AWS Kill Switch: Enhancing Cloud Security with Rapid Incident Response Tools

0

AWS Kill Switch is a Lambda function (and proof of concept client) that an organization can implement in a dedicated "Security" account to give their security engineers the ability to delete IAM roles or apply a highly restrictive service control policy (SCP) on any account in their organization. Prerequisites Go Tested on go1.21.3 on arm64. Installation Clone the Repository git clone https://github.com/secengjeff/awskillswitch.git Installing ⚠️ Before building the awskillswitch...

eBPF Tools: Revolutionizing System Monitoring with Advanced PTY Sniffing Techniques

0

This piece talks about eBPF tools and shows how they can be used to improve system monitoring by keeping track of PTY sessions and sniffing private data like SSH, sudo, and su passwords. It shows users how to set up bpftrace, which is a necessary tool for using eBPF features, and presents ptysnoop, a more advanced tool for watching...

Dynmx Prototype: An Advanced API Call Trace Analysis Tool for Malware Detection

0

dynmx (spoken dynamics) is a signature-based detection approach for behavioural malware features based on Windows API call sequences. In a simplified way, you can think of dynmx as a sort of YARA for API call traces (so called function logs) originating from malware sandboxes. Hence, the data basis for the detection approach are not the malware samples themselves which are analyzed statically but...

JSON Crack: Transform Your Data into Interactive Visualizations

0

An innovative, open source data visualization app. Brings data to life through captivating graphs. JSON Crack (jsoncrack.com) JSON Crack is a free, open-source data visualization app capable of visualizing data formats such as JSON, YAML, XML, CSV and more, into interactive graphs. With its intuitive and user-friendly interface, JSON Crack makes it easy to explore, analyze, and understand even the most...

Karton-Pcap-Miner: Streamlining Network Indicator Extraction from PCAPs

0

Karton-Pcap-Miner is a strong program that quickly pulls network indicators from analysis PCAP files." It works with MWDB without any problems to add these indicators as attributes, which makes cybersecurity research better. You can use it with complicated network data because it has tools for HTTP, TCP, SNI, and DNS built in. Professionals who want to speed up the...

Crawlector – Empowering Threat-Hunting With Advanced Web Scanning And Detection

0

Crawlector (the name Crawlector is a combination of Crawler & Detector) is a threat-hunting framework designed for scanning websites for malicious objects. Note-1: The framework was first presented at the No Hat conference in Bergamo, Italy on October 22nd, 2022 (Slides, YouTube Recording). Also, it was presented for the second time at the AVAR conference, in Singapore, on December 2nd, 2022. Note-2: The accompanying tool EKFiddle2Yara (is a tool that takes...

31 Tips from Inon Shkedy’s Challenge – Mastering API Security

0

This challenge is Inon Shkedy's 31 days API Security Tips -API TIP: 1/31- Older APIs versions tend to be more vulnerable and they lack security mechanisms. Leverage the predictable nature of REST APIs to find old versions. Saw a call to api/v3/login? Check if api/v1/login exists as well. It might be more vulnerable. -API TIP: 2/31- Never assume there’s only one way to authenticate to an...

InfoSec Black Friday Deals – “Friday Hack Fest” 2023 Edition

0

All the deals for InfoSec related software/tools this Black Friday / Cyber Monday. Just 2023 Things Quality over quantity - this list goes through a level of vetting for dodginess, gated-deals, deals that aren't infosec related and either can't be verified or break promises (e.g. states % off all courses, but has exclusions). There are also some vendors being stood up...

Hades Command And Control – Learning Malware Development and CTFsHades Command & Control

0

Hades is a basic Command & Control server built using Python. It is currently extremely bare bones, but I plan to add more features soon. Features are a work in progress currently. Table Of Contents About the Project Getting Started Prerequisites Installation Roadmap Contributing License Authors Acknowledgements About The Project This is a project made (mostly) for me to learn Malware Development, Sockets, and C2 infrastructure setups. Currently, the server can...

Forbidden Buster: Mastering HTTP 401 and 403 Bypass Techniques

0

Forbidden Buster is a tool designed to automate various techniques in order to bypass HTTP 401 and 403 response codes and gain access to unauthorized areas in the system. This code is made for security enthusiasts and professionals only. Use it at your own risk. Features Probes HTTP 401 and 403 response codes to discover potential bypass techniques. Utilizes various methods and headers...