Archive | Countermeasures


12 September 2015 | 2,867 views

AIDE – Advanced Intrusion Detection Environment

AIDE (Advanced Intrusion Detection Environment) is a file and directory integrity checker, it was initially developed as a free replacement for Tripwire licensed under the terms of the GNU General Public License (GPL). How it Works Aide takes a “snapshot” of the state of the system, register hashes, modification times, and other data regarding the […]

Continue Reading

31 August 2015 | 3,941 views

Tiger – Unix Security Audit & Intrusion Detection Tool

Tiger is a Unix security audit tool that can be use both for auditing and as an intrusion detection system. It supports multiple Unix platforms and it is free and provided under a GPL license. Unlike other tools, Tiger needs only POSIX tools and is written entirely in shell language. Tiger has some interesting features […]

Continue Reading

14 July 2015 | 1,561 views

Egress-Assess – Test Network Egress Data Detection

Egress-Assess is a tool used to test network egress data detection capabilities, it works over FTP, HTTP and HTTPS. It can generate various data-types to test detection, credit card details, social security numbers (SSN) and name/address combos. This tool is designed to be an easy way to test exfiltrating data from the network you are […]

Continue Reading

14 June 2015 | 2,613 views

Just-Metadata – Gathers & Analyse IP Address Metadata

Just-Metadata is a tool that can be used to gather IP address metadata passively about a large number of IP addresses, and attempt to extrapolate relationships that might not otherwise be seen. Just-Metadata has “gather” modules which are used to gather metadata about IPs loaded into the framework across multiple resources on the internet. Just-Metadata […]

Continue Reading

11 June 2015 | 1,780 views

Agile Security – How Does It Fit Into A World Of Continuous Delivery

So, Agile Security? How does it fit into the new age of rapid iteration, continuous integration and continuous development? It’s an interesting discussion and personally very on point for me as I operate in an agile organisation and just today took (and passed yay me) my Scrum Master certification. The traditional silo approach of security […]

Continue Reading

06 June 2015 | 2,389 views

Shadow Daemon – Web Application Firewall

Shadow Daemon is a collection of tools to detect, protocol and prevent attacks on web applications. Technically speaking, Shadow Daemon is a web application firewall that intercepts requests and filters out malicious parameters. It is a modular system that separates web application, analysis and interface to increase security, flexibility and expandability. Shadow Daemon is easy […]

Continue Reading

04 June 2015 | 3,023 views

OpenSSH On Windows – It’s Happening!

So it seems like getting rid of Ballmer was the best thing Microsoft has done in years, Satya is definitely pushing them in a much more positive direction with a focus on Azure and open sourcing technology and moves like this OpenSSH on Windows! A real show of support for open source technology and a […]

Continue Reading

14 May 2015 | 1,262 views

BitTorrent Bleep – Encrypted, Decentralized Voice & Text App

So after running an open alpha for a while, BitTorrent Bleep is now finally public and official. The whole secure/transient messaging app/platform area is an interesting space, companies have come and gone, some have been compromised and some are still around (Snapchat, Poke, Wickr, Armortext etc). Bleep requires no personal info, just a nickname and […]

Continue Reading

05 May 2015 | 4,141 views

The Dude – Automatic Network Discovery & Layout Tool

The Dude network monitor is a (not so) new application by MikroTik which can dramatically improve the way you manage your network environment. It will automatically scan all devices within specified subnets, draw and layout a map of your networks, monitor services of your devices and alert you in case some service has problems. A […]

Continue Reading

02 May 2015 | 1,882 views

Graudit v1.9 Download – Grep Source Code Auditing Tool

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It’s comparable to other static analysis applications and source code auditing tool sets like RATS, SWAAT and flaw-finder while keeping the technical requirements to a minimum and being very flexible. You […]

Continue Reading