pytbull is an Intrusion Detection/Prevention System (IDS/IPS) Testing Framework for Snort, Suricata and any IDS/IPS that generates an alert file. It can be used to test the detection and blocking capabilities of an IDS/IPS, to compare IDS/IPS, to compare configuration modifications and to check/validate configurations. The framework is shipped with about 300 tests grouped in […]
Archives for 2011
Mac Malware Becoming a Serious Threat
Malware on the ubiquitous Apple platform has always been scoffed at by Mac users, and it was fair enough really. There weren’t a whole lot of Mac users so the effort to develop malware for the Mac platform really wasn’t worth it. The platform has exploded though with Macs being the weapon of choice for […]
peepdf – Analyze & Modify PDF Files
peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not. The aim of this tool is to provide all the necessary components that a security researcher could need in a PDF analysis without using 3 or 4 tools to make all the tasks. […]
VUPEN Whitehats Claim To Have Broken Chrome Sandbox
The big news recently is that someone has finally managed to pop the formidable Chrome browser, as we know from following Pwn2Own – it’s been safe for 3 years in a row. It has a sandbox, ASLR and DEP and that’s a pretty heavy combination to keep users safe from malicious software coming in via […]
ArpON v2.2 Released – Tool To Detect & Block ARP Spoofing
ArpON (ARP handler inspection) is a portable handler daemon that make ARP secure in order to avoid the Man In The Middle (MITM) through ARP Spoofing/Poisoning attacks. It detects and blocks also derived attacks by it for more complex attacks, as: DHCP Spoofing, DNS Spoofing, WEB Spoofing, Session Hijacking and SSL/TLS Hijacking & co attacks. […]