Archive | Countermeasures




mongoaudit – MongoDB Auditing & Pen-testing Tool

mongoaudit is a CLI tool for MongoDB auditing of servers, detecting poor security settings and performing automated penetration testing. It is widely known that there are quite a few holes in MongoDB’s default configuration settings. This fact, combined with abundant lazy system administrators and developers, has led to what the press has called the MongoDB […]

Tags: , , , , , , , , , , ,

Posted in: Countermeasures, Database Hacking, Security Software | Add a Comment

Why Are Hackers Winning The Security Game?

A lot of people and companies get complacent and don’t believe the hackers are winning, but trust me they are. So we have to ask, why are hackers winning the security game? What’s putting them ahead of the security teams and CISOs inside organizations. It’s an old story anyway, the Hackers always win in some […]

Tags: , , , , , , , ,

Posted in: Countermeasures, General Hacking | Add a Comment

Barnyard2 – Dedicated Spooler for Snort Output

Barnyard2 is an open source dedicated spooler for Snort output as unified2 binary output files. Its primary use is allowing Snort to write to disk in an efficient manner and leaving the task of parsing binary data into various formats to a separate process that will not cause Snort to miss network traffic. How it […]

Tags: , , , , , , ,

Posted in: Countermeasures, Network Hacking, Security Software | Add a Comment

Wycheproof – Test Crypto Libraries Against Known Attacks

Project Wycheproof is a tool to test crypto libraries against known attacks. It is developed and maintained by members of Google Security Team, but it is not an official Google product. At Google, they rely on many third party cryptographic software libraries. Unfortunately, in cryptography, subtle mistakes can have catastrophic consequences, and they found that […]

Tags: , , , , , , , ,

Posted in: Countermeasures, Cryptography, Programming | Add a Comment

DBShield – Go Based Database Firewall

DBShield is a Database Firewall written in Go that has protection for MySQL/MariaDB, Oracle and PostgreSQL databases. It works in a proxy fashion inspecting traffic and dropping abnormal queries after a learning period to populate the internal database with regular queries. Learning mode lets any query pass but it records information about it (pattern, username, […]

Tags: , , , , , , , ,

Posted in: Countermeasures, Database Hacking, Security Software | Add a Comment

Minion – Mozilla Security Testing Framework

Minion is a security testing framework built by Mozilla to bridge the gap between developers and security testers. To do so, it enables developers to scan with a wide variety of security tools, using a simple HTML-based interface. It consists of three umbrella projects: Minion Frontend, a Python, angular.js, and Bootstrap-based website that provides a […]

Tags: , , , , , , , ,

Posted in: Countermeasures, Security Software, Web Hacking | Add a Comment

Pulled Pork – Suricata & Snort Rule Management

Pulled Pork is a PERL based tool for Suricata and Snort rule management – it can determine your version of Snort and automatically download the latest rules for you. The name was chosen because simply speaking, it Pulls the rules. Using a regular crontab you can keep your Snort or Suricata rules up to date […]

Tags: , , , , , , ,

Posted in: Countermeasures, Network Hacking, Security Software | Add a Comment

Signal Messaging App Formal Audit Results Are Good

I’ve recommended Signal Messaging App quite a few times and I do use it myself, I know there are some privacy concerns with the fact it requires Google App Store – but that’s the developers choice. It’s a pretty solid app, clean, sleek and works well across both Android and iOS and the latest news […]

Tags: , , , , , , ,

Posted in: Countermeasures, Cryptography, Privacy | Add a Comment

Snort – Free Network Intrusion Detection & Prevention System

Snort is an open-source, lightweight, free network intrusion detection system (NIDS) software for Linux and Windows to detect emerging threats. It’s capable of of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching, and can be used to detect a variety of attacks and probes, such as […]

Tags: , , , , , , ,

Posted in: Countermeasures, Network Hacking, Security Software | Add a Comment

SHA-256 and SHA3-256 Are Safe For the Foreseeable Future

Hashing, it’s always a contentious issue – used to be md5, then sha-1, then bcrypt and now it looks like SHA-256 or SHA3-256 might the future with quantum science boffins predicting it’s not feasable to crack. You can read more about the algorithm and design (using sponge construction) on Wikipedia here: SHA-3 While it’s reasonable […]

Tags: , , , , , , ,

Posted in: Countermeasures, Cryptography | Add a Comment

Popular Tags

computer-security · darknet · Database Hacking · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · XSS ·