Photos from National Cyber Security Services's post
DevAudit:-- Open-source, cross-platform, multi-purpose #security #auditing #tool targeted at #developers and #teams adopting #DevOps and #DevSecOps that detects security #vulnerabilities at multiple levels of the solution stack.
Features:-
1. Cross-platform with a #Docker image also available.
2. #CLI interface.
3. Continuously updated vulnerabilities data.
4. Audit #operating #system and #development package dependencies.
5. Audit application #server configurations.
6. Audit application #configurations.
7. Audit application #code by #static analysis.
8. #Remote agentless auditing.
9. Agentless Docker container auditing.
10. #GitHub repository auditing.
11. #PowerShell support.
#Download #Link:-
https://github.com/OSSIndex/DevAudit
DevAudit:-- Open-source, cross-platform, multi-purpose #security #auditing #tool targeted at #developers and #teams adopting #DevOps and #DevSecOps that detects security #vulnerabilities at multiple levels of the solution stack.
Features:-
1. Cross-platform with a #Docker image also available.
2. #CLI interface.
3. Continuously updated vulnerabilities data.
4. Audit #operating #system and #development package dependencies.
5. Audit application #server configurations.
6. Audit application #configurations.
7. Audit application #code by #static analysis.
8. #Remote agentless auditing.
9. Agentless Docker container auditing.
10. #GitHub repository auditing.
11. #PowerShell support.
#Download #Link:-
https://github.com/OSSIndex/DevAudit
Photos from National Cyber Security Services's post
ClobberTime:-- #ClobberTime is a 3graphical frontend that provides functionality for the manipulation of #MAC (Modified, Accessed, Created) #timestamps during Windows Red Team or #Pentesting #engagements, without modifying current #system time and without invoking the #traditional timestomp binary. It is also designed as an #educational tool to demonstrate the difference between userland timestamps (which can be easily manipulated) and timestamps recorded in the #filesystem MFT.
#Windows #RedTeam
#Downlaod #Link:-
https://github.com/vhoudoverdov/Windows-RedTeam/tree/master/ClobberTime
ClobberTime:-- #ClobberTime is a 3graphical frontend that provides functionality for the manipulation of #MAC (Modified, Accessed, Created) #timestamps during Windows Red Team or #Pentesting #engagements, without modifying current #system time and without invoking the #traditional timestomp binary. It is also designed as an #educational tool to demonstrate the difference between userland timestamps (which can be easily manipulated) and timestamps recorded in the #filesystem MFT.
#Windows #RedTeam
#Downlaod #Link:-
https://github.com/vhoudoverdov/Windows-RedTeam/tree/master/ClobberTime
Photos from National Cyber Security Services's post
Malcolm:-- #Malcolm is a #powerful, easily #deployable #network #traffic #analysis #tool suite for full #packet #capture artifacts (#PCAP files) and #Zeek logs.
Malcolm is a powerful network traffic analysis tool suite designed with the following goals in mind:-
1. Easy to use:– Malcolm accepts network traffic #data in the form of full packet capture (PCAP) files and Zeek (formerly Bro) logs. These artifacts can be uploaded via a simple browser-based interface or captured live and forwarded to Malcolm using lightweight forwarders. In either case, the data is #automatically normalized, #enriched, and correlated for analysis.
2. Powerful traffic analysis:– Visibility into network communications is provided through two intuitive interfaces: #Kibana, a flexible data #visualization plugin with dozens of prebuilt #dashboards providing an at-a-glance overview of network protocols; and Moloch, a powerful tool for finding and identifying the network #sessions #comprising suspected security incidents.
3. Streamlined deployment:– Malcolm operates as a cluster of #Docker containers, isolated #sandboxes which each serves a dedicated function of the #system. This Docker-based deployment model, combined with a few simple scripts for setup and run-time management, makes Malcolm suitable to be deployed quickly across a variety of platforms and use cases, whether it be for long-term deployment on a #Linux #server in a #security operations center (SOC) or for incident response on a #Macbook for an individual engagement.
4. Secure #communications:– All #communications with Malcolm, both from the user interface and from #remote log forwarders, are secured with industry-standard #encryption #protocols.
5. Permissive license:– Malcolm is comprised of several widely used open-source tools, making it an attractive alternative to security solutions requiring paid #licenses.
6. Expanding control systems visibility:– While Malcolm is great for general-purpose network traffic analysis, its creators see a particular need in the #community for tools providing insight into protocols used in industrial control systems (ICS) environments. Ongoing Malcolm development will aim to provide additional parsers for common #ICS protocols.
#Download #Link:-
https://github.com/idaholab/Malcolm
Malcolm:-- #Malcolm is a #powerful, easily #deployable #network #traffic #analysis #tool suite for full #packet #capture artifacts (#PCAP files) and #Zeek logs.
Malcolm is a powerful network traffic analysis tool suite designed with the following goals in mind:-
1. Easy to use:– Malcolm accepts network traffic #data in the form of full packet capture (PCAP) files and Zeek (formerly Bro) logs. These artifacts can be uploaded via a simple browser-based interface or captured live and forwarded to Malcolm using lightweight forwarders. In either case, the data is #automatically normalized, #enriched, and correlated for analysis.
2. Powerful traffic analysis:– Visibility into network communications is provided through two intuitive interfaces: #Kibana, a flexible data #visualization plugin with dozens of prebuilt #dashboards providing an at-a-glance overview of network protocols; and Moloch, a powerful tool for finding and identifying the network #sessions #comprising suspected security incidents.
3. Streamlined deployment:– Malcolm operates as a cluster of #Docker containers, isolated #sandboxes which each serves a dedicated function of the #system. This Docker-based deployment model, combined with a few simple scripts for setup and run-time management, makes Malcolm suitable to be deployed quickly across a variety of platforms and use cases, whether it be for long-term deployment on a #Linux #server in a #security operations center (SOC) or for incident response on a #Macbook for an individual engagement.
4. Secure #communications:– All #communications with Malcolm, both from the user interface and from #remote log forwarders, are secured with industry-standard #encryption #protocols.
5. Permissive license:– Malcolm is comprised of several widely used open-source tools, making it an attractive alternative to security solutions requiring paid #licenses.
6. Expanding control systems visibility:– While Malcolm is great for general-purpose network traffic analysis, its creators see a particular need in the #community for tools providing insight into protocols used in industrial control systems (ICS) environments. Ongoing Malcolm development will aim to provide additional parsers for common #ICS protocols.
#Download #Link:-
https://github.com/idaholab/Malcolm
Photos from National Cyber Security Services's post
Maltrail:-- #Malicious #traffic #detection #system.
Maltrail is a #malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything from #domain name (e.g. zvpprsensinaix.com for #Banjori malware), URL (e.g. hXXp://109.162.38.120/harsh02.exe for known malicious executable), IP address (e.g. 185.130.5.231 for known attacker) or #HTTP User-Agent header value (e.g. #sqlmap for automatic #SQL #injection and #database takeover tool). Also, it uses (optional) advanced heuristic #mechanisms that can help in the discovery of unknown threats (e.g. new #malware).
#Downlaod #Link:-
https://github.com/stamparm/maltrail
Maltrail:-- #Malicious #traffic #detection #system.
Maltrail is a #malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything from #domain name (e.g. zvpprsensinaix.com for #Banjori malware), URL (e.g. hXXp://109.162.38.120/harsh02.exe for known malicious executable), IP address (e.g. 185.130.5.231 for known attacker) or #HTTP User-Agent header value (e.g. #sqlmap for automatic #SQL #injection and #database takeover tool). Also, it uses (optional) advanced heuristic #mechanisms that can help in the discovery of unknown threats (e.g. new #malware).
#Downlaod #Link:-
https://github.com/stamparm/maltrail
Photos from National Cyber Security Services's post
DWKit:-- DWKit is a #Business #Process #Management #System based on .NET Core and React.
DWKit is a .NET BPM system made with simplicity and flexibility in mind. DWKit allows you to model, automate and execute mission-critical business processes, whatever #industry you’re operating in.
Features:-
1. Drag-&-drop form builder
2. Designer of workflow
3. User Interface on #React (JSX)
4. Role-based access control
5. #Admin panel
6. Support #MSSQL/ #PostgreSQL/ #Oracle #databases
7. Works fine on #Windows/ #Linux/ #MacOSX
#Download #Link:-
https://github.com/optimajet/DWKit
DWKit:-- DWKit is a #Business #Process #Management #System based on .NET Core and React.
DWKit is a .NET BPM system made with simplicity and flexibility in mind. DWKit allows you to model, automate and execute mission-critical business processes, whatever #industry you’re operating in.
Features:-
1. Drag-&-drop form builder
2. Designer of workflow
3. User Interface on #React (JSX)
4. Role-based access control
5. #Admin panel
6. Support #MSSQL/ #PostgreSQL/ #Oracle #databases
7. Works fine on #Windows/ #Linux/ #MacOSX
#Download #Link:-
https://github.com/optimajet/DWKit