smart camera, which is capable of recognizing faces, streaming recordings into the cloud or alerting the owner in case of a burglary. As part of ongoing research into the Internet of Things security, we performed static …
We analyzed a recent wave of phishing mails trying to spread the Emotet banking trojan via malicious Word documents. This post provides details of the obfuscation methods used in the VBA macro and the PowerShell script contained within the …
The preliminary release of the OWASP Top 10 - 2017 in April 2017 has stirred up quite a bit of controversy over the inclusion of a new entry titled 'A7 - Insufficient Attack Protection'. Aside from taxonomical problems (a lack of protection …
Fuzzing is a method to identify software bugs and vulnerabilities. The current development shows a trend to move fuzzing into the cloud, as cloud fuzzing offers a fuzzing speed increase and lots of extra flexibility compared to classic …