Browsing category
This is an hybrid solution combining a flexible Host IDS with detection based Incident Response capabilities. The detection engine is built on top of a previously developped rule engine Gene specially designed to match Windows events against user defined rules. Why Provide an Open Source EDR like tool Flexible detection Easy integration with other open-source tools […]
ArmourBird CSF – Container Security Framework is an extensible, modular, API-first framework build for regular security monitoring of docker installations and containers against CIS and other custom security checks. ArmourBird CSF has a client-server architecture and is thus divided into two components: a) CSF Client This component is responsible for monitoring the docker installations, containers, […]
The risk level regarding Active Directory security has changed. Several vulnerabilities have been made popular with tools like mimikatz or sites likes adsecurity.org. PingCastle is a tool designed to assess quickly the Active Directory security level with a methodology based on risk assessment and a maturity framework. It does not aim at a perfect evaluation […]
An advanced cybersecurity platform to stop Malware, Ransomware, detect cyber attacks and more… Cyber attacks are on the raise and the cyber criminals are continuously improving their tactics and developing new tools and Malware to achieve their goals of breaching their targets, spying, stealing valuable data and cause destructive damage to assets. In recent years […]
Keylogger Detector is an original solution, created to detect stealth monitoring software, both known and unknown. The intelligent algorithm of Keylogger Detector is entirely based on specific behavior of key logging software. It doesn’t rely on threat signatures, like most of existing solutions – thus you don’t depend on regular signature updates to be protected. […]
In computing, hardening is usually the process of securing a system by reducing its surface of vulnerability, which is larger when a system performs more functions; in principle a single-function system is more secure than a multipurpose one. Reducing available ways of attack typically includes changing default passwords, the removal of unnecessary software, unnecessary usernames […]
JSHielder is an Open Source Bash Script developed to help SysAdmin and developers secure there Linux Servers in which they will be deploying any web application or services. This tool automates the process of installing all the necessary packages to host a web application and Hardening a Linux server with little interaction from the user. […]
DevAudit is an open-source, cross-platform, multi-purpose security auditing tool targeted at developers and teams adopting DevOps and DevSecOps that detects security vulnerabilities at multiple levels of the solution stack. DevAudit provides a wide array of auditing capabilities that automate security practices and implementation of security auditing in the software development life-cycle. DevAudit can scan your […]
A simple, malleable, and scalable framework for composing the monitoring system you need. It is offered in two flavours: Sensu Core – this open source project Sensu Enterprise – a full-featured commercial implementation, built on Sensu Core It is an open source monitoring framework. Key Features: Automate your monitoring workflows: Limitless pipelines let you validate and correlate […]
LuLu is the free open-source macOS firewall that aims to block unauthorized (outgoing) network traffic unless explicitly approved by the user: Full details and usage instructions can be found here. Feature 100% free As in no ads, no time trials, no missing features. Because why not!? And no, it doesn’t track, monitor, or spy on you […]
Mail Security Testing Framework is a testing framework for mail security and filtering solutions. The mail security testing framework works with with Python >=3.5. Just pull this repository and go ahead. No further dependencies are required. Usage The script mail-tester.py runs the tests. Read the help message with ./mail-tester.py –help and check the list of test and evasion […]
Powershell script to setup windows port forwarding using native netsh client Install: git clone https://github.com/deepzec/Win-PortFwd.git Usage: .win-portfwd.ps1 or powershell.exe -noprofile -executionpolicy bypass -file .win-portfwd.ps1 Example : Note: This script require admin privileges to run, it will automatically try to elevate the privilges if you are running this script under normal user privileges.
A powerful tool for managing networks and troubleshoot network problems. Features Network Interface – Information, Configure IP-Scanner Port-Scanner Ping Traceroute DNS Lookup Remote Desktop PuTTY SNMP – Get, Walk, Set (v1, v2c, v3) Wake on LAN HTTP Headers Subnet Calculator – Calculator, Subnetting, Supernetting Lookup – OUI, Port Connections Listeners ARP Table Languages English German […]
Deception techniques – if deployed well – can be very effective for organizations to improve network defense and can be a useful arsenal for blue teams to detect attacks at very early stage of cyber kill chain. But the challenge we have seen is deploying, managing and administering decoys across large networks is still not […]
Improve your security and privacy by blocking ads, tracking and malware domains. This POSIX-compliant shell script, designed for Unix-like systems, gets a list of domains that serve ads, tracking scripts and malware from multiple reputable sources and creates a hosts file that prevents your system from connecting to them. Installation curl -o /tmp/hblock ‘https://raw.githubusercontent.com/zant95/hblock/v1.3.2/hblock’ && echo ‘d402d9b941300c255271a609a063174dc52233fe80049df29b535c1d339bc7dd /tmp/hblock’ | shasum […]
Security Onion is a Linux distro for intrusion detection, network security monitoring, and log management. It’s based on Ubuntu and contains Snort, Suricata, Bro, OSSEC, Sguil, Squert, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes. It is […]
Hardentools is a collection of simple utilities designed to disable a number of “features” exposed by operating systems (Microsoft Windows, for now), and primary consumer applications. These features, commonly thought for Enterprise customers, are generally useless to regular users and rather pose as dangers as they are very commonly abused by attackers to execute malicious […]
Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments.It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection. In addition, threat data is also […]
PortDog is a network anomaly detector aimed to detect port scanning techniques. It is entirely written in python and has an easy-to-use interface. Note: It was tested on Ubuntu 15. But it is not working on Windows OS, due to problems with capturing RAW packets. It is using Raw packets for analysis. For this reason, please ensure […]
Script to make Snort installation simpler. The script installs: Snort: Open Source IDS. Barnyard2: Interpreter for Snort unified2 binary output files. PulledPork: Snort rule management. WebSnort: Web Interface for PCAP analysis. Successfully tested in: Raspberry Pi + Raspbian Jessie Kali Linux Rolling Release Debian 8.5 Installation What do you need? A computer […]
Scripts to setup and install Bro IDS, Elasticsearch, Logstash, Kibana, and Critical Stack on any device. Installation: sudo python setup.py Follow prompts to enter appropriate information for chosen installation type Installation Types Full Install: This will install Bro IDS, Critical Stack (optional), Logstash, Elasticsearch, Kibana, Apache, and Sweet Security Client/Server. Choose this option ONLY […]