Tag Archives: detection

Kubeclarity : Tool For Detection And Management Of Software Bill Of Materials

KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems. It scans both runtime K8s clusters and CI/CD pipelines for enhanced software supply chain security. SBOM & vulnerability detection challenges Effective vulnerability scanning requires an accurate Software Bill Of Materials (SBOM) detection: Various programming …

Continue reading “Kubeclarity : Tool For Detection And Management Of Software Bill Of Materials”

Dorothy : Tool To Test Security Monitoring And Detection For Okta Environments

Dorothy is a tool to help security teams test their monitoring and detection capabilities for their Okta environment. Dorothy has several modules to simulate actions that an attacker might take while operating in an Okta environment and actions that security teams should be able to audit. The modules are mapped to the relevant MITRE ATT&CKĀ® tactics, such …

Continue reading “Dorothy : Tool To Test Security Monitoring And Detection For Okta Environments”

In0ri : Defacement Detection With Deep Learning

In0ri is a defacement detection system utilizing a image-classification convolutional neural network. Introduction When monitoring a website, In0ri will periodically take a screenshot of the website then put it through a preprocessor that will resize the image down to 250x250px and numericalize the image before passing it onto the classifier. The core of the classifier …

Continue reading “In0ri : Defacement Detection With Deep Learning”

DNSObserver : A Handy DNS Service Written In Go To Aid In The Detection

DNSObserver is a handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester’s server for out-of-band DNS interactions and sends notifications with the received request’s details via Slack. DNSObserver can help you find bugs such as blind OS command injection, blind SQLi, blind XXE, …

Continue reading “DNSObserver : A Handy DNS Service Written In Go To Aid In The Detection”

Fragroute – A Network Packet Fragmentation & Firewall Testing Tool

Fragroute intercepts modify and rewrite egress traffic destined for the specified host. Simply frag route fragments packets originating from our(attacker) system to the destination system. Its used by security personnel or hackers for evading firewalls, avoiding IDS/IPS detections & alerts etc. Also, pentesters use it to gather information from a highly secured remote host. Options …

Continue reading “Fragroute – A Network Packet Fragmentation & Firewall Testing Tool”