A2SV is an open source tool used for scanning SSL vulnerabilities in web applications. A2SV performs vulnerability scanning for CCS injection, Heartbleed, Logjam, Freak Attack, Anonymous Cipher, SSL v3 POODLE, SSL v2 Drown, and Crime (SPDY). CCS is the OpenSSL vulnerability that acts as Man in the Middle (MITM) to intercept network traffic and eavesdrop […]
Cortex tries to solve a common problem frequently encountered by SOCs, CSIRTs and security researchers in the course of threat intelligence, digital forensics, and incident response: how to analyze observables they have collected, at scale, by querying a single tool instead of several? Cortex, an open source, and free software have been created by TheHive Project for this very purpose. Observables, such as […]
Digital security concept The human element has to be considered when evaluating this type of risk in an organization According to a recent research carried out by ethical hacking specialists, 17% of data thefts begin as social engineering attacks, mainly by email. Employee errors, such as sending an email to the wrong person, also represent […]
CyberChef is a simple, intuitive web app for carrying out all manner of “cyber” operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character […]
Cybersecurity reports reveal the most frequently exploited vulnerabilities Shortly after the launch of its second annual report called “Under the Hoodie: Lessons from a season of penetration testing”, cybersecurity firm Rapid7 continues to examine the data collected from the 268 pentesting services it made between September 2017 and June 2018. Software vulnerabilities are the core […]
Manticore is a prototyping tool for dynamic binary analysis, with support for symbolic execution, taint analysis, and binary instrumentation. Manticore comes with an easy-to-use command line tool that quickly generates new program “test cases” (or sample inputs) with symbolic execution. Each test case results in a unique outcome when running the program, like a normal […]
Zebrocy heavily used by the Sednit group over last two years
The most complete open-source tool for Twitter intelligence analysis Introduction tinfoleak is an open-source tool within the OSINT (Open Source Intelligence) and SOCMINT (Social Media Intelligence) disciplines, that automates the extraction of information on Twitter and facilitates subsequent analysis for the generation of intelligence. Taking a user identifier, geographic coordinates or keywords, tinfoleak analyzes the Twitter timeline to extract great volumes of […]
The field of computer Forensics Analysis involves identifying, extracting, documenting, and preserving information that is stored or transmitted in electronic or magnetic form (that is, digital evidence) Forensics Analysis – Volatile Data: The data that is held in temporary storage in the system’s memory (including random access memory, cache memory, and the onboard memory of […]
Modern applications leverage the availability of existing components for use as building blocks in application development. By using existing components, organizations can dramatically decrease time-to-market. Reusing existing components however, comes at a cost. Organizations that build on top of existing components assume risk for software they did not create. Vulnerabilities in third-party components are inherited […]
PEframe is an open source tool to perform static analysis on Portable Executable malware and generic suspicious file. It can help malware researchers to detect packer, xor, digital signature, mutex, anti debug, anti-virtual machine, suspicious sections and functions, and much more information about the suspicious files. Requirements: Python 2.7.x Installation: To install from PyPI: # […]
CuckooDroid is an extension of Cuckoo Sandbox the Open Source software for automating analysis of suspicious files. CuckooDroid brigs to cuckoo the capabilities of execution and analysis of android application. CuckooDroid is an automated, cross-platform, emulation and analysis framework based on the popular Cuckoo sandbox and several other open source projects – providing both static […]
Apparatus is a security framework to facilitate security analysis in IoT systems. To make the usage of the Apparatus framework easier the ASTo app was created (ASTo stands for Apparatus Software Tool). ASTo is based on electron and cytoscape.js. The application is still in prototyping stage, which means a lot of functionality is being added with each commit, along […]
ShellCheck is a static analysis tool that gives warnings and suggestions for bash/sh shell scripts. How To Use ShellCheck There are a number of ways to use ShellCheck. On The Web Paste a shell script on https://www.shellcheck.net for instant feedback. ShellCheck.net is always synchronized to the latest git commit, and is the easiest way to give […]
Steganography is an art of hiding messages covert way so that exclusive the sender and recipient know the original message. This technique permits sender and receiver to communicate secretly and the third party won’t mindful of the correspondence happen. It replaces bits of unused information into the standard files—graphic, sound, text,video—with some different bits that […]
Security analysis and penetration testing is an integral part of creating any kind of secure network. This brings us to the WiFi hacking software that could be used for ethically testing a wireless network and make amends. In the past, we’ve already covered the top wireless security apps for Android and now it’s the turn of such […]
There are plenty of tools for behavioral malware analysis. The defacto standard ones, though, are Sysinternals’s Process Monitor (also known as Procmon) and PCAP generating network sniffers like Windump, Tcpdump, Wireshark, and the like. These “two” tools cover almost everything a malware analyst might be interested in when doing behavioral malware analysis. But there’s a […]
Droidefense (originally named atom: analysis through observation machine)* is the codename for android apps/malware analysis/reversing tool. It was built focused on security issues and tricks that malware researcher have on they every day work. For those situations on where the malware has anti-analysis routines, Droidefense attemps to bypass them in order to get to the […]
Aletheia is a steganalysis tool for the detection of hidden messages in images. The goal of steganalysis is to identify suspected packages, determine whether or not they have a payload encoded into them, and, if possible, recover that payload. Unlike cryptanalysis, steganalysis generally starts with a pile of suspect data files, but little information about […]
DAMM (Differential Analysis of Malware in Memory) is an open source memory analysis tool built on top of Volatility. It is meant as a proving ground for interesting new techniques to be made available to the community. These techniques are an attempt to speed up the investigation process through data reduction and codifying some expert knowledge. […]
A Sophisticated Ursnif Malware variant using manipulated TLS call back Anti-Analysis Technique while injecting the Child Process for changing the entry point. TLS (Thread Local Storage) call backs used for additional initialization and termination that provided by Windows operating system. Malicious TLS Allows PE files to include malicious TLS callback functions to be executed prior to […]