Garmr is a tool to inspect the responses from websites for basic security requirements. It includes a set of core test cases implemented in corechecks that are derived from the Mozilla Secure Coding Guidelines which can be found here: https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines The purpose of this page is to establish a concise and consistent approach to secure […]
Archives for 2014
Heartbleed Implicated In US Hospital Leak
If you’ve been up on your news consumption in the past week or so, you’ll have read about the Chinese hackers who managed to access 4.5 million patient records in a huge US Hospital Leak. Community Health Systems hacked, records of nearly 4.5 million patients stolen Now it turns out, the first entry for this […]
Passera – Generate A Unique Strong Password For Every Website
We’ve discussed password storage/generation solutions quite often, especially in the news stories about hacks and plain text password leaks, here’s a tool for the more paranoid who don’t want to store their passwords locally or in the cloud. Passera is a simple tool written in Go that allows users to generate a unique strong password […]
Hiding A Bitcoin Mining Botnet In The Cloud
This is a pretty interesting story, and an interesting use (or mis-use) of cloud resources. We’ve covered similar stuff before like the case when Yahoo! was Spreading Bitcoin Mining Botnet Malware Via Ads, and then more recently when the Pirated ‘Watch Dogs’ Game Made A Bitcoin Mining Botnet. But this time it’s not malware based, […]
ParanoiDF – PDF Analysis & Password Cracking Tool
ParanoiDF is a PDF Analysis Suite based on PeePDF by Jose Miguel Esparza. The tools/features that have been added are – Password cracking, redaction recovery, DRM removal, malicious JavaScript extraction, and more. We have posted about a few PDF related tools before, including the one this tool is based on: – peepdf – Analyze & […]