In this segment, we will explore some pretty awesome tools for scanning the Internet, with a focus on network edge devices. We'll bring it all together with Claude Code and look at some sample results. Tools include:

• Shodan | Passive recon — query existing scan data for exposed devices, services, and vulns | Passive (API) | Instant (no packets sent)
• ZMap | Host discovery — find live hosts with open ports | L4 (TCP SYN, UDP, ICMP) | Millions of packets/sec
• ZGrab2 | Application-layer handshakes — grab banners, certs, headers | L7 (30+ protocol modules) | Thousands of hosts/sec
• Nerva | Service fingerprinting — identify 140+ protocols with metadata, CPEs, technology stacks | L7 (TCP, UDP, SCTP) | Fast, concurrent
• Nuclei | Template-based vulnerability scanning — default creds, exposed panels, known CVEs | L7 (HTTP, network) | Hundreds of targets/min
• Shannon | Vulnerability exploitation — AI-powered whitebox pentesting of web apps | Application | ~1-1.5 hrs per target
• edgescan.py | Automated pipeline — orchestrates all tools above into a single command | Orchestration | End-to-end

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-919

In this episode, we sit down with the Radare community leader, Pancake, the creator of the Radare2 reverse engineering framework. Whether you’ve never heard of Radare, already use it daily, or are thinking about contributing to its development, this conversation will demystify what makes Radare unique, why thousands of engineers rely on it, and how you can step into the community.

This segment is sponsored by NowSecure. Discover how AI-powered mobile app security testing finds hidden vulns and leaks at https://securityweekly.com/nowsecure.

In the security news:

• The US national cyber strategy
• in the category of dumb laws and 3d printing guns
• Iranian threat analysis
• ESP32 Bus Pirate gets some amazing updates
• I can reset the admin password
• Rick-rolling yourself
• Chrome 0days
• Re-purposing those old Ubiquiti cloud keys
• The new TLS certificate lifecycle
• A Flipper Zero add-on and news on the FlipperOne
• glassword malware
• Do you care about exploits or patching?
• attacking nuclear research centers
• how we uncovered 9 vulnerabilities in IP KVMs
• and hacking your laundry card with Claude

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-918

In the security news this week:

• The XZ backdoor documentary
• Zero days - the clock isn't ticking
• Vulnerability Mis-Management
• Reversing traffic light controllers
• Reversing with Claude
• Don't curl to bash!
• Reading CVEs makes my head hurt
• Dumping browser secrets
• I open-sourced a new(ish) tool
• D-LINK exploits
• There is no password
• I control the building
• When old vulnerabilities become new
• Tile is for stalkers
• Hacking AI
• Iran War: What cybersecurity needs to know
• National cyber strategy
• Coruna
• I got phished and I want a refund

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-917