Webfwlog   is a flexible web-based firewall log analyzer and reporting tool. It supports standard system logs for linux, FreeBSD, OpenB...

Webfwlog - Firewall Log Analyzer

Sunday, May 31, 2015 Sensei Fedon 0 Comments


Webfwlog is a flexible web-based firewall log analyzer and reporting tool. It supports standard system logs for linux, FreeBSD, OpenBSD, NetBSD, Solaris, Irix, OS X, etc. as well as Windows XP®. Supported log file formats are netfilter, ipfilter, ipfw, ipchains and Windows XP®. Webfwlog also supports logs saved in a database using the ULOG or NFLOG targets of the linux netfilter project, or any other database logs mapped with a view to the ulogd schema. Versions 1 and 2 of ulogd database schemas are supported. Webfwlog is licensed under the GNU GPL.

0 comments:

Smart Pentester is an SSH based Penetration Testing Framework. It provides a GUI for well known tools like nmap, hping, tcpdump, volatili...

Smart Pentester - An SSH based Penetration Testing Framework

Sunday, May 31, 2015 Sensei Fedon 0 Comments



Smart Pentester is an SSH based Penetration Testing Framework. It provides a GUI for well known tools like nmap, hping, tcpdump, volatility, hydra and etc.

0 comments:

Tribler is a research project of Delft University of Technology. Tribler was created over nine years ago as a new open source Peer-to-Pee...

Tribler - Download Torrents using Tor-inspired onion routing

Sunday, May 31, 2015 Sensei Fedon 0 Comments


Tribler is a research project of Delft University of Technology. Tribler was created over nine years ago as a new open source Peer-to-Peer file sharing program. During this time over one million users have installed it successfully and three generations of Ph.D. students tested their algorithms in the real world.

0 comments:

Exploit Pack, is an open source GPLv3 security tool, this means it is fully free and you can use it without any kind of restriction. Othe...

Exploit Pack - Open Source Security Project for Penetration Testing and Exploit Development

Sunday, May 31, 2015 Sensei Fedon 0 Comments


Exploit Pack, is an open source GPLv3 security tool, this means it is fully free and you can use it without any kind of restriction. Other security tools like Metasploit, Immunity Canvas, or Core Iimpact are ready to use as well but you will require an expensive license to get access to all the features, for example: automatic exploit launching, full report capabilities, reverse shell agent customization, etc. Exploit Pack is fully free, open source and GPLv3. Because this is an open source project you can always modify it, add or replace features and get involved into the next project decisions, everyone is more than welcome to participate. We developed this tool thinking for and as pentesters. As security professionals we use Exploit Pack on a daily basis to deploy real environment attacks into real corporate clients.

0 comments:

SNMP brute force, enumeration, CISCO config downloader and password cracking script. Listens for any responses to the brute force community...

SNMP Brute - Fast SNMP brute force, enumeration, CISCO config downloader and password cracking script

Sunday, May 31, 2015 Sensei Fedon 0 Comments

SNMP brute force, enumeration, CISCO config downloader and password cracking script. Listens for any responses to the brute force community strings, effectively minimising wait time.

Requirements
  • metasploit
  • snmpwalk
  • snmpstat
  • john the ripper

0 comments:

PackETH is GUI and CLI packet generator tool for ethernet. It allows you to create and send any possible packet or sequence of packets on ...

PackETH - Ethernet Packet Generator

Saturday, May 30, 2015 Sensei Fedon 0 Comments


PackETH is GUI and CLI packet generator tool for ethernet. It allows you to create and send any possible packet or sequence of packets on the ethernet link. It is very simple to use, powerful and supports many adjustments of parameters while sending sequence of packets. And lastly, it has the most beautiful web site of all the packet generators.

0 comments:

CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs. The main purpo...

CMSmap - Scanner to detect security flaws of the most popular CMSs (WordPress, Joomla and Drupal)

Saturday, May 30, 2015 Sensei Fedon 0 Comments


CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs. The main purpose of CMSmap is to integrate common vulnerabilities for different types of CMSs in a single tool. 

0 comments:

Continuously jam all wifi clients and access points within range. The effectiveness of this script is constrained by your wireless card. ...

WiFiJammer - Continuously Jam All WiFi Clients/Routers

Saturday, May 30, 2015 Sensei Fedon 0 Comments


Continuously jam all wifi clients and access points within range. The effectiveness of this script is constrained by your wireless card. Alfa cards seem to effectively jam within about a block radius with heavy access point saturation. Granularity is given in the options for more effective targeting.

Requires: python 2.7, python-scapy, a wireless card capable of injection

0 comments:

netool.sh - MitM Pentesting Opensource T00lkit

Saturday, May 30, 2015 Sensei Fedon 0 Comments


0 comments:

MobaXterm - Terminal for Windows with X11 server, tabbed SSH client, network tools and much more...

Saturday, May 30, 2015 Sensei Fedon 0 Comments


0 comments:

Bacula - Network Backup Tool for Linux, Unix, Mac, and Windows

Saturday, May 30, 2015 Sensei Fedon 0 Comments


0 comments:

SmarTTY - Multi-tabbed SSH Client with SCP Support

Saturday, May 30, 2015 Sensei Fedon 0 Comments


0 comments:

There are some simple keyboard shortcuts which one can use while using Internet and it would help the user to avoid typing a lot and also a...

Top Ten Simple and Useful Internet Tricks That You May Not Know

Saturday, May 30, 2015 Sensei Fedon 0 Comments

There are some simple keyboard shortcuts which one can use while using Internet and it would help the user to avoid typing a lot and also at certain places the mouse can be completely avoided by these tricks.

0 comments:

INURLBR - Advanced Search in Multiple Search Engines

Saturday, May 30, 2015 Sensei Fedon 0 Comments



0 comments:

Packet Sender is an  open source    utility to allow sending and receiving TCP and UDP packets. It is available free (no ads / no bundlewar...

Packet Sender The Free Network Test Utility

Saturday, May 30, 2015 Sensei Fedon 0 Comments

Packet Sender is an open source  utility to allow sending and receiving TCP and UDP packets. It is available free (no ads / no bundleware) for Windows, Mac, and Linux. It can be used for both commercial and personal use (license). It's designed to be very easy to use while still providing enough features for power users to do what they need.

Windows Screenshot

Mac Screenshot

Ubuntu Screenshot

Command Line Screenshot

(Comes with all desktop versions)

0 comments:

When scraping the Google search engine, we need to be careful so that Google doesn’t detect our automated tool as a bot, which will redirec...

Google Hacking with GGGoogleScan

Monday, May 25, 2015 Sensei Fedon 0 Comments

When scraping the Google search engine, we need to be careful so that Google doesn’t detect our automated tool as a bot, which will redirect us to a captcha website, where we’ll need to enter the captcha in order to continue. We don’t want that, since then Google will block us and we won’t be able to perform any more searches without entering the captcha. And we certainly won’t take the time to check out if the Google captcha can be broken, so we can automatically send captcha strings to the server to unblock us. We just need to be careful enough not to overdo it.

0 comments:

New Tool: The PenTesters Framework (PTF) Released

Friday, May 15, 2015 Sensei Fedon 0 Comments


0 comments:

The Washington Post site temporarily shut down after being hacked by Syrian Electronic Army (SEA) One of the most successful hacking ...

Syrian Electronic Army Hacks the Washington Post and redirects users to SEA’s website

Friday, May 15, 2015 Sensei Fedon 0 Comments


The Washington Post site temporarily shut down after being hacked by Syrian Electronic Army (SEA)

One of the most successful hacking units and the blatantly pro-Assad regime hacking outfit, Syrian Electronic Army (SEA), today hacked into the Washington Post website and redirected visitors to pages owned by them.

0 comments:

Background The PoC for SockStress, written in C, has NEVER worked for me (that’s not to say it doesn’t work…that’s just to say I suck a...

SOCKSTRESS DENIAL OF SERVICE WITH PYTHON

Wednesday, May 13, 2015 Sensei Fedon 0 Comments

Background

The PoC for SockStress, written in C, has NEVER worked for me (that’s not to say it doesn’t work…that’s just to say I suck at C coding). After researching and understanding how this attack works, I decided to write my own in Python.
Script can be found at:

0 comments:

An Apache HTTP server in production environments can be under attack in various different ways. Attackers may attempt to gain access to una...

How to configure fail2ban to protect Apache HTTP server

Monday, May 11, 2015 Sensei Fedon 0 Comments

An Apache HTTP server in production environments can be under attack in various different ways. Attackers may attempt to gain access to unauthorized or forbidden directories by using brute-force attacks or executing evil scripts. Some malicious bots may scan your websites for any security vulnerability, or collect email addresses or web forms to send spams to.
Apache HTTP server comes with comprehensive logging capabilities capturing various abnormal events indicative of such attacks. However, it is still non-trivial to systematically parse detailed Apache logs and react to potential attacks quickly (e.g., ban/unban offending IP addresses) as they are perpetrated in the wild. That is whenfail2ban comes to the rescue, making a sysadmin's life easier.

0 comments:

Are you tired of getting multi-thousand line emails from the logcheck package that contain multiple reports of denied queries from named? I...

Blocking a DNS DDOS using the fail2ban package

Monday, May 11, 2015 Sensei Fedon 0 Comments

Are you tired of getting multi-thousand line emails from the logcheck package that contain multiple reports of denied queries from named? If so this article will show how you can reject these DDOS attempts via the fail2ban package.

0 comments:

Recently one of our client server was subjected to DDOS attack. We use  Nginx’s Limit Req Module  and  fail2ban  together to thwart this at...

Survive DDOS attack with Nginx's and fail2ban

Monday, May 11, 2015 Sensei Fedon 0 Comments

Recently one of our client server was subjected to DDOS attack. We use Nginx’s Limit Req Module and fail2ban together to thwart this attack.

Installing fail2ban

On Ubuntu/Debian, just run…
apt-get install fail2ban

Configuration

There are 2 parts. First, we need to configure nginx to limit number of requests for IP addresses. Nginx will log info about banned IP into error log. fail2ban will parse nginx error log and ban offending IP addresses.

0 comments:

Basic installation and configuration of fail2ban on CentOS 7 (RHEL7) for ssh access. (Changing some of the default values) Add EPEL repos...

fail2ban on CentOS 7 for ssh access

Monday, May 11, 2015 Sensei Fedon 0 Comments

Basic installation and configuration of fail2ban on CentOS 7 (RHEL7) for ssh access.
(Changing some of the default values)
  • Add EPEL repositories
    wget http://epel.mirror.nucleus.be/7/x86_64/e/epel-release-7-1.noarch.rpm
    rpm -i epel-release-7-1.noarch.rpm
  • Install packages
    yum install fail2ban-firewalld fail2ban-systemd
  • create /etc/fail2ban/jail.local
    [DEFAULT]
    findtime  = 5000
    [sshd]
    enabled = true
  • Create /etc/fail2ban/action.d/firewallcmd-ipset.local
    [Init]
    bantime = 10000
  • Enable and start fail2ban:
    systemctl enable fail2ban
    systemctl start fail2ban
  • Check if selinux isn't blocking fail2ban from accessing the logs
    tail /var/log/audit/audit.log

0 comments:

DARPA’s Memex search engine touted to be a Google-killer When we look at the history of computing, it features a string of organization...

Is DARPA’s new search engine, Memex a Google-killer?

Thursday, May 07, 2015 Sensei Fedon 0 Comments

Is DARPA's new search engine, Memex a Google-killer?

DARPA’s Memex search engine touted to be a Google-killer

When we look at the history of computing, it features a string of organizations that for sometime looked, as if they were so deeply entrenched in our lives and we would never be able to do without them.
For example, IBM and Microsoft looked liked that. In recent times, it has been Google and Facebook.
Sometimes they look indisputable because of the the narrow territory they occupy. When they fall, it is because of the situation that has changed drastically and not because someone has captured their territory.
For several years Linux enthusiasts proclaimed “this will be the year that Linux finally competes with Windows on the desktop!”; however, every year it did not happen.
Eventually Linux, smoked Microsoft under the brand name Android, when ‘Desktop’ gave way to ‘Mobile’.
Google has been the heavyweight and king of web search since the late 1990s. All efforts to throw Google out of the market have failed. Not only does it has a strong hold on the market share but it has also been able to keep off all challengers at bay ranging from awkward tech colossus to smart and disturbing startups.
Google will not surrender its territory to a Google duplicate but may one day find that its territory is not the same and the way it was earlier.
The web is getting broadened and darker and Google, Bing and Yahoo are not able to search most of it.
They don’t search the sites that have been asked to be ignored or that cannot be found by following links from other websites (the vast, virtual wasteland known as the Deep Web). They even don’t search the sites on anonymous, encrypted networks like Tor and I2P (the so-called Dark Web).
The big search engines do not ignore the Deep Web because there is some impassable technical limit that prevents them from indicating it. However, they do it because they are commercial entities and the costs and profits of searching beyond their current boundary don’t pile up.
Most of the time it is fine for us. However, this means that many sites go un-indexed and there are lots of searches that the current batch of engines are very bad at.
That is the reason the US’s Defense Advanced Research Projects Agency (DARPA) has invented a search engine for the deep web called Memex.
Memex is designed in such a way that it is one step further of Google’s one-size-fit all approach and deliver domain-specific searches that are the very best solution for limited importance.
DARPA, which is in its first year, has been handling the problems related to human trafficking and slavery, something that has a significant presence beyond the gaze of commercial search engines.
In February, when the first report on Memex was done, there were signs that showed that it had more potential than expected. However, what was not known that parts of it would become available more widely to the likes of everyone.
A lot of the project is still somewhat fuzzy and most of the 17 technology partners involved are still unnamed; however, the plan seems to have lift the curtains atlases partially though over the next two years, starting this Friday.
That’s when an initial tranche of Memex components, including software from a team called Hyperion Gray, will be filed on DARPA’s Open Catalog.
The Hyperion Gray team described their work to Forbes as:
Advanced web crawling and scraping technologies, with a dose of Artificial Intelligence and machine learning, with the goal of being able to retrieve virtually any content on the internet in an automated way.
Eventually our system will be like an army of robot interns that can find stuff for you on the web, while you do important things like watch cat videos.
More components are expected follow in December. A “general purpose technology” is expected to be available by the time the project ends.
Memex and Google don’t protrude much, as they solve different issues, serve different needs and they are financed in very different ways. But so were Linux and Microsoft.
The tools that DARPA would be releasing after the wrapping of the project probably won’t be a direct challenger to Google but they are expected to be sensible and better suited to certain government and business applications than Google is.
That might not be much of a bother to Google but there could be three reasons why Memex might catch its attention.
The first reason is that he web is changing and so is the use of Internet.
When Google was launched there was no Snapchat, Bitcoin or Facebook. Nobody was bothered about the Dark Web (remember FreeNet?) since nobody knew what it was for. Nobody even bothered about the Deep Web as it difficult to find the things you actually wanted.
The second is this statement made by Christopher White, the man heading the Memex team at DARPA, and who’s clearly thinking big:
The problem we’re trying to address is that currently access to web content is mediated by a few very large commercial search engines – Google, Microsoft Bing, Yahoo – and essentially it’s a one-size fits all interface…
We’ve started with one domain, the human trafficking domain … In the end we want it to be useful for any domain of interest.
That’s our ambitious goal: to enable a new kind of search engine, a new way to access public web content
And the third reason is that Memex is not just for spooks and G-Men, it is for the people like to use and very importantly, to play with.
To use software is one thing and to be able to change it is an another thing. The best thing about open source software is that it gives freedom to people to take it in new directions – the same way like Google did when it turned Linux it into Android.

0 comments:

Automated incident response for the rest of us Netflix has released source code for its automated incident response tool to help organi...

Netflix looses FIDO hack attack dog as open source

Thursday, May 07, 2015 Sensei Fedon 0 Comments

Automated incident response for the rest of us

Netflix FIDO logo
Netflix has released source code for its automated incident response tool to help organisations cut through the noise of security alerts.

0 comments:

(D)DoS Deflate  is a lightweight bash shell script designed to assist in the process of blocking a denial of service attack. It utilizes th...

Installing (D)DoS Deflate To Mitigate DDoS Attack

Wednesday, May 06, 2015 Sensei Fedon 0 Comments

(D)DoS Deflate is a lightweight bash shell script designed to assist in the process of blocking a denial of service attack. It utilizes the command below to create a list of IP addresses connected to the server, along with their total number of connections.
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

0 comments:

Lynis  is a  security auditing tool  for Unix and Linux based systems. It performs in-depth security scans, with almost no configuration, T...

Lynis – Security Auditing Tool for Unix/Linux

Wednesday, May 06, 2015 Sensei Fedon 0 Comments

Lynis is a security auditing tool for Unix and Linux based systems. It performs in-depth security scans, with almost no configuration, This tool commonly used by network administrator/system admin, security professionals and pentester/auditor to evaluate linux/unix system.
Requirements: Shell and basic utilities
Permissions: Root permissions or normal user
Operating System Supported:
  • AIX
  • FreeBSD
  • HP-UX
  • Linux
  • Mac OS
  • NetBSD
  • OpenBSD
  • Solaris

0 comments:

A recent Department of Homeland Inspector General report focused mostly on U.S. Coast Guard insider threats, stating, “Trusted insiders c...

Maritime Cybersecurity Firm: 37% of Microsoft Servers On Ships Vulnerable To Hacking

Wednesday, May 06, 2015 Sensei Fedon 0 Comments



A recent Department of Homeland Inspector General report focused mostly on U.S. Coast Guard insider threats, stating, “Trusted insiders could use their access or insider knowledge to exploit USCG’s physical and technical vulnerabilities with the intent to cause harm.”
The audit also found numerous issues involving thumb drives and removable media that could be connected to Coast Guard IT systems and used to remove sensitive info, as well as issues allowing sensitive info to be sent via email. The IG also found unlocked USCG network equipment and server rooms, unsecured wireless routers and laptops.
But a real current threat, according to CyberKeel, a Copenhagen-based firm which focuses on maritime cybersecurity, is unpatched servers running Microsoft that attackers could exploit to take control of the servers. Although Microsoft released a patch in April, spot checks at 50 different maritime sites reveals that 37% of the servers running Microsoft were still vulnerable because they had not been patched.

0 comments:

We will show you how to program your drone so it takes off, moves around and does a flip. First of you will need to download and install...

How to program your drone

Wednesday, May 06, 2015 Sensei Fedon 0 Comments

We will show you how to program your drone so it takes off, moves around and does a flip. First of you will need to download and install node.js and then download the ar-drone module.
 Then the next step is to execute this code:
 
var arDrone = require('ar-drone');
var client = arDrone.createClient();

client.takeoff();

client
  .after(5000, function() {
    this.clockwise(0.5);
  })
  .after(3000, function() {
    this.animate('flipLeft', 15);
  })
  .after(1000, function() {
    this.stop();
    this.land();
  });

0 comments:

So you are in college or in a firm where you operate behind a proxy server. The company and colleges have placed many restrictions on many ...

How to Download Torrents Online Using IDM? 4 Working Ways for You!

Wednesday, May 06, 2015 Sensei Fedon 0 Comments

So you are in college or in a firm where you operate behind a proxy server. The company and colleges have placed many restrictions on many sites and you can not download torrent files I was going through the same problem when I entered into my college. In my first year, I made use of the following sites. I used to download almost all of my stuff through torrents, simply because they are easy to find and quick to download. Now I use Tor but sometimes I still make use of these sites. So, I would like to  share with you some of the methods to download torrents online.

0 comments: