Post Syndicated from Darknet original https://www.darknet.org.uk/2023/08/agentsmith-hids-host-based-intrusion-detection/
AgentSmith HIDS is a powerful component of a Host-based Intrusion Detection system, it has anti-rootkit functionalities and is a very performant way to collect information about a host.
Post Syndicated from original https://www.darknet.org.uk/2022/01/cfripper-cloudformation-security-scanning-audit-tool/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool, it aims to prevent vulnerabilities from getting to production infrastructure through vulnerable CloudFormation scripts.
You can use CFRipper to prevent deploying insecure AWS resources into your Cloud environment. You can write your own compliance checks by adding new custom plugins.
CFRipper should be part of your CI/CD pipeline. It runs just before a CloudFormation stack is deployed or updated and if the CloudFormation script fails to pass the security check it fails the deployment and notifies the team that owns the stack.
Post Syndicated from original https://www.darknet.org.uk/2021/04/grype-vulnerability-scanner-for-container-images-filesystems/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based operating systems.
Features of Grype Vulnerability Scanner For Container Images & Filesystems
Scan the contents of a container image or filesystem to find known vulnerabilities and find vulnerabilities for major operating system packages in:
Find vulnerabilities for language-specific packages:
Supports Docker and OCI image formats
Using Grype Vulnerability Scanner For Container Images & Filesystems
To scan for vulnerabilities in an image:
grype <image>
Grype can scan a variety of sources beyond those found in Docker.
Post Syndicated from original https://www.darknet.org.uk/2021/03/apt-hunter-threat-hunting-tool-via-windows-event-log/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.
This will help you to decrease the time to uncover suspicious activity and the tool will make good use of the windows event logs collected and make sure to not miss critical events configured to be detected.
The target audience for APT-Hunter is threat hunters, incident response professionals or forensic investigators.
Post Syndicated from original https://www.darknet.org.uk/2020/10/owasp-apicheck-http-api-devsecops-toolset/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed
APICheck is an HTTP API DevSecOps toolset, it integrates existing HTTP APIs tools, creates execution chains easily and is designed for integration with third-party tools in mind.
APICheck is comprised of a set of tools that can be connected to each other to achieve different functionalities, depending on how they are connected. It allows you to create execution chains and it can not only integrate self-developed tools but also can leverage existing tools in order to take advantage of them to provide new functionality.
Read the rest of OWASP APICheck – HTTP API DevSecOps Toolset now! Only available at Darknet.
By continuing to use the site, you agree to the use of cookies. more information
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.