A newly found Truebot Malware targets both US and Canada-based organizations to exfiltrate sensitive information by exploiting vulnerabilities in the Netwrix Auditor application(CVE-2022-31199). Truebot malware is a botnet that is delivered through phishing campaigns to attack victims, now exploiting the vulnerability to gain access to the machine. CISA and FBI jointly issue warnings about the […]
Cybersecurity researchers have reported an increase in TrueBot infections, primarily targeting Mexico, Brazil, Pakistan, and the U.S. Cisco Talos said the attackers behind the operation have moved from using malicious emails to alternative delivery methods such as the exploitation of a now-patched remote code execution (RCE) flaw in Netwrix auditor as well as the Raspberry […]
Docker is a technology for containerization, while Kubernetes is a tool for orchestrating container deployments. In the subsequent subsections, we will discuss a variety of open-source tools that really are useful for securing Kubernetes clusters. These open source tools involve code snippets that will help with static scanning of Docker images, security auditing, hardening Kubernetes […]
Securities and Exchange Board of India (SEBI) has released another update for its “Cyber Security and Cyber Resilience Framework,” establishing a considerably short deadline to file an exhaustive information security status report. The statement applies to financial institutions and companies in stock exchanges. The update considers any system storing personally identifiable information (PII) as critical […]
Cisco is one of the most important companies in its field worldwide, offering sophisticated tools for telecommunications, system management, and network security. Because of its relevant role in all kinds of public and private organizations worldwide, cyberattacks against Cisco deployments have become a common practice, forcing both hacking groups, cybersecurity agencies and firms to conduct […]
The security of Internet-connected cameras remains a very little explored topic. According to IT security audit specialists from the International Institute of Cyber Security (IICS), an old Windows application known as ONVIF Device Manager can find a security camera in seconds and even access transmission due to the poor security measures included in these products. […]
Credential Dumping Tool for SolarWinds Orion Blog post: https://malicious.link/post/2020/solarflare-release-password-dumper-for-solarwinds-orion/ Credit to @asolino, @gentilkiwi, and @skelsec for helping me figuring out DPAPI. ============================================ | Collecting RabbitMQ Erlang Cookie | Erlang Cookie: abcdefg12456789abcde ============================================ | Collecting SolarWinds Certificate | SolarWinds Orion Certificate Found! | Subject Name: CN=SolarWinds-Orion | Thumbprint : BE85C6C3AACA8840E166187B6AB8C6BA9DA8DE80 | Password : alcvabkajp4 | […]
Just a powershell scripts for auditing security with CIS BEST Practices Windows 10 and Window Server 2016 You just need to run the script, it will create a directory named : AUDIT_CONF_%DATE% The directory output will contain the files belows: -Antivirus-%COMPUTERNAME% : List installed Antivirus software -APPDATA%COMPUTERNAME% : List all […]
Aura is a static analysis framework developed as a response to the ever-increasing threat of malicious packages and vulnerable code published on PyPI. Project goals: provide an automated monitoring system over uploaded packages to PyPI, alert on anomalies that can either indicate an ongoing attack or vulnerabilities in the code enable an organization to […]
WiFi security is an element that sometimes receives little attention from system administrators, although it is a fundamental factor in consolidating a secure IT environment, pentesting specialists from the International Institute of Cyber Security (IICS) say. Below are details on some tools that, while feature different functions, were developed to provide you with as much […]
PowerShell Script to perform a quick AD audit _____ ____ _____ _ _ _| _ | | _ |_ _ _| |_| |_| | | | | | | | . | | _||__|__|____/ |__|__|___|___|_|_| by phillips321 If you have any decent powershell one liners that could be used in the script please let me […]
LightBulb is an open source python framework for auditing web application firewalls and filters. Web Applications Firewalls (WAFs) are fundamental building blocks of modern application security. For example, the PCI standard for organizations handling credit card transactions dictates that any application facing the internet should be either protected by a WAF or successfully pass a […]
Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather than going through dozens of pages on the web consoles, Scout Suite presents a clear view of […]
Wifi Pumpkin is a security audit framework used to test the security of wifi against threats like man in the middle attacks. The tool also can create rogue Wi-Fi access points, deauth attacks on client APs, a probe request and credentials monitor, transparent proxy, Windows update attack, phishing manager, ARP Poisoning, DNS Spoofing, Pumpkin-Proxy, and […]
Yuki Chan is an Automated Penetration Testing tool that will be auditing all standard security assessment for you. It is one of the Best Penetration testing Tool which provides many Integrated Security Tools and Performing Many Penetration testing Operation into Target Network. There are more than 15 Modules has been Integrated with Yuki chan and it is […]
DevAudit is an open-source, cross-platform, multi-purpose security auditing tool targeted at developers and teams adopting DevOps and DevSecOps that detects security vulnerabilities at multiple levels of the solution stack. DevAudit provides a wide array of auditing capabilities that automate security practices and implementation of security auditing in the software development life-cycle. DevAudit can scan your […]
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditing tool. Used by system administrators, security […]
The Japanese government is seen as very proactive in its goal of making the 2020 Tokyo Olympics secure as possible, yes including the sector of cybersecurity. Headed by the National Institute of Information and Communications Technology, a nationwide cybersecurity survey starting in February will include checking of Internet-facing routers, webcams, and web-connected home appliances. Aside […]
The U.S. Department of Homeland Security (DHS) has today issued an “emergency directive” to all federal agencies ordering IT staff to audit DNS records for their respective website domains, or other agency-managed domains, within next 10 business days. The emergency security alert came in the wake of a series of recent incidents involving DNS hijacking, […]
XSRFProbe is an advanced Cross Site Request Forgery (CSRF/XSRF) Audit and Exploitation Toolkit. Equipped with a Powerful Crawling Engine and Numerous Systematic Checks, it is now able to detect most cases of CSRF vulnerabilities, their related bypasses and futher generate (maliciously) exploitable proof of concepts with each found vulnerability. For more info on how XSRFProbe […]
NoSQLMap is an open source python based tool, designed to audit and automate injection attacks on NoSQL databases, such as Mongo DB and Couch DB. It can find and exploit various different vulnerabilities in order to disclose data from a site. Installing NoSQLMap For installing NoSQLMap, you have to clone the repository from Github. git […]