HackDig : Dig high-quality web security articles for hacker

LOKI – Indicators Of Compromise Scanner

Loki is a Indicators Of Compromise Scanner, based on 4 main methods (additional checks are available) and will present a report showing GREEN, YELLOW or RED result lines.The compiled scanner may be detected by antivirus engines. This is caused by the fact that the scanner is a compiled python script that implement some file system and process scanning featur
Publish At:2016-01-16 09:05 | Read:3379 | Comments:0 | Tags:Countermeasures Security Software apt detector compromise sc

Integrit – File Verification System

Integrit is a file verification system, a simple yet secure alternative to products like tripwire. It has a small memory footprint, uses up-to-date cryptographic algorithms, and has features that make sense (like including the MD5 checksum of newly generated databases in the report).The Integrit system detects intrusion by detecting when trusted files have b
Publish At:2015-12-18 17:55 | Read:6540 | Comments:0 | Tags:Security Software Countermeasures hids host based intrusion

Critical Remote Root Zero-Day In FireEye Appliances

So FireEye doesn’t have a particularly good reputation in the security community, it’s generally not handled responsible disclosure well and it’s even taken a security firm (ERNW) to court over a vulnerability disclosure.And now there’s another critical remote root zero-day in FireEye appliances – which is scary, as these are hi
Publish At:2015-12-17 05:45 | Read:2619 | Comments:0 | Tags:Exploits/Vulnerabilities Countermeasures tavis ormandy firee

ModSecurity – Open Source Web Application Firewall

ModSecurity is an open source web application firewall (WAF) module that is cross platform capable. Known as the “Swiss Army Knife” of WAFs, it enables web application defenders to gain visibility into HTTP(S) traffic and provides a power rules language and API to implement advanced protections.ModSecurity is a toolkit for real-time web applicati
Publish At:2015-11-14 02:25 | Read:2426 | Comments:0 | Tags:Countermeasures Security Software mod security modsecurity o

Scumblr by Netflix – Automatically Scan For Leaks

Scumblr is a search automation web application that helps you to automatically scan for leaks by performing periodic searches and storing / taking actions on the identified results. Scumblr uses the Workflowable gem to allow setting up flexible workflows for different types of results.How do I use Scumblr?Scumblr is a web application based on Ruby on Rails.
Publish At:2015-11-02 20:25 | Read:2548 | Comments:0 | Tags:Countermeasures Privacy Security Software automated leak mon

WP Security Audit Log – A Complete Audit Log Plugin For WordPress

WP Security Audit Log is a complete audit log plugin for WordPress, which helps you keep an audit log of everything that is happening on your WordPress and WordPress multisite installation. Ensure user productivity and identify WordPress security issues before they become a security problem. This is claimed to be the most comprehensive user monitoring and au
Publish At:2015-10-24 02:15 | Read:1902 | Comments:0 | Tags:Countermeasures Security Software generate wordpress access

Amazon AWS Web Application Firewall (WAF ) Launched

So Amazon is stepping up its security game again, this time with an AWS Web Application Firewall or WAF as they are commonly known. Generally a WAF is designed to protect you against common web threats such as XSS (Cross Site Scripting), SQL Injection, and other common patterns (LFI, RFI etc).We have written about one such tool before: Shadow Daemon – Web Ap
Publish At:2015-10-08 01:05 | Read:2417 | Comments:0 | Tags:Countermeasures Security Software amazon amazon aws amazon a

Tiger – Unix Security Audit & Intrusion Detection Tool

Tiger is a Unix security audit tool that can be use both for auditing and as an intrusion detection system. It supports multiple Unix platforms and it is free and provided under a GPL license. Unlike other tools, Tiger needs only POSIX tools and is written entirely in shell language.Tiger has some interesting features that merit its resurrection, including a
Publish At:2015-09-12 04:15 | Read:2184 | Comments:0 | Tags:Countermeasures Linux Hacking Security Software hids linux s

AIDE – Advanced Intrusion Detection Environment

AIDE (Advanced Intrusion Detection Environment) is a file and directory integrity checker, it was initially developed as a free replacement for Tripwire licensed under the terms of the GNU General Public License (GPL).How it WorksAide takes a “snapshot” of the state of the system, register hashes, modification times, and other data regarding the
Publish At:2015-09-12 04:15 | Read:2633 | Comments:0 | Tags:Countermeasures Security Software advanced intrusion detecti

Egress-Assess – Test Network Egress Data Detection

Egress-Assess is a tool used to test network egress data detection capabilities, it works over FTP, HTTP and HTTPS. It can generate various data-types to test detection, credit card details, social security numbers (SSN) and name/address combos.This tool is designed to be an easy way to test exfiltrating data from the network you are currently plugged into.
Publish At:2015-07-14 06:25 | Read:3669 | Comments:0 | Tags:Countermeasures Network Hacking Security Software data-leak

Just-Metadata – Gathers & Analyse IP Address Metadata

Just-Metadata is a tool that can be used to gather IP address metadata passively about a large number of IP addresses, and attempt to extrapolate relationships that might not otherwise be seen. Just-Metadata has “gather” modules which are used to gather metadata about IPs loaded into the framework across multiple resources on the internet. Just-M
Publish At:2015-06-14 05:55 | Read:4358 | Comments:0 | Tags:Countermeasures Network Hacking Security Software analyse at

OpenSSH On Windows – It’s Happening!

So it seems like getting rid of Ballmer was the best thing Microsoft has done in years, Satya is definitely pushing them in a much more positive direction with a focus on Azure and open sourcing technology and moves like this OpenSSH on Windows!A real show of support for open source technology and a commitment to making Windows servers more technologically r
Publish At:2015-06-09 23:25 | Read:2608 | Comments:0 | Tags:Countermeasures Windows Hacking microsoft openssh openssh in

Shadow Daemon – Web Application Firewall

Shadow Daemon is a collection of tools to detect, protocol and prevent attacks on web applications. Technically speaking, Shadow Daemon is a web application firewall that intercepts requests and filters out malicious parameters. It is a modular system that separates web application, analysis and interface to increase security, flexibility and expandability.S
Publish At:2015-06-09 23:25 | Read:2459 | Comments:0 | Tags:Countermeasures Security Software Web Hacking hacking web ap

sptoolkit Rebirth – Simple Phishing Toolkit

The sptoolkit (rebirth) or Simple Phishing Toolkit project is an open source phishing education toolkit that aims to help in securing the mind as opposed to securing computers. Organizations spend billions of dollars annually in an effort to safeguard information systems, but spend little to nothing on the under trained and susceptible minds that operate the
Publish At:2015-04-20 20:50 | Read:3302 | Comments:0 | Tags:Countermeasures Phishing phishing toolkit simple phishing to

EvilAP Defender – Detect Evil Twin Attacks

EvilAP_Defender is an application that helps wireless network administrators to discover and prevent Evil Access Points (AP) from attacking wireless users. The application can be run in regular intervals to protect your wireless network and detect Evil Twin attacks.By configuring the tool you can get notifications sent to your email whenever an evil access p
Publish At:2015-04-18 19:50 | Read:3568 | Comments:0 | Tags:Countermeasures Wireless Hacking aircrack detect malicious a


Share high-quality web security related articles with you:)


Tag Cloud