HACKFORUM

What is ephemeral data, you ask? InfluxData can supply the answer, becausehandling it is the business of the company’s InfluxData open-source platformthat is custom-built for metrics and events. Ephemeral data is transitory,existing only briefly, and is becoming vital for modern applications built wherecontainers, microservices and sensors can come and go and are intermittentlyconnected. The updated InfluxData 1.3 Platform can handle a billion (yes, with a”b”!) unique time series, making it easier to handle ephemeral data comingfrom containers or adding and removing sensors in IoT-tracking systems. InfluxDataaddresses the explosion of data points and sources, monitoring and controlsrequiring nanosecond precision coming from sensors and microservices. TheInfluxData platform provides a comprehensive set of tools and services toaccumulate metrics and events data, analyze the data and act on the data viapowerful visualizations and notifications. New features in release 1.3 includetime-s

Use nmap to scan hidden “onion” services on the Tor network. Minimal image based on alpine, using proxychains to wrap nmap. Tor and dnsmasq are run as daemons via s6, and proxychains wraps nmap to use the Tor SOCKS proxy on port 9050. Tor is also configured via DNSPort to anonymously resolve DNS requests to port 9053. dnsmasq is configured to with this localhost:9053 as an authority DNS server. Proxychains is configured to proxy DNS through the local resolver, so all DNS requests will go through Tor and applications can resolve .onion addresses. Onion Map Example: $ docker run --rm -it milesrichardson/onion-nmap -p 80,443 facebookcorewwwi.onion [tor_wait] Wait for Tor to boot... (might take a while) [tor_wait] Done. Tor booted. [nmap onion] nmap -p 80,443 facebookcorewwwi.onion [proxychains] config file found: /etc/proxychains.conf [proxychains] preloading /usr/lib/libproxychains4.so [proxychains] DLL init: proxychains-ng 4.12 Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-23

Onion Routed Cloud is a decentralized, anonymous, object storage platform owned and operated by allies in defense of human rights and opposition to censorship. ORC is a volunteer run cloud storage network that protects users from surveillance and puts them in control of their data. Use cases: For Activists Organize safely and effectively by preventing adversaries from monitoring your efforts and protect each other’s identities. For Journalists Protect your sources by sharing files securely and anonymously, then publish without risk of censorship from governments or internet service providers. For Friends Keep what’s between friends just between friends. Share photos, videos, and documents with people you trust. When you store a file in the ORC network, your file is first encrypted on your computer using a key that only you hold. The encrypted file is then split into different pieces and “parity” pieces are generated for redundancy. ORC connects to other peers, which are T

Across the Internet, hundreds of thousands of sites rely on Google’s reCaptcha system for defense against bots (in fact, Devpost uses reCaptcha when creating a new account). After a Google research team demonstrated a near complete defeat of the text reCaptcha in 2012, the reCaptcha system evolved to rely on audio and image challenges, historically more difficult challenges for automated systems to solve. Google has continually iterated on its design, releasing a newer and more powerful version as recently as just this year. Successfully demonstrating a defeat of this captcha system spells significant vulnerability for hundreds of thousands of popular sites. What it does unCaptcha system has attack capabilities written for the audio captcha. Using browser automation software, we can interact with the target website and engage with the captcha, parsing out the necessary elements to begin the attack. We rely primarily on the audio captcha attack – by properly identifying spoken number

KRACK Detector is a Python script to detect possible KRACK attacks against client devices on your network. The script is meant to be run on the Access Point rather than the client devices. It listens on the Wi-Fi interface and waits for duplicate message 3 of the 4-way handshake. It then disconnects the suspected device, preventing it from sending any further sensitive data to the Access Point. KRACK Detector currently supports Linux Access Points with hostapd . It uses Python 2 for compatibility with older operating systems. No external Python packages are required. Usage Run as root and pass the Wi-Fi interface as a single argument. It is important to use the actual Wi-Fi interface and not any bridge interface it connects to. python krack_detect.py wlan0 If you do not wish to disconnect suspected devices, use the -n flag python krack_detect.py -n wlan0 Known Issues Message 3 of the 4-way handshake might be retransmitted even if no attack is perfomed. In such a case the

Assemblyline is a scalable distributed file analysis framework . It is designed to process millions of files per day but can also be installed on a single box. Canada’s electronic spy agency says it is taking the “unprecedented step” of releasing one of its own cyber defence tools to the public, in a bid to help companies and organizations better defend their computers and networks against malicious threats. An Assemblyline cluster consists of 3 types of boxes: Core, Datastore and Worker. Components Assemblyline Core The Assemblyline Core server runs all the required components to receive/dispatch tasks to the different workers. It hosts the following processes: Redis (Queue/Messaging) FTP (proftpd: File transfer) Dispatcher (Worker tasking and job completion) Ingester (High volume task ingestion) Expiry (Data deletion) Alerter (Creates alerts when score threshold is met) UI/API (NGINX, UWSGI, Flask, AngularJS) Websocket (NGINX, Gunicorn, GEvent) Assemblyline Datastor

Qubes OS is a security-oriented operating system (OS). The OS is the software that runs all the other programs on a computer. Some examples of popular OSes are Microsoft Windows, Mac OS X, Android, and iOS. Qubes is free and open-source software (FOSS). This means that everyone is free to use, copy, and change the software in any way. It also means that the source code is openly available so others can contribute to and audit it. Why is OS security important? Most people use an operating system like Windows or OS X on their desktop and laptop computers. These OSes are popular because they tend to be easy to use and usually come pre-installed on the computers people buy. However, they present problems when it comes to security. For example, you might open an innocent-looking email attachment or website, not realizing that you’re actually allowing malware (malicious software) to run on your computer. Depending on what kind of malware it is, it might do anything from showing you unwant

hashcat is the world’s fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and macOS, and has facilities to help enable distributed password cracking. The world’s fastest and most advanced password recovery utility Hashcat 4.0 Released GPU Driver requirements: AMD GPUs on Linux require “RadeonOpenCompute (ROCm)” Software Platform (1.6.180 or later) AMD GPUs on Windows require “AMD Radeon Software Crimson Edition” (15.12 or later) Intel CPUs require “OpenCL Runtime for Intel Core and Intel Xeon Processors” (16.1.1 or later) Intel GPUs on Linux require “OpenCL 2.0 GPU Driver Package for Linux” (2.0 or later) Intel GPUs on Windows require “OpenCL Driver for Intel Iris and Intel HD Graphics” NVIDIA GPUs require “NVIDIA Driver” (367.x or later) Features World’s fastest password cracker World’s f

MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer “Milter” API, which makes it more flexible and efficient than procmail-based approaches. from WordPress http://ift.tt/2gNvdFi via IFTTT

In the US, there has been recent concern over ISPs turning over logs tothe government. During the past few years, the idea of people snooping onour private data (by governments and others) really has made encryptionmore popular than ever before. One of the problems with encryption,however, is that it’s generally not user-friendly to add its protectionto your conversations. Thankfully, messaging services are startingto take notice of the demand. For me, I need a messaging service thatworks across multiple platforms, encrypts automatically, supports groupmessaging and ideally can handle audio/video as well. Thankfully,I found an incredible open-source package that ticks all my boxes: Wire. There are some other great software packages for encryptingconversations. Programs like Signal do end-to-end encryption, butfall short when it comes to audio and video. Telegram is greatfor sending encrypted file transfers, but it doesn’t handle directcommunication. Thankfully, Wire not only encrypt

What is ephemeral data, you ask? InfluxData can supply the answer, becausehandling it is the business of the company’s InfluxData open-source platformthat is custom-built for metrics and events. Ephemeral data is transitory,existing only briefly, and is becoming vital for modern applications built wherecontainers, microservices and sensors can come and go and are intermittentlyconnected. The updated InfluxData 1.3 Platform can handle a billion (yes, with a”b”!) unique time series, making it easier to handle ephemeral data comingfrom containers or adding and removing sensors in IoT-tracking systems. InfluxDataaddresses the explosion of data points and sources, monitoring and controlsrequiring nanosecond precision coming from sensors and microservices. TheInfluxData platform provides a comprehensive set of tools and services toaccumulate metrics and events data, analyze the data and act on the data viapowerful visualizations and notifications. New features in release 1.3 includetime-s

Anyone who reads Linux Journal knows about my fascination withbirdwatching. I’ve created my own weatherproof video cameras witha Raspberry Pi. I’ve posted instructions on how to create your ownautomatically updating camera image page with JavaScript. Heck, I evenlearned CSS so I could make a mobile-friendly version of BirdCam thatfilled the screen in landscape mode. Recently, however, I’ve finallybeen able to create an automated system that streams my BirdCam liveover YouTube. It starts when the sun comes up and stops when the sungoes down. And thanks to some powerful open-source software, I neverhave to touch the system! Some of the tools I describe here have beencovered in other articles, but this is the first time I’ve been able tocreate a stream that anyone can see utilizing bandwidth Google pays for! Figure 1. Birds are always camera-shy. If you watch long enough, however,they come and steal peanuts! My List of Ingredients First off, I want to be clear about what sort of h

Pick up any e-commerce web or mobile app today, and you’ll be holding a mashup of interconnected applications and services from a variety of different providers. For instance, when you connect to Amazon’s e-commerce app, cookies, tags and pixels that are monitored by solutions like Exact Target, BazaarVoice, Bing, Shopzilla, Liveramp and Google Tag Manager track every action you take. You’re presented with special offers and coupons based on your viewing and buying patterns. If you find something you want for your birthday, a third party manages your wish list, which you can share through multiple social- media outlets or email to a friend. When you select something to buy, you find yourself presented with similar items as kind suggestions. And when you finally check out, you’re offered the ability to pay with promo codes, gifts cards, PayPal or a variety of credit cards. Get the Guide from WordPress http://ift.tt/2zYGTNW via IFTTT

Use nmap to scan hidden “onion” services on the Tor network. Minimal image based on alpine, using proxychains to wrap nmap. Tor and dnsmasq are run as daemons via s6, and proxychains wraps nmap to use the Tor SOCKS proxy on port 9050. Tor is also configured via DNSPort to anonymously resolve DNS requests to port 9053. dnsmasq is configured to with this localhost:9053 as an authority DNS server. Proxychains is configured to proxy DNS through the local resolver, so all DNS requests will go through Tor and applications can resolve .onion addresses. Onion Map Example: $ docker run --rm -it milesrichardson/onion-nmap -p 80,443 facebookcorewwwi.onion [tor_wait] Wait for Tor to boot... (might take a while) [tor_wait] Done. Tor booted. [nmap onion] nmap -p 80,443 facebookcorewwwi.onion [proxychains] config file found: /etc/proxychains.conf [proxychains] preloading /usr/lib/libproxychains4.so [proxychains] DLL init: proxychains-ng 4.12 Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-23

Onion Routed Cloud is a decentralized, anonymous, object storage platform owned and operated by allies in defense of human rights and opposition to censorship. ORC is a volunteer run cloud storage network that protects users from surveillance and puts them in control of their data. Use cases: For Activists Organize safely and effectively by preventing adversaries from monitoring your efforts and protect each other’s identities. For Journalists Protect your sources by sharing files securely and anonymously, then publish without risk of censorship from governments or internet service providers. For Friends Keep what’s between friends just between friends. Share photos, videos, and documents with people you trust. When you store a file in the ORC network, your file is first encrypted on your computer using a key that only you hold. The encrypted file is then split into different pieces and “parity” pieces are generated for redundancy. ORC connects to other peers, which are T

Across the Internet, hundreds of thousands of sites rely on Google’s reCaptcha system for defense against bots (in fact, Devpost uses reCaptcha when creating a new account). After a Google research team demonstrated a near complete defeat of the text reCaptcha in 2012, the reCaptcha system evolved to rely on audio and image challenges, historically more difficult challenges for automated systems to solve. Google has continually iterated on its design, releasing a newer and more powerful version as recently as just this year. Successfully demonstrating a defeat of this captcha system spells significant vulnerability for hundreds of thousands of popular sites. What it does unCaptcha system has attack capabilities written for the audio captcha. Using browser automation software, we can interact with the target website and engage with the captcha, parsing out the necessary elements to begin the attack. We rely primarily on the audio captcha attack – by properly identifying spoken number

KRACK Detector is a Python script to detect possible KRACK attacks against client devices on your network. The script is meant to be run on the Access Point rather than the client devices. It listens on the Wi-Fi interface and waits for duplicate message 3 of the 4-way handshake. It then disconnects the suspected device, preventing it from sending any further sensitive data to the Access Point. KRACK Detector currently supports Linux Access Points with hostapd . It uses Python 2 for compatibility with older operating systems. No external Python packages are required. Usage Run as root and pass the Wi-Fi interface as a single argument. It is important to use the actual Wi-Fi interface and not any bridge interface it connects to. python krack_detect.py wlan0 If you do not wish to disconnect suspected devices, use the -n flag python krack_detect.py -n wlan0 Known Issues Message 3 of the 4-way handshake might be retransmitted even if no attack is perfomed. In such a case the