Archive | Countermeasures

Advertisements


06 February 2016 | 1,813 views

Gophish – Open-Source Phishing Framework

Gophish is a phishing framework that makes the simulation of real-world phishing attacks very straight forwards. The idea behind gophish is simple – make industry-grade phishing training available to everyone. There are various other similar tools available such as Simple Phishing Toolkit and sptoolkit Rebirth. I wonder if this is the beginning of an emergence […]

Continue Reading


02 February 2016 | 1,037 views

WAF-FLE – Graphical ModSecurity Console Dashboard

WAF-FLE (Web Application Firewall: Fast Log and Event Console) is a OpenSource ModSecurity Console – which allows the modsecurity admin to store, view and search events sent by sensors. It uses a graphical dashboard to drill-down and find quickly the most relevant events. It is designed to be fast and flexible, while keeping a powerful […]

Continue Reading


16 January 2016 | 3,033 views

LOKI – Indicators Of Compromise Scanner

Loki is a Indicators Of Compromise Scanner, based on 4 main methods (additional checks are available) and will present a report showing GREEN, YELLOW or RED result lines. The compiled scanner may be detected by antivirus engines. This is caused by the fact that the scanner is a compiled python script that implement some file […]

Continue Reading


19 December 2015 | 1,155 views

Integrit – File Verification System

Integrit is a file verification system, a simple yet secure alternative to products like tripwire. It has a small memory footprint, uses up-to-date cryptographic algorithms, and has features that make sense (like including the MD5 checksum of newly generated databases in the report). The Integrit system detects intrusion by detecting when trusted files have been […]

Continue Reading


17 December 2015 | 1,880 views

Critical Remote Root Zero-Day In FireEye Appliances

So FireEye doesn’t have a particularly good reputation in the security community, it’s generally not handled responsible disclosure well and it’s even taken a security firm (ERNW) to court over a vulnerability disclosure. And now there’s another critical remote root zero-day in FireEye appliances – which is scary, as these are high end devices protecting […]

Continue Reading


13 November 2015 | 2,798 views

ModSecurity – Open Source Web Application Firewall

ModSecurity is an open source web application firewall (WAF) module that is cross platform capable. Known as the “Swiss Army Knife” of WAFs, it enables web application defenders to gain visibility into HTTP(S) traffic and provides a power rules language and API to implement advanced protections. ModSecurity is a toolkit for real-time web application monitoring, […]

Continue Reading


02 November 2015 | 3,934 views

Scumblr by Netflix – Automatically Scan For Leaks

Scumblr is a search automation web application that helps you to automatically scan for leaks by performing periodic searches and storing / taking actions on the identified results. Scumblr uses the Workflowable gem to allow setting up flexible workflows for different types of results. How do I use Scumblr? Scumblr is a web application based […]

Continue Reading


24 October 2015 | 1,015 views

WP Security Audit Log – A Complete Audit Log Plugin For WordPress

WP Security Audit Log is a complete audit log plugin for WordPress, which helps you keep an audit log of everything that is happening on your WordPress and WordPress multisite installation. Ensure user productivity and identify WordPress security issues before they become a security problem. This is claimed to be the most comprehensive user monitoring […]

Continue Reading


08 October 2015 | 2,187 views

Amazon AWS Web Application Firewall (WAF ) Launched

So Amazon is stepping up its security game again, this time with an AWS Web Application Firewall or WAF as they are commonly known. Generally a WAF is designed to protect you against common web threats such as XSS (Cross Site Scripting), SQL Injection, and other common patterns (LFI, RFI etc). We have written about […]

Continue Reading


12 September 2015 | 3,420 views

AIDE – Advanced Intrusion Detection Environment

AIDE (Advanced Intrusion Detection Environment) is a file and directory integrity checker, it was initially developed as a free replacement for Tripwire licensed under the terms of the GNU General Public License (GPL). How it Works Aide takes a “snapshot” of the state of the system, register hashes, modification times, and other data regarding the […]

Continue Reading


Advertisements