Posts

Security Software & Tools Tips – May 2019

In this monthly post, we try to make you aware of five different security related products.
This is a repost from my personal website Ulyaoth

This month we have chosen for the following:
*
angr
* Brakeman
* Moloch
* OSXCollector
* Zeek

angr

Information from the angr website:

angr is a python framework for analyzing binaries. It combines both static and dynamic symbolic (“concolic”) analysis, making it applicable to a variety of tasks.

Website:

https://angr.io/

Brakeman

Information from the Brakeman website:

Brakeman is a security scanner for Ruby on Rails applications. Unlike many web security scanners, Brakeman looks at the source code of your application. This means you do not need to set up your whole application stack to use it. Once Brakeman scans the application code, it produces a report of all security issues it has found.

Website:

https://brakemanscanner.org/

Moloch

Information from the Moloch website:

Moloch augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access. An intuitive and simple web interface is provided for PCAP browsing, searching, and exporting. Moloch exposes APIs which allow for PCAP data and JSON formatted session data to be downloaded and consumed directly. Moloch stores and exports all packets in standard PCAP format, allowing you to also use your favorite PCAP ingesting tools, such as wireshark, during your analysis workflow.

Website:

https://molo.ch/

OSXCollector

Information from the OSXCollector website:

OSXCollector is a forensic evidence collection & analysis toolkit for OSX.

Website:

https://yelp.github.io/osxcollector/

Zeek

Information from the Zeek website:

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 20 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally by both major companies and numerous many educational and scientific institutions for securing their cyberinfrastructure.

Website:

https://www.zeek.org/

Image by methodshop from Pixabay

Security Software & Tools Tips – April 2019

In this monthly post, we try to make you aware of five different security related products.
This is a repost from my personal website Ulyaoth

This month we have chosen for the following:
*
Ghidra
* Angry IP Scanner
* Maltego
* Detectify
* Autopsy

Ghidra

Information from the Ghidra website:

Ghidra is a software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate. This framework includes a suite of full-featured, high-end software analysis tools that enable users to analyze compiled code on a variety of platforms including Windows, macOS, and Linux.

Website:

https://github.com/NationalSecurityAgency/ghidra

Angry IP Scanner

Information from the Angry IP Scanner website:

Angry IP Scanner (or simply ipscan) is an open-source and cross-platform network scanner designed to be fast and simple to use. It scans IP addresses and ports as well as has many other features.

Website:

https://angryip.org/

Maltego

Information from the Maltego website:

Maltego is an interactive data mining tool that renders directed graphs for link analysis. The tool is used in online investigations for finding relationships between pieces of information from various sources located on the Internet.

Website:

https://www.paterva.com/web7/buy/maltego-clients/maltego-ce.php

Detectify

Information from the Detectify website:

Detectify performs automated security tests on your web application and databases and scans your assets for vulnerabilities including OWASP Top 10, CORS, Amazon S3 Bucket and DNS misconfiguration.

Website:

https://detectify.com

Autopsy

Information from the Autopsy website:

Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It is used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera’s memory card.

Website:

https://www.sleuthkit.org/autopsy/

Photo by chris panas on Unsplash

OpenSSL update available – patches 9 vulneabilities

OpenSSL have released a security patch, which amongst other things fixes a vulnerability that would allow for a DDoS.

OpenSSL 0.9.8 users should upgrade to 0.9.8zb
OpenSSL 1.0.0 users should upgrade to 1.0.0n.
OpenSSL 1.0.1 users should upgrade to 1.0.1i.

You can read the full release notes here: https://www.openssl.org/news/secadv_20140806.txt

Mozilla Vulnerabilities

Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.

Because of the nature of these vulnerabilities, it is recommended to update your software as soon as possible!

More information: http://www.mozilla.org/security/announce/2013/mfsa2013-93.html