Posts

Security Software & Tools Tips – December 2019

In this monthly post, we try to make you aware of five different security-related products.
This is a repost from my personal website Ulyaoth

This month we have chosen for the following:
* Azure Arc
* CloudGuard Dome9
* Flan Scan
* Lynis
* Wapiti

Azure Arc

Information from the Azure Arc website:

Azure Arc extends management & security to any infrastructure.

Website:

https://azure.microsoft.com/en-us/services/azure-arc/

CloudGuard Dome9

Information from the CloudGuard Dome9 website:

The Dome9 Arc agentless SaaS platform delivers full visibility and control of security and compliance in AWS, Azure and Google Cloud environments. Minimize your attack surface and protect against vulnerabilities, identify theft and data loss.

Website:

https://dome9.com/

Flan Scan

Information from the Flan Scan website:

Flan Scan is a lightweight network vulnerability scanner. With Flan Scan you can easily find open ports on your network, identify services and their version, and get a list of relevant CVEs affecting your network.

Website:

https://github.com/cloudflare/flan

Lynis

Information from the Lynis website:

Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your systems to support system hardening and compliance testing.

Website:

https://cisofy.com/lynis/

Wapiti

Information from the Wapiti website:

Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections, Server Side Request Forgery, Open Redirects…

Website:

https://sourceforge.net/projects/wapiti/

Image by MasterTux from Pixabay

Security Software & Tools Tips – November 2019

In this monthly post, we try to make you aware of five different security-related products.
This is a repost from my personal website Ulyaoth

This month we have chosen for the following:
* Kismet
* MAGNET RAM Capture
* RedLock
* SQLMap
* Wazuh

Kismet

Information from the block-doh website:

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Website:

https://kismetwireless.org/

MAGNET RAM Capture

Information from the MAGNET RAM Capture website:

MAGNET RAM Capture is a free imaging tool designed to capture the physical memory of a suspect’s computer, allowing investigators to recover and analyze valuable artifacts that are often only found in memory.

Website:

https://www.magnetforensics.com/resources/magnet-ram-capture/

RedLock

Information from the RedLock website:

RedLock Enables Cloud Threat Defense: Threat defense in the cloud requires a new AI-driven approach that correlates disparate security data sets including network traffic, user activities, risky configurations and threat intelligence, to provide a unified view of risks across fragmented cloud environments.

Website:

https://redlock.io/

SQLMap

Information from the SQLMap website:

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester, and a broad range of switches including database fingerprinting, over data fetching from the database, accessing the underlying file system, and executing commands on the operating system via out-of-band connections.

Website:

https://github.com/sqlmapproject/sqlmap

Wazuh

Information from the Wazuh website:

Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.

Website:

https://wazuh.com/

Image by StockSnap from Pixabay