citrixInspector: Accurately fingerprint and detect vulnerable (and patched!) versions of Netscaler / Citrix ADC to CVE-2023-3519
🗣digicat
What are the experiences with the IoC checks so far?
👤Alert-Sale2153
🎖@malwr
🗣digicat
What are the experiences with the IoC checks so far?
👤Alert-Sale2153
🎖@malwr
GitHub
GitHub - securekomodo/citrixInspector: Accurately fingerprint and detect vulnerable (and patched!) versions of Netscaler / Citrix…
Accurately fingerprint and detect vulnerable (and patched!) versions of Netscaler / Citrix ADC to CVE-2023-3519 - securekomodo/citrixInspector
PurpleKeep: Providing Azure pipelines to create an infrastructure and run Atomic tests.
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
GitHub
GitHub - Retrospected/PurpleKeep: Providing Azure pipelines to create an infrastructure and run Atomic tests.
Providing Azure pipelines to create an infrastructure and run Atomic tests. - GitHub - Retrospected/PurpleKeep: Providing Azure pipelines to create an infrastructure and run Atomic tests.
👍1
apk2url - Tool to gather endpoints from an APK
apk2url is a tool that can be useful for developers, pentesters and redteamers for information gathering purposes. This tool gathers IP and URL endpoints from an APK using decompiling and disassembly.
You never know what you can find =)
Try it out:
https://github.com/n0mi1k/apk2url
🗣n0mi1k
Thanks for sharing, i’ll have to check this out!
Any idea on if it captures deeplinks too?
Edit: just saw you wrote it, i’ll give it a go an pass any suggestions if you’d like.
👤Killco_Joe
🎖@malwr
apk2url is a tool that can be useful for developers, pentesters and redteamers for information gathering purposes. This tool gathers IP and URL endpoints from an APK using decompiling and disassembly.
You never know what you can find =)
Try it out:
https://github.com/n0mi1k/apk2url
🗣n0mi1k
Thanks for sharing, i’ll have to check this out!
Any idea on if it captures deeplinks too?
Edit: just saw you wrote it, i’ll give it a go an pass any suggestions if you’d like.
👤Killco_Joe
🎖@malwr
GitHub
GitHub - n0mi1k/apk2url: An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling
An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling - n0mi1k/apk2url
Looking for SIEM advice.
I attend a cybersecurity club at my uni, and I'm researching for which SIEM to pick. Turns out we have Graylog planned for logging, and Wazuh I don't even know for what purpose. Then there's a third server that's purpose is SIEM.
My criteria is that the SIEM is free, works well in a Windows environment, and probably isn't one of the two mentioned. We have teams (Windows, Linux, Networking) and there are probably around 20-30 people total in the club.
So what I'm asking is what SIEM is the best for our purposes?
🗣SufficientPeanut7420
Student? Check out security onion. It's a Linux distro with a whole bunch of tools for capture, log aggregation and analysis. Basically, open source SIEM.
It has a learning curve, but you can just start with some small tools and expand out. If you get a handle on it, it sets you up great for using other tools, too.
👤homelaberator
Wazuh fits yours case and you already have it. You dont need graylog and Wazuh. Most siems are 1000s, if your budget is zero you certainly won’t be in the Splunk and Alienvault realms.
👤AngrySpaceBadger
SIEM is definitely one of those technologies that require a lot of upfront development/engineering just to get into a working state.
Realistically I’d see if your schools IT department will be able to sponsor a small instance with a commercial vendor for the best experience.
👤GeneralRechs
🎖@malwr
I attend a cybersecurity club at my uni, and I'm researching for which SIEM to pick. Turns out we have Graylog planned for logging, and Wazuh I don't even know for what purpose. Then there's a third server that's purpose is SIEM.
My criteria is that the SIEM is free, works well in a Windows environment, and probably isn't one of the two mentioned. We have teams (Windows, Linux, Networking) and there are probably around 20-30 people total in the club.
So what I'm asking is what SIEM is the best for our purposes?
🗣SufficientPeanut7420
Student? Check out security onion. It's a Linux distro with a whole bunch of tools for capture, log aggregation and analysis. Basically, open source SIEM.
It has a learning curve, but you can just start with some small tools and expand out. If you get a handle on it, it sets you up great for using other tools, too.
👤homelaberator
Wazuh fits yours case and you already have it. You dont need graylog and Wazuh. Most siems are 1000s, if your budget is zero you certainly won’t be in the Splunk and Alienvault realms.
👤AngrySpaceBadger
SIEM is definitely one of those technologies that require a lot of upfront development/engineering just to get into a working state.
Realistically I’d see if your schools IT department will be able to sponsor a small instance with a commercial vendor for the best experience.
👤GeneralRechs
🎖@malwr
Reddit
From the AskNetsec community on Reddit
Explore this post and more from the AskNetsec community
🌐 "WebPalm: Unleash Website Secrets for Cybersecurity!" 🌐
🔎 Discover WebPalm : Unleash Website Secrets! 🌐
Attention Cybersecurity Enthusiasts! 🛡️
Introducing WebPalm, the powerful command-line tool that unlocks the hidden treasures of websites! 🕵️♂️ Traverse websites, create a complete tree of webpages and links, and explore their interconnectedness like never before.
🔍 Extract Data with Ease: WebPalm can use regular expressions to extract data from webpage bodies, perfect for web scraping and gathering valuable information.
🚀 Fast and Reliable: Enjoy a seamless experience with lightning-fast performance and colorized output for easy error handling.
Join the exploration at:webpalm
Unleash the potential of WebPalm responsibly and dive into the fascinating world of website secrets! 🌟
🗣Adventurous_Dance527
🎖@malwr
🔎 Discover WebPalm : Unleash Website Secrets! 🌐
Attention Cybersecurity Enthusiasts! 🛡️
Introducing WebPalm, the powerful command-line tool that unlocks the hidden treasures of websites! 🕵️♂️ Traverse websites, create a complete tree of webpages and links, and explore their interconnectedness like never before.
🔍 Extract Data with Ease: WebPalm can use regular expressions to extract data from webpage bodies, perfect for web scraping and gathering valuable information.
🚀 Fast and Reliable: Enjoy a seamless experience with lightning-fast performance and colorized output for easy error handling.
Join the exploration at:webpalm
Unleash the potential of WebPalm responsibly and dive into the fascinating world of website secrets! 🌟
🗣Adventurous_Dance527
🎖@malwr
GitHub
GitHub - XORbit01/webpalm: 🕸️ Crawl in the web network
🕸️ Crawl in the web network. Contribute to XORbit01/webpalm development by creating an account on GitHub.
👍1