Brakeman:-- A #static #analysis #security #vulnerability #scanner for #Ruby on #Rails #applications
#Compatibility:-
Brakeman should work with any version of Rails from 2.3.x to 6.x.
#Brakeman can analyze #code written with Ruby 1.8 syntax and #newer but requires at least Ruby 2.3.0 to run.
Brakeman assigns a confidence level to each #warning. This provides a rough estimate of how certain the tool is that a given warning is actually a problem. Naturally, these ratings should not be taken as absolute truth.
There are three levels of confidence:-
1. High - Either this is a simple warning (#boolean value) or user input is very likely being used in unsafe ways.
2. Medium - This generally indicates an unsafe use of a variable, but the #variable may or may not be user input.
3. Weak - Typically means user input was indirectly used in a potentially unsafe manner.
#Download #Link:-
https://github.com/presidentbeef/brakeman
Brakeman:-- A #static #analysis #security #vulnerability #scanner for #Ruby on #Rails #applications
#Compatibility:-
Brakeman should work with any version of Rails from 2.3.x to 6.x.
#Brakeman can analyze #code written with Ruby 1.8 syntax and #newer but requires at least Ruby 2.3.0 to run.
Brakeman assigns a confidence level to each #warning. This provides a rough estimate of how certain the tool is that a given warning is actually a problem. Naturally, these ratings should not be taken as absolute truth.
There are three levels of confidence:-
1. High - Either this is a simple warning (#boolean value) or user input is very likely being used in unsafe ways.
2. Medium - This generally indicates an unsafe use of a variable, but the #variable may or may not be user input.
3. Weak - Typically means user input was indirectly used in a potentially unsafe manner.
#Download #Link:-
https://github.com/presidentbeef/brakeman
#Compatibility:-
Brakeman should work with any version of Rails from 2.3.x to 6.x.
#Brakeman can analyze #code written with Ruby 1.8 syntax and #newer but requires at least Ruby 2.3.0 to run.
Brakeman assigns a confidence level to each #warning. This provides a rough estimate of how certain the tool is that a given warning is actually a problem. Naturally, these ratings should not be taken as absolute truth.
There are three levels of confidence:-
1. High - Either this is a simple warning (#boolean value) or user input is very likely being used in unsafe ways.
2. Medium - This generally indicates an unsafe use of a variable, but the #variable may or may not be user input.
3. Weak - Typically means user input was indirectly used in a potentially unsafe manner.
#Download #Link:-
https://github.com/presidentbeef/brakeman
Brakeman:-- A #static #analysis #security #vulnerability #scanner for #Ruby on #Rails #applications
#Compatibility:-
Brakeman should work with any version of Rails from 2.3.x to 6.x.
#Brakeman can analyze #code written with Ruby 1.8 syntax and #newer but requires at least Ruby 2.3.0 to run.
Brakeman assigns a confidence level to each #warning. This provides a rough estimate of how certain the tool is that a given warning is actually a problem. Naturally, these ratings should not be taken as absolute truth.
There are three levels of confidence:-
1. High - Either this is a simple warning (#boolean value) or user input is very likely being used in unsafe ways.
2. Medium - This generally indicates an unsafe use of a variable, but the #variable may or may not be user input.
3. Weak - Typically means user input was indirectly used in a potentially unsafe manner.
#Download #Link:-
https://github.com/presidentbeef/brakeman
Photos from National Cyber Security Services's post
Malcolm:-- #Malcolm is a #powerful, easily #deployable #network #traffic #analysis #tool suite for full #packet #capture artifacts (#PCAP files) and #Zeek logs.
Malcolm is a powerful network traffic analysis tool suite designed with the following goals in mind:-
1. Easy to use:– Malcolm accepts network traffic #data in the form of full packet capture (PCAP) files and Zeek (formerly Bro) logs. These artifacts can be uploaded via a simple browser-based interface or captured live and forwarded to Malcolm using lightweight forwarders. In either case, the data is #automatically normalized, #enriched, and correlated for analysis.
2. Powerful traffic analysis:– Visibility into network communications is provided through two intuitive interfaces: #Kibana, a flexible data #visualization plugin with dozens of prebuilt #dashboards providing an at-a-glance overview of network protocols; and Moloch, a powerful tool for finding and identifying the network #sessions #comprising suspected security incidents.
3. Streamlined deployment:– Malcolm operates as a cluster of #Docker containers, isolated #sandboxes which each serves a dedicated function of the #system. This Docker-based deployment model, combined with a few simple scripts for setup and run-time management, makes Malcolm suitable to be deployed quickly across a variety of platforms and use cases, whether it be for long-term deployment on a #Linux #server in a #security operations center (SOC) or for incident response on a #Macbook for an individual engagement.
4. Secure #communications:– All #communications with Malcolm, both from the user interface and from #remote log forwarders, are secured with industry-standard #encryption #protocols.
5. Permissive license:– Malcolm is comprised of several widely used open-source tools, making it an attractive alternative to security solutions requiring paid #licenses.
6. Expanding control systems visibility:– While Malcolm is great for general-purpose network traffic analysis, its creators see a particular need in the #community for tools providing insight into protocols used in industrial control systems (ICS) environments. Ongoing Malcolm development will aim to provide additional parsers for common #ICS protocols.
#Download #Link:-
https://github.com/idaholab/Malcolm
Malcolm:-- #Malcolm is a #powerful, easily #deployable #network #traffic #analysis #tool suite for full #packet #capture artifacts (#PCAP files) and #Zeek logs.
Malcolm is a powerful network traffic analysis tool suite designed with the following goals in mind:-
1. Easy to use:– Malcolm accepts network traffic #data in the form of full packet capture (PCAP) files and Zeek (formerly Bro) logs. These artifacts can be uploaded via a simple browser-based interface or captured live and forwarded to Malcolm using lightweight forwarders. In either case, the data is #automatically normalized, #enriched, and correlated for analysis.
2. Powerful traffic analysis:– Visibility into network communications is provided through two intuitive interfaces: #Kibana, a flexible data #visualization plugin with dozens of prebuilt #dashboards providing an at-a-glance overview of network protocols; and Moloch, a powerful tool for finding and identifying the network #sessions #comprising suspected security incidents.
3. Streamlined deployment:– Malcolm operates as a cluster of #Docker containers, isolated #sandboxes which each serves a dedicated function of the #system. This Docker-based deployment model, combined with a few simple scripts for setup and run-time management, makes Malcolm suitable to be deployed quickly across a variety of platforms and use cases, whether it be for long-term deployment on a #Linux #server in a #security operations center (SOC) or for incident response on a #Macbook for an individual engagement.
4. Secure #communications:– All #communications with Malcolm, both from the user interface and from #remote log forwarders, are secured with industry-standard #encryption #protocols.
5. Permissive license:– Malcolm is comprised of several widely used open-source tools, making it an attractive alternative to security solutions requiring paid #licenses.
6. Expanding control systems visibility:– While Malcolm is great for general-purpose network traffic analysis, its creators see a particular need in the #community for tools providing insight into protocols used in industrial control systems (ICS) environments. Ongoing Malcolm development will aim to provide additional parsers for common #ICS protocols.
#Download #Link:-
https://github.com/idaholab/Malcolm
Seccubus:-- #Easily #automated #vulnerability #scanning, #reporting, and #analysis.
#Seccubus automates regular vulnerability scans with various tools and aids #security people in the fast analysis of its output, both on the first scan and on repeated scans.
Seccubus V2 works with the following scanners:-
1. #Nessus
2. #OpenVAS
3. #Skipfish
4. #Medusa (local and remote)
5. #Nikto (local and remote)
6. #NMap (local and remote)
7. #OWASP-ZAP (local and remote)
8. #SSLyze
9. #Medusa
10. #Qualys #SSL labs
11. testssl.sh (local and remote)
#Download #Link:-
https://github.com/seccubus/seccubus
Seccubus:-- #Easily #automated #vulnerability #scanning, #reporting, and #analysis.
#Seccubus automates regular vulnerability scans with various tools and aids #security people in the fast analysis of its output, both on the first scan and on repeated scans.
Seccubus V2 works with the following scanners:-
1. #Nessus
2. #OpenVAS
3. #Skipfish
4. #Medusa (local and remote)
5. #Nikto (local and remote)
6. #NMap (local and remote)
7. #OWASP-ZAP (local and remote)
8. #SSLyze
9. #Medusa
10. #Qualys #SSL labs
11. testssl.sh (local and remote)
#Download #Link:-
https://github.com/seccubus/seccubus
#Seccubus automates regular vulnerability scans with various tools and aids #security people in the fast analysis of its output, both on the first scan and on repeated scans.
Seccubus V2 works with the following scanners:-
1. #Nessus
2. #OpenVAS
3. #Skipfish
4. #Medusa (local and remote)
5. #Nikto (local and remote)
6. #NMap (local and remote)
7. #OWASP-ZAP (local and remote)
8. #SSLyze
9. #Medusa
10. #Qualys #SSL labs
11. testssl.sh (local and remote)
#Download #Link:-
https://github.com/seccubus/seccubus
Seccubus:-- #Easily #automated #vulnerability #scanning, #reporting, and #analysis.
#Seccubus automates regular vulnerability scans with various tools and aids #security people in the fast analysis of its output, both on the first scan and on repeated scans.
Seccubus V2 works with the following scanners:-
1. #Nessus
2. #OpenVAS
3. #Skipfish
4. #Medusa (local and remote)
5. #Nikto (local and remote)
6. #NMap (local and remote)
7. #OWASP-ZAP (local and remote)
8. #SSLyze
9. #Medusa
10. #Qualys #SSL labs
11. testssl.sh (local and remote)
#Download #Link:-
https://github.com/seccubus/seccubus
Qu1cksc0pe:-- Quick #suspicious #file #analysis #tool.
1. Usage before install: python3 qu1cksc0pe.py --file suspicious_file --category anything
2. Usage after install: qu1cksc0pe --file suspicious_file --category anything
#Download #Link:-
https://github.com/CYB3RMX/Qu1cksc0pe
Qu1cksc0pe:-- Quick #suspicious #file #analysis #tool.
1. Usage before install: python3 qu1cksc0pe.py --file suspicious_file --category anything
2. Usage after install: qu1cksc0pe --file suspicious_file --category anything
#Download #Link:-
https://github.com/CYB3RMX/Qu1cksc0pe
1. Usage before install: python3 qu1cksc0pe.py --file suspicious_file --category anything
2. Usage after install: qu1cksc0pe --file suspicious_file --category anything
#Download #Link:-
https://github.com/CYB3RMX/Qu1cksc0pe
Qu1cksc0pe:-- Quick #suspicious #file #analysis #tool.
1. Usage before install: python3 qu1cksc0pe.py --file suspicious_file --category anything
2. Usage after install: qu1cksc0pe --file suspicious_file --category anything
#Download #Link:-
https://github.com/CYB3RMX/Qu1cksc0pe
Photos from National Cyber Security Services's post
Memhunter:-- Live #Hunting Of #Code #Injection #Techniques.
Memhunter is an endpoint sensor tool that is specialized in detecing resident #malware, improving the threat hunter analysis process and remediation times. The tool detects and reports memory-resident malware living on endpoint processes. Memhunter detects known #malicious #memory injection techniques. The detection #process is performed through live analysis and without needing memory dumps. The tool was designed as a replacement for memory #forensic #volatility #plugins such as malfind and hollowfind. The idea of not requiring memory dumps helps on performing the memory-resident malware threat hunting at scale, without manual #analysis, and without the complex #infrastructure needed to move dumps to forensic environments.
#Download #Link:-
https://github.com/marcosd4h/memhunter
Memhunter:-- Live #Hunting Of #Code #Injection #Techniques.
Memhunter is an endpoint sensor tool that is specialized in detecing resident #malware, improving the threat hunter analysis process and remediation times. The tool detects and reports memory-resident malware living on endpoint processes. Memhunter detects known #malicious #memory injection techniques. The detection #process is performed through live analysis and without needing memory dumps. The tool was designed as a replacement for memory #forensic #volatility #plugins such as malfind and hollowfind. The idea of not requiring memory dumps helps on performing the memory-resident malware threat hunting at scale, without manual #analysis, and without the complex #infrastructure needed to move dumps to forensic environments.
#Download #Link:-
https://github.com/marcosd4h/memhunter