Αναρτήσεις

Εμφάνιση αναρτήσεων με την ετικέτα linux news

DumpsterFire Toolset: Security Incidents In A Box

Εικόνα
The DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Turn paper tabletop exercises into controlled “live fire” range events. Build event sequences (“narratives”) to simulate realistic scenarios and generate corresponding network and filesystem artifacts. The toolset is designed to be dynamically extensible, allowing you to create your own Fires (event modules) to add to the included collection of toolset Fires. Just write your own Fire module and drop it into the FireModules directory. The DumpsterFire toolset will auto-detect your custom Fires at startup and make them available for use. Why Red Teams and Blue Teams are typically overextended. What’s missing is a way to scale each team’s capabilities, providing more

Ransomware Timeline: Top Stories September 2017

Εικόνα
There is no excuse for extortion in any of its forms. Cybercriminals, however, don’t seem to care as they keep spewing out new ransomware samples day by day. The blackmail malware landscape was relatively calm in September, with some scattershot bursts occurring once in a while. The Locky ransomware got updated with the Ykcol edition; a destructive data wiper called RedBoot surfaced; the GlobeImposter family continued to inflate the e-extortion ecosystem with its lookalike variants; and thousands of MongoDB servers got ransomed the second time during the year. Read the September chronicle below to learn more. Sept. 1, 2017 The distributors of the Locky ransomware start leveraging a clever anti-sandboxing trick . The contamination process won’t start once a would-be victim opens a booby-trapped Word document attached to a malspam email. Instead, the payload is downloaded and executed when the user closes the toxic attachment. The use of run-on-close macros allows the infection to sli

Cloud Client Side File Encryption: Cryptomator

Εικόνα
Multi-platform transparent client-side encryption of your files in the cloud. Cryptomator provides transparent, client-side encryption for your cloud. Protect your documents from unauthorized access. Cryptomator is free and open source software, so you can rest assured there are no backdoors. Cryptomator encrypts file contents and names using AES . Your passphrase is protected against bruteforcing attempts using scrypt . Directory structures get obfuscated. The only thing which cannot be encrypted without breaking your cloud synchronization is the modification date of your files. Cryptomator encrypts files and doesn’t care where you store them. This makes it a lightweight application, which we believe is a huge benefit for reliability. Cryptomator is a so-called transparent encryption utility. This means that you don’t have to learn new workflows. Just work with your files as you’re used to. Cryptomator is a free and open source software licensed under the MIT / X Consortium Licens

Unique Discrete Event Network Simulator: Shadow

Εικόνα
Shadow is a unique discrete-event network simulator that runs real applications like Tor and Bitcoin, and distributed systems of thousands of nodes on a single machine. Shadow combines the accuracy of emulation with the efficiency and control of simulation, achieving the best of both approaches. Shadow was developed because there was a recognized need for an accurate, efficient, and scalable tool for Tor experimentation: using the PlanetLab platform is undesirable due to management overhead and lack of control; existing emulators are far too inefficient when scaling to thousands of nodes; roll-your-own simulators are often too inaccurate or generic to be useful for multiple projects; and experiments on the live Tor network are often infeasible due to privacy risks. The goal for Shadow was to provide a tool that can be used by anyone with a Linux machine or access to EC2 to hasten the development of research prototypes and reduce the time to deployment. Although originally written wi

DNS Diagnostics & Performance Measurement Tools: DNSDiag

Εικόνα
Ever been wondering if your ISP is hijacking your DNS traffic ? Ever observed any misbehavior with your DNS responses? Ever been redirected to wrong address and suspected something is wrong with your DNS? Here we have a set of tools to perform basic audits on your DNS requests and responses to make sure your DNS is working as you expect. You can measure the response time of any given DNS server for arbitrary requests using dnsping . Just like traditional ping utility, it gives you similar functionality for DNS requests. You can also trace the path your DNS request takes to destination to make sure it is not being redirected or hijacked. This can be done by comparing different DNS queries being sent to the same DNS server using dnstraceroute and observe if there is any difference between the path. dnseval evaluates multiple DNS resolvers and helps you choose the best DNS server for your network. While it is highly recommended to use your own DNS resolver and never trust any third

Massive SQL Injection Scanner: SQLiv

Εικόνα
This tool will give you the SQLi Vulnerable Website Just by Adding the Dork. Features multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo targetted scanning by providing specific domain (with crawling) reverse domain scanning Note : Both SQLi scanning and domain info checking are done in multiprocessing so the script is super fast at scanning many urls Installation git clone http://ift.tt/2ixK0rq sudo python2 setup.py -i Dependencies bs4 termcolor google Examples Multiple domain scanning with SQLi dork it simply search multiple websites from given dork and scan the results one by one python sqliv.py - d < SQLI DORK > - e < SEARCH ENGINE > python sqliv.py - d " inurl:index.php?id= " - e google Targetted scanning can provide only domain name or specifc url with query params if only domain name is provided, it will crawl and get urls with query then scan the urls one by one python sqliv.py - t < URL >

Government to begin process to crush Catalonia independence bid

Εικόνα
(CNN) The Spanish government said Thursday it would begin the process to impose direct rule on Catalonia in an unprecedented move to crush the region’s independence bid. In a statement from Madrid, the government of Prime Minister Mariano Rajoy said it would invoke Article 155 of the constitution, a provision that allows the central government to suspend the autonomy of the Catalan regional administration. Rajoy’s Cabinet will meet on Saturday to agree measures to “restore the constitutional order” in Catalonia, where a banned referendum on independence took place earlier this month. The plan will then be put before the Senate, where Rajoy’s Popular Party has a majority, for approval. The statement did not spell out what steps would be taken under Article 155, but the provision gives Madrid the power to take over the running of Catalan institutions and force new elections. It has never been invoked before. Catalan regional President Carles Puigdemont delivers a speech in Bar

France may fine catcallers

Paris (CNN) Men who catcall, harass or follow women on the street in France could face on-the-spot fines under a new sexual-abuse law planned by the country’s minister for gender equality. from WordPress http://ift.tt/2idefkf via IFTTT

UK royal baby due date announced

Set edition preference: U.S. International Confirm from WordPress http://ift.tt/2gMpyj1 via IFTTT

Portugal and Spain wildfires kill 44

Son claims Maltese journalist ‘assassinated’

(CNN) The son of Daphne Caruana Galizia, the investigative journalist who was killed in an apparent car bombing Monday in Malta, says his mother was “assassinated” because of her work uncovering corruption. from WordPress http://ift.tt/2idedJ9 via IFTTT

How we got here and what comes next

Εικόνα
(CNN) The Spanish government has announced that it will press ahead with steps to impose direct rule on Catalonia, after the region’s government refused to renounce its drive towards independence. The standoff over Catalonia, the richest of Spain’s 17 regions, has plunged one of the European Union’s biggest countries into a deep political crisis. It was triggered by Catalan leaders pushing ahead with an independence referendum on October 1 that was declared illegal by Spain’s highest court and marred by a violent crackdown by national police. Here’s what we know about what comes next and how we got here. What comes next? The government of Spanish Prime Minister Mariano Rajoy has said it will trigger Article 155 of the Spanish constitution, which would allow it to suspend the autonomy of the Catalan regional administration. Read More An extraordinary Cabinet meeting will be held on Saturday to agree the measures to be taken before they are sent to the Senate for approva

Fix openvas metasploit plugin errors (Object#timeout is deprecated, use Timeout.timeout instead.)

Open openvas plugin with favorite text editor like this: leafpad /usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb locate the line 201 and replace : timeout(@read_timeout) { with Timeout.timeout(@read_timeout) { Done ! close any open  metasploit console/terminal and load metasploit-framework again from a new terminal! from WordPress http://ift.tt/2ide9sT via IFTTT

How to use Dander Spiritz Tool ( available with kerberos)

Fix for anonsurf on kerberos!

fix for anonsurf on kerberos, if anonsurf stops working.. and the logs output shows a error like this one : It seems that our clock is behind by 13 hours, 0 minutes, or that theirs is ahead. Tor requires an accurate clock to work: please check your time, timezone, and date settings. timedatectl set-local-rtc 1 timedatectl set-ntp 1 from WordPress http://ift.tt/2iddVC3 via IFTTT

How to install Kerberos!

Εικόνα
Download  Roza writer to create your usb :    for windows     Linux 64   Linux 32 Open Roza Writer press the button with the folder, locate your Kerberos iso  select your drive and hit write! Errors and Fixes No grub after installation or grub fail to install durring the installation If for some reason the installer failed to install grub , don’t panic!! You can fix this with  any linux distribution you have or just download a  ubuntu xenial iso and go on live mode and  open a terminal and type this : sudo add-apt-repository ppa:yannubuntu/boot-repair sudo apt-get update sudo apt-get install -y boot-repair && boot-repair now reboot and your grub sould be fixed! or manualy open a terminal and type : mount /dev/sda3 /mnt mount --bind /dev /mnt/dev mount --bind /dev/pts /mnt/dev/pts mount --bind /proc /mnt/proc mount --bind /sys /mnt/sys chroot /mnt grub-install /dev/sda update-grub exit umount /mnt/dev/pts umount /mnt/dev umount /mnt/proc umount /mnt/sys umount /