bwiese + tools   220

Duplicati works with standard protocols like FTP, SSH, WebDAV as well as popular services like Microsoft OneDrive, Amazon Cloud Drive & S3, Google Drive,, Mega, hubiC and many others.
backup  software  windows  tools  linux  crypto  encryption 
2 days ago by bwiese
The Rise of Adversary Emulation – NVISO Labs
Bloodhound + GoFetch
Empire + DeathStar
Red Team Automation (RTA)
Atomic Red Team (ART)
pentest  threathunting  cybersecurity  tools  attack  apt  training 
7 weeks ago by bwiese
Best pCap Tools
monitoring: nload, lftop, jnettop, iptraf, nethogs, bmon, slurm, tcptrack, vnstat, bwm-ng, speedometer, pkstat, netwatch, trafshow, lfstat, dstat, collectl
capture: libpcap/tcpdump, ngrep, ttt, n2disk, pf_ring, jnetpcap,
analysis: tcpsplit, tcpflow, tcpreplay, tcpstat, tcpslice, tcpdpriv, pcap2har (to HTTP archive files), ntop, coralreef, xplot, multitail, netsniff-ng, ntopng
file extract: xplico, justniffer, networkminer, tcpxtract, foremost, dsniff, chaosreader, tcpick
pcap  networking  cybersecurity  monitoring  dfir  tools  software 
august 2018 by bwiese
GitHub - austin-taylor/VulnWhisperer: Create actionable data from your Vulnerability Scans
VulnWhisperer is a vulnerability data and report aggregator. VulnWhisperer will pull all the reports and create a file with a unique filename which is then fed into logstash. Logstash extracts data from the filename and tags all of the information inside the report (see logstash_vulnwhisp.conf file). Data is then shipped to elasticsearch to be indexed.
vulnwhisperer  cybersecurity  tools  vulnerability  pentest 
may 2018 by bwiese
Remediant - Remediant
SecureONE approaches the privileged access problem in a completely new way. First, SecureONE allows administrators to use their own account for activities that require privileged access — never a shared account. Coupled with two-factor authentication, SecureONE ensures that administrators gain on-demand access only to the systems they need and only for the time they need it. This approach shrinks the privileged access attack surface by more than 99%, while also significantly reducing compliance gaps.
privilegeaccess  tools  cybersecurity  password  admin 
april 2018 by bwiese
Finding Vulnerabilities with DISA STIG Viewer - ITGoodToKnow
The Cyber Security Evaluation Tool (CSET®) is a Department of Homeland Security (DHS) product that assists organizations in protecting their key national cyber assets. It was developed under the direction of the DHS Industrial Control System Cyber Emergency Response Team (ICS-CERT) by cybersecurity experts and with assistance from the National Institute of Standards and Technology (NIST). This tool provides users with a systematic and repeatable approach for assessing the security posture of their cyber systems and networks. It includes both high-level and detailed questions related to all industrial control and IT systems.​
pentest  tools  stig 
april 2018 by bwiese
Passwords Part 2 - Passwords off the Wire using LLMNR - SANS Internet Storm Center
LLMNR – Link Layer Multicast Name Resolution. What’s that you say? - Name resolution tended to use WINS as much or more than DNS.  If you didn’t happen to have WINS or DNS set up, clients would send a local multicast request out on port UDP/5355 for name resolution.  And yes, that is still with us today.

While LLNMR is easily fixed with GPO, NetBIOS over tcp/ip is not and you either need individual touches to systems, script something up, or some other management tool like SCCM to change that setting. so you have to disable LLNMR and NetBIOS over tcp/ip to fully solve this problem.
llmnr  cybersecurity  passwords  sans  tools 
april 2018 by bwiese
Automatic Hunting for Malicious Files Crossing your Network - SANS Internet Storm Center
MISP[1] - the Malware Information Sharing Platform. I’m running a MISP instance to receive useful IOC’s (Indicator of Compromise) from multiple peers. Common IOCs are IP addresses, domain names, filenames and hashes.
Bro[2] is an NSM (Network Security Monitoring) tool that acts like a swiss-army knife on your network. The core feature that will be used here is the extraction of files from network flows. Bro is fully integrated to the SecurityOnion[3] distribution.
Splunk - as the orchestrator of the solution.
TheHive[4] - A scalable, open source and free Security Incident Response Platform
threathunting  cybersecurity  tools  bro  splunk  misp  cyberthreatintel 
april 2018 by bwiese
GitHub InfoSec Threepeat: HELK, ptf, and VulnWhisperer - SANS Internet Storm Center
HELK is a Hunting ELK (Elasticsearch, Logstash, Kibana) stack with advanced analytic capabilities, currently in beta. From @Cyb3rWard0g,

PenTesters Framework (PTF) is a Python script designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing

VulnWhisperer is a vulnerability data and report aggregator. Austin Taylor's VulnWhisperer will pull all the reports and create a file with a unique filename which is then fed into logstash. Logstash extracts data from the filename and tags all of the information inside the report (see logstash_vulnwhisp.conf file). Data is then shipped to elasticsearch to be indexed. VulnWhisperer includes support for:

 Nessus (v6 & v7)
 Qualys Web Applications
 Qualys Vulnerability Management (in progress)
 Insight VM
 More to come
github  cybersecurity  tools  pentest  threathunting  helk  vulnwhisper  sans 
april 2018 by bwiese
Hacking a Corporation From the Inside: Internal Penetration Tests — GracefulSecurity
What are LLMNR and NetBIOS-NS? They’re both methods of resolving hostnames to IP addresses. On your network if you try to contact a system by name first of all DNS will be used, but if that fails LLMNR will be attempted followed by NetBIOS. An attacker can respond to LLMNR/NetBIOS-NS requests and cause the victim to connect to the attacker’s machine instead and allow them to capture credentials in hashed form.
pentest  cybersecurity  howto  network  dns  recon  tools 
april 2018 by bwiese
How to find Subdomains of a Domain in Minutes?
DNS Dumpster
DNSRecon on Kali Linux
pentest  recon  domain  dns  tools 
april 2018 by bwiese
GitHub - redcanaryco/atomic-red-team: Small and highly portable detection tests based on MITRE's ATT&CK.
Small and highly portable detection tests mapped to the Mitre ATT&CK Framework.
Our Atomic Red Team tests are small, highly portable detection tests mapped to the MITRE ATT&CK Framework. Each test is designed to map back to a particular tactic. We hope that this gives defenders a highly actionable way to immediately start testing their defenses against a broad spectrum of attacks.
cybersecurity  mitre  pentest  attack  tools  software  threathunting 
march 2018 by bwiese
The ATT&CK™ Navigator: A New Open Source Project | The MITRE Corporation
The source code for the ATT&CK™ Navigator can be found here. Use the GitHub issue tracker to let us know of any bugs or other issues you encounter. And we encourage pull requests if you've extended the Navigator in some cool way and want to share it back to the larger community. We've released the Navigator under a commercial-friendly license—Apache2—and we hope that you'll find the tool useful.
mitre  cybersecurity  attack  cyberthreatintel  reference  tools 
march 2018 by bwiese
The Risks of SSL Inspection - CERT (2015)
Some 55 "SSL inspection" products circa 2015:

A10 vThunder
Arbor Networks Pravail
Baracuda Web Filter
BASCOM School Web Filter
Bloxx Web Filter
Blue Coat SSL Visibility Appliance
Check Point Data Loss Prevention (DLP), Anti Virus, Anti-Bot, Application Control, URL Filtering, Threat Emulation and IPS.
Cisco ScanCenter
Citrix NetScaler AppFirewall
Clearswift SECURE Web Gateway
Cymphonix Internet Management Suite
Dell SonicWALL
EdgeWave iPrism Web Security
ESET Smart Security
Fortinet FortiGate
Fidelis Security XPS
Finjan Vital Security (pdf)
GFI WebMonitor
GigaMon GigaSmart
IBM Security Network Protection
iboss Web Security
Imperva Incapsula
iSHERIFF Cloud Security
Juniper IDP devices
Kaspersky Anti-Virus
Komodia SSL Decoder
M86 Secure Web Gateway (pdf)
McAfee Web Gateway and Firewall Enterprise (pdf)
Microsoft Forefront TMG
NextGig Netronome
Optenet WebFilter (pdf)
Palo Alto PAN-OS
Panda Cloud Internet Protection
Radware AppXcel
SafeNet eSafe Web Security Gateway
Sangfor IAM (pdf)
Smoothwall Secure Web Gateway
Sophos Cyberoam
Sourcefire SSL Appliance
Symantec Web Gateway
Thomason Technologies Next Gen IPS
Trend Micro Deep Security (pdf)
Trustwave WebMarshal, Secure Web Gateway
Untangle NG Firewall
Venafi TrustAuthority
VSS Monitoring vInspector (pdf)
WatchGuard HTTPS Proxy
Wavecrest CyBlock
WebSense Content Gateway
Qbik WinGate
WolfSSL SSL Inspection
ZyXel Firewall
ssl  tls  mitm  breakandinspect  tools 
february 2018 by bwiese
WEBCAST: Tales from the Network Threat Hunting Trenches - Black Hills Information Security
John Strand shares some of our techniques and tools (like RITA) that we use all the time to work through massive amounts of data
AI Hunter - new tool looking for Beta testers who have span ports ready to fire and possibly are already using Bro.
threathunting  tools  cybersecurity  bro 
february 2018 by bwiese
Recurity Labs CIR
CIR allows network engineers and digital forensics experts to analyse memory dumps (so-called core dumps) from Cisco® IOS® devices in great detail, simply by providing the core dump file(s). CIR identifies compromised routers, exploitation attempts and backdoors as well as process and memory anomalies.
cisco  cybersecurity  tools 
february 2018 by bwiese
The Tools Hackers Use to Steal Your Office's Secrets
Netragard, who busted out their hacker toolbox
RFID card data scanner/copier
NFC card emulator
fiber optic clip-on coupler
cybersecurity  tools  nfc  rfid  fiberoptics 
february 2018 by bwiese
InfoSec Handlers Diary Blog - Analyzing MSI files
MSI files are Composite Document Files, or as I like to call them, ole files. MSI files can be inspected with tools that handle OLE files, like 7-Zip, oletools, oledump

developed a new oledump plugin, plugin_msi, to decode MSI stream names, and also provide info like the header (ASCII) and MD5 hash of the of stream 5 ( is a good indicator that the embedded PE file is a DLL. This can be confirmed by inspecting the embedded PE file, with a tool like pecheck
msi  cybersecurity  malware  tools  signature  sans 
february 2018 by bwiese
Top 10 Endpoint Detection and Response (EDR) Solutions
DR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints.

EDR revenues more than doubled in 2016, reaching $500 million, according to Gartner. Four vendors account for more than half of that total – Tanium, FireEye, CrowdStrike and Carbon Black

FireEye Endpoint Security
Carbon Black Cb Response
Guidance Software EnCase Endpoint Security
Cybereason Total Enterprise Protection
Symantec Endpoint Protection
RSA NetWitness Endpoint
Cisco Advanced Malware Protection for Endpoints
CrowdStrike Falcon Insight
CounterTack Endpoint Threat

The features that most EDR solutions have include:

The ability to detect and prevent hidden exploit processes that are more complex than a simple signature or pattern and evade traditional AV
Threat intelligence
Visibility throughout endpoints, including applications, processes and communications, to detect malicious activities and simplify security incident response
Automation of alerts, as well as defensive responses such as turning off specific processes when an attack is detected
Forensic capabilities, because once an attacker is inside, you need the ability to take a deep dive into their activities so you can understand their movements and minimize the impact of the breach
Data collection to build a repository used for analytics
edr  cybersecurity  software  review  tools  cyberthreatintel  threathunting 
february 2018 by bwiese
10Gbps+ stream to disk capture appliance - Wireshark Q&A
Use either dumpcap or tcpdump (or any other high speed capture tool like gulp, netsniff-ng or ringmap) to do the raw capture job and then you 'might' be able to use wireshark to analyze that huge pile of data.
pcap  network  cybersecurity  tools 
february 2018 by bwiese
TheHive Project
Incident Response Platform - ticket racking
misp  cybersecurity  platform  tools  soc  dfir  threathunting 
january 2018 by bwiese
Ganglia Monitoring System
Ganglia is a scalable distributed monitoring system for high-performance computing systems such as clusters and Grids. It is based on a hierarchical design targeted at federations of clusters. It leverages widely used technologies such as XML for data representation, XDR for compact, portable data transport, and RRDtool for data storage and visualization
cluster  linux  monitoring  sysadmin  software  tools 
january 2018 by bwiese
NIST - Federated (Tool) Testing Home
The Federated Testing project is an expansion of the Computer Forensics Tool Testing (CFTT) Program to provide digital forensics investigators and labs with test materials for tool testing and to support shared test reports. The goal of Federated Testing is to help digital forensics investigators to test the tools that they use in their labs and to enable sharing of tool test results within the digital forensics community.

A primary goal of the Federated Testing project is to produce tool test results that can be shared throughout the digital forensics community. Our Federated Testing materials (packaged on our live Linux CD .iso file) allow any lab, agency or individual to test their tools using the same test methodology CFTT uses. The final step of this process is to generate a test report for the tool. Our materials generate that test report for you in a common format that makes it easy for you and others to understand how the tool was tested and what the test results are. If someone has already tested a tool for the features you use in your lab, you can take advantage of their results in your evaluation of the tool. Click on the links below for test reports including Federated Testing reports.
forensics  nist  tools 
january 2018 by bwiese
GitHub - toolswatch/vFeed: The Correlated CVE Vulnerability And Threat Intelligence Database API
vFeed Python Wrapper / Database is a CVE, CWE, and OVAL Compatible naming scheme concept that provides extra structured detailed third-party references and technical characteristics for a CVE entry through an extensible XML/JSON schema. It also improves the reliability of CVEs by providing a flexible and comprehensive vocabulary for describing the relationship with other standards and security references.
cve  cybersecurity  vulnerability  tools  database 
january 2018 by bwiese
104 Photo Editing Tools You Should Know About
Photo enhancers

1. Photolemur – The world’s first fully automated photo enhancement solution. It is powered by a special AI algorithm that fixes imperfections on images without human involvement (beta).

2. Softcolorsoftware – Automatic photo editor for batch photo enhancing, editing and color management.

3. Perfectly Clear – Photo editor with a set of automatic correction presets for Windows&Mac ($149)
photography  software  tools  apps 
september 2016 by bwiese
GitHub - Security showcase
facebook / osquery
rapid7 / metasploit-framework
radare / radare2
cuckoosandbox / cuckoo
Netflix / Scumblr
aol / moloch
bro / bro
google / grr
ossec / ossec-hids
sleuthkit / sleuthkit
github  security  tools 
august 2016 by bwiese
ClickBank - find your customers
Internet marketing, find the customers for your products/services
internet  internetmarketing  tools  adsense  money  advertising  business  ecommerce  affiliate  marketing 
october 2013 by bwiese
Extracting Known Bad Hash Set From NSRL
extracting known "good" and "bad" from NSRL list (out of date?)
script  tools  security  hash  hashing  perl  nsrl 
august 2013 by bwiese
ABR (Activation Backup and Restore) |
How to use it:

Download and unzip
Run "activation_backup.exe"
Save the backup files somewhere safe
Reinstall Vista
Restore activation by running "activation_restore.exe"
download  oem  tools  microsoft  software  techsupport  backup  activation  windows 
april 2013 by bwiese
When Everyone Has Access to the Same Cameras... (it's personality/attitude/skill not tools for success)
Bestselling author and marketing guru Seth Godin published an interesting thought to his blog yesterday that is very relevant to aspiring photographers. He writes,

When everyone has access to the same tools then having a tool isn’t much of an advantage. The industrial age, the age of scarcity, depended in part on the advantages that came with owning tools others didn’t own.

Time for a new advantage. It might be your network, the connections that trust you. And it might be your expertise. But most of all, I’m betting it’s your attitude.

attitude  success  business  personality  advice  petapixel  sethgodin  tools  gear  psychology  photography 
december 2012 by bwiese
« earlier      
per page:    204080120160

related tags

activation  admin  administration  adsense  advertising  advice  affiliate  ajax  analysis  analytics  apache  api  apps  apt  aptsimulator  attack  attitude  audio  avatar  awesome  backtrack  backup  base64  batch  bibliography  bicycle  binary  blog  bookmarklet  bookmarks  boot  breakandinspect  bro  burner  burning  business  businesscard  calculator  calendar  camera  canon  cd  cert  cf  chrome  cisco  citation  cite  clients  cluster  code  codec  collab  collaboration  color  con  configuration  conversion  converter  cookies  copyright  cracking  crypto  css  cve  cybersecurity  cyberthreatintel  cycling  database  datarecovery  date  defcon  delicious  dell  design  desktop  destop  developer  development  devtools  dfir  diagram  distro  diy  dns  dod  domain  download  dropbox  dtmf  dvd  ecommerce  editing  editor  edr  edu  education  effects  elasticsearch  elk  email  encryption  english  epoch  equipment  events  exif  exploit  facebook  fan  fiberoptics  file  files  filesharing  firefox  flash  flickr  flv  forensics  formmail  forms  foss  free  freeware  french  gallery  garmin  gas  gear  generator  geo  german  gimp  gis  github  google  googlemaps  googlevoice  gps  graphics  greasemonkey  groups  grub  gtd  gvmax  hack  hacking  hacks  harddrive  hardware  hash  hashing  helk  hex  history  home  house  howto  html  humor  image  images  integration  international  internet  internetmarketing  ipaddress  iphone  ipod  iso  italian  java  javascript  joomla  jpeg  kali  keyfinder  language  laptop  latin  library  lifehacker  lifehacks  lighting  lightroom  linkedin  linux  livecd  llmnr  m$  mail  maintenance  malware  management  maps  marketing  mashup  math  md5  mecard  megapixel  message  microsoft  misp  mitm  mitre  mobile  money  monitor  monitoring  mount  mp3  msi  music  network  networking  news  nfc  nikon  nist  notes  nsrl  numbers  oem  ogg  online  opensource  organization  osquery  paint  partition  parts  password  passwords  pcap  pda  pdf  pentest  performance  perl  personality  petapixel  phone  phonenumber  photo  photoediting  photography  photos  photoshop  php  picasa  platform  player  playlist  plugin  plugins  portable  postprocessing  printer  printing  privacy  privilegeaccess  productivity  productkey  profile  programming  project  proxy  psychology  puppet  python  qrcode  raid  random  raw  recon  recovery  redteam  reference  rename  repair  research  resize  resolution  restore  review  rfid  rss  rsync  ruby  running  sans  screencapture  screencast  screencasting  screenshare  script  scripting  scripts  sd  search  security  send  serial  server  service  sethgodin  sha1  sha256  shell  short  shortener  shutter  signature  slideshow  sms  smugmug  soc  socialmedia  socialnetworking  software  softwareupdate  sound  spanish  speech  speed  splunk  ssl  standards  statistics  stig  stolen  streaming  strobist  success  support  sync  sysadmin  sysinternals  system  techsuport  techsupport  text  text-to-speech  threathunting  threatintel  time  timestamp  tips  tls  todo  tool  tools  traffic  training  transcoding  transfer  translation  travel  tumblr  tutorial  ubuntu  unix  unlock  unlocker  upload  url  usb  utilites  utilities  utility  video  viewer  vista  visualization  vm  vnc  voicemail  vpn  vulnerability  vulnwhisper  vulnwhisperer  watermark  web  web2.0  webdesign  website  webtools  wifi  wikipedia  windows  windoze  wireless  wordpress  work  workflow  writing  youtube 

Copy this bookmark: