The Top IT and Tech Challenges for Businesses in 2019
Companies, whether small, large, or enterprise-level organizations face their fair share of challenges at any given time. Currently, many of the most pervasive challenges for businesses related to IT and technology. There’s everything from the challenges of harnessing the power of the multitudes of data most organizations are collecting and storing, to security challenges that never seem to wane and instead only grow...
OSIF : Open Source Information Facebook
OSIF is an accurate Facebook account information gathering, all sensitive information can be easily gathered even though the target converts all of its privacy to (only me), Sensitive information about residence, date of birth, occupation, phone number and email address. Installation $ pkg update upgrade $ pkg install git python2 $ git clone https://github.com/ciku370/OSIF $ cd OSIF Setup $ pip2 install -r...
Bandit : Tool Designed To Find Common Security Issues In Python Code
Bandit is a tool designed to find common security issues in Python code. To do this it processes each file, builds an AST from it, and runs appropriate plugins against the AST nodes. Once it has finished scanning all the files it generates a report. It was originally developed within the OpenStack Security Project and later rehomed to PyCQA. Installation It...
Brutemap : Let’s Find Someone’s Account
Brutemap is an open source penetration testing tool that automates testing accounts to the site's login page, based on Dictionary Attack. With this, you no longer need to search for other bruteforce tools and you also no longer need to ask CMS What is this? only to find parameter forms, because it will do it automatically. It is also equipped with an attack method that makes...
Intrigue Core : Discover Your Attack Surface
Intrigue Core is a framework for external attack surface discovery and automated OSINT. There are a number of use cases: Application and Infrastructure (Asset) DiscoverySecurity Research and Vulnerability DiscoveryMalware Campaign Research & Indicator EnrichmentExploratory OSINT Research Developers To get started setting up a development environment, follow the instructions below! Setting up a development environment Follow the appropriate setup guide: Vagrant (preferred) - http://core.intrigue.io/getting-started-with-intrigue-core-on-vagrant-virtualbox/Docker - https://core.intrigue.io/2017/03/07/using-intrigue-core-with-docker/ Now that you...
Spiderfoot : The Most Complete OSINT Collection & Reconnaissance Tool
SpiderFoot is an open source intelligence (OSINT) automation tool. Its goal is to automate the process of gathering intelligence about a given target, which may be an IP address, domain name, hostname, network subnet, ASN, e-mail address or person's name. It can be used offensively, i.e. as part of a black-box penetration test to gather information about the target or...
Miteru : An Experimental Phishing Kit Detection Tool
Miteru is an experimental phishing kit detection tool. Following are the features that can be used for the tool; Phishing kit detection & collection. Slack notification. Threading. How it works? It collects phishy URLs from the following feeds:CertStream-Suspicious feed via urlscan.ioOpenPhish feed via urlscan.ioPhishTank feed via urlscan.ioAyashige feedIt checks each phishy URL whether it enables directory listing and contains a phishing kit (compressed file)...
Security RAT : Tool For Handling Security Requirements In Development
OWASP Security RAT (Requirement Automation Tool) is a tool supposed to assist with the problem of addressing security requirements during application development. The typical use case is: specify parameters of the software artifact you're developingbased on this information, list of common security requirements is generatedgo through the list of the requirements and choose how you want to handle the requirementspersist the...
Rogue : An Extensible Toolkit Providing Penetration Testers An Easy-To-Use Platform
The Rogue Toolkit is an extensible toolkit aimed at providing penetration testers an easy-to-use platform to deploy software-defined Access Points (AP) for the purpose of conducting penetration testing and red team engagements. By using Rogue, penetration testers can easily perform targeted evil twin attacks against a variety of wireless network types. Rogue was originally forked from s0lst1c3's eaphammer project. The fundamental idea...
SecureTea Project : OWASP Application Designed To Help Secure Unauthorised Access
The OWASP SecureTea Project is an application designed to help secure a person's laptop or computer / server with IoT (Internet Of Things) and notify users (via various communication mechanisms), whenever someone accesses their computer / server. This application uses the touchpad/mouse/wireless mouse to determine activity and is developed in Python and tested on various machines (Linux, Mac &...
