Defense

mOSL v3.2.1 releases: audit and fix macOS Mojave (10.14.x) security settings

• Defense

mOSL v3.2.1 releases: audit and fix macOS Mojave (10.14.x) security settings

do son May 8, 2019

macOS Lockdown (mOSL) Bash script to audit and fix macOS Mojave (10.14.x) security settings Warnings Always run the latest...

Read More Read more about mOSL v3.2.1 releases: audit and fix macOS Mojave (10.14.x) security settings

tyton: Kernel-Mode Rootkit Hunter

• Defense
• Malware Analysis

tyton: Kernel-Mode Rootkit Hunter

do son May 6, 2019

Tyton Kernel-Mode Rootkit Hunter Detected Attacks Hidden Modules Syscall Table Hooking Network Protocol Hooking Netfilter Hooking Zeroed...

Read More Read more about tyton: Kernel-Mode Rootkit Hunter

Logging Made Easy v0.3 releases: gain a basic level of centralised security logging for Windows clients

• Defense
• Forensics

Logging Made Easy v0.3 releases: gain a basic level of centralised security logging for Windows clients

do son May 4, 2019

What is Logging Made Easy (LME)? Logging Made Easy is a self-install tutorial for small organizations to...

Read More Read more about Logging Made Easy v0.3 releases: gain a basic level of centralised security logging for Windows clients

cloudtracker v2.1.5 releases: find over-privileged IAM users and roles

• Defense

cloudtracker v2.1.5 releases: find over-privileged IAM users and roles

do son April 29, 2019

cloudtracker CloudTracker reviews CloudTrail logs to identify the API calls made by an actor and compares this with...

Read More Read more about cloudtracker v2.1.5 releases: find over-privileged IAM users and roles

Alerting and Detection Strategies Framework

• Defense

Alerting and Detection Strategies Framework

do son April 28, 2019

Alerting and Detection Strategies Framework This GitHub project provides the necessary building blocks for adopting this framework...

Read More Read more about Alerting and Detection Strategies Framework

hardentools v2.6 beta releases: disables a number of risky Windows features

• Defense

hardentools v2.6 beta releases: disables a number of risky Windows features

do son April 21, 2019

Hardentools is a collection of simple utilities designed to disable a number of “features” exposed by operating...

Read More Read more about hardentools v2.6 beta releases: disables a number of risky Windows features

Real-time detection of high-risk attacks leveraging Kerberos and SMB

• Defense
• Forensics

Real-time detection of high-risk attacks leveraging Kerberos and SMB

do son April 21, 2019

Real-time detection of high-risk attacks leveraging Kerberos and SMB This is a real-time detection tool for detecting...

Read More Read more about Real-time detection of high-risk attacks leveraging Kerberos and SMB

ossec-hids v3.7 releases: Open Source Host-based Intrusion Detection System

• Defense

ossec-hids v3.7 releases: Open Source Host-based Intrusion Detection System

do son April 19, 2019

OSSEC OSSEC is a full platform to monitor and control your systems. It mixes together all the...

Read More Read more about ossec-hids v3.7 releases: Open Source Host-based Intrusion Detection System

winchecksec v3.1 releases: performs static detection of common Windows security features

• Defense

winchecksec v3.1 releases: performs static detection of common Windows security features

do son April 19, 2019

winchecksec performs static detection of common Windows security features. Developed to satisfy our analysis and research needs, it...

Read More Read more about winchecksec v3.1 releases: performs static detection of common Windows security features

streamalert v3.5 releases: Serverless, Realtime Data Analysis Framework

• Defense
• Forensics

streamalert v3.5 releases: Serverless, Realtime Data Analysis Framework

do son April 17, 2019

StreamAlert is a serverless, real-time data analysis framework which empowers you to ingest, analyze, and alert on...

Read More Read more about streamalert v3.5 releases: Serverless, Realtime Data Analysis Framework

NAXSI v1.3 releases: open-source, high performance, low rules maintenance WAF for NGINX

• Defense

NAXSI v1.3 releases: open-source, high performance, low rules maintenance WAF for NGINX

do son April 16, 2019

What is Naxsi? NAXSI means Nginx Anti XSS & SQL Injection. Technically, it is a third party nginx module, available as a...

Read More Read more about NAXSI v1.3 releases: open-source, high performance, low rules maintenance WAF for NGINX

Linux Malware Detect v1.6.5 releases: malware scanner for Linux

• Defense
• Malware Analysis

Linux Malware Detect v1.6.5 releases: malware scanner for Linux

do son April 15, 2019

Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that...

Read More Read more about Linux Malware Detect v1.6.5 releases: malware scanner for Linux

secant v5.4 releases: Security Cloud Assessment Tool

• Defense

secant v5.4 releases: Security Cloud Assessment Tool

do son April 14, 2019

Secant Secant is a security cloud assessment framework that is used to check the security characteristics of...

Read More Read more about secant v5.4 releases: Security Cloud Assessment Tool

chef-os-hardening v4.1.2 releases: provides numerous security-related configurations for Linux

• Defense

chef-os-hardening v4.1.2 releases: provides numerous security-related configurations for Linux

do son April 10, 2019

os-hardening This cookbook provides numerous security-related configurations, providing all-around base protection. It configures: Configures package management e.g....

Read More Read more about chef-os-hardening v4.1.2 releases: provides numerous security-related configurations for Linux

whids v1.8 beta6 releases: Very flexible Host IDS designed for Windows

• Defense

whids v1.8 beta6 releases: Very flexible Host IDS designed for Windows

do son April 9, 2019

WHIDS Very flexible Host IDS designed for Windows. We are making use of a previously developed rule...

Read More Read more about whids v1.8 beta6 releases: Very flexible Host IDS designed for Windows