Imports vulnerability data from your continual monitoring and scanning infrastructure and does all the legwork of documenting, finding references, mapping to CVEs, and so forth.
Faraday aggregates and normalizes the data you load, allowing exploring it into different visualizations that are useful to managers and analysts alike.
Uses Postgres as its back-end.
A list of public attacks on BitLocker. Any public attack with the potential to attack BitLocker but where the exact method is still not public (like baton drop) is out of scope.
Most of the attacks are for where the VMK is sealed by TPM only, which is the default setting, and is what automatic BitLocker uses alongside recovery key escrow to a Microsoft account.
OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). Has a powerful correlation and analysis engine, integrating log analysis, file integrity monitoring, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.
Has supported package repositories for multiple distros: https://www.ossec.net/download-ossec/
A crowdsourced public database where you can report and look up the abuse histories of IP addresses on the Net. Has a REST API with a 1000 request/day free tier. Can integrate with fail2ban.
Monitored by Glitch.
A guide to endpoint security and device management that doesn't erode your values.
I write about security, privacy, vulnerabilities and exploits, retro computing, music, various programming languages, personal projects and general stuff that crosses my mind. Make sure you use encrypted email when sending me any sensitive info.
Tor mirror: http://sizeofaex6zgovemvemn2g3jfmgujievmxxxbcgnbrnmgcjcjpiiprqd.onion/
cve-search is a tool to import CVE (Common Vulnerabilities and Exposures) and CPE (Common Platform Enumeration) into a MongoDB to facilitate search and processing of CVEs.
The main objective of the software is to avoid doing direct and public lookups into the public CVE databases. Local lookups are usually faster and you can limit your sensitive queries via the Internet.
cve-search includes a back-end to store vulnerabilities and related information, an intuitive web interface for search and managing vulnerabilities, a series of tools to query the system and a web API interface.
IVRE (Instrument de veille sur les réseaux extérieurs) is a network recon framework, including tools for passive and active recon. IVRE can use data from numerous passive sensors and active scanning tools. You can think of it as a self-hosted and fully-controlled alternative to Shodan / ZoomEye / Censys, GreyNoise, and more. In the AUR.
NETINT
An online directory of Flipper Zero applications built from source automatically. Pay attention to which F0 firmware an app's been written for, they're not all the same. A few you might have to compile yourself.
Exploits found on the INTERNET.
REST API: https://www.exploitalert.com/api.html
Add to Searx?
RSS feeds (index): https://www.exploitalert.com/rss-feed.html
A curated list of awesome Threat Intelligence resources
A concise definition of Threat Intelligence: evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject’s response to that menace or hazard.
Feel free to contribute.
A short, sweet, and "just the facts" overview of how to use a Yubikey and what their operational limits are (e.g., a single Yubikey can be used to authenticate against up to 32 services).
Talkback is a smart infosec resource aggregator, designed to help security enthusiasts, practitioners and researchers be more productive. The system works by continuously monitoring several resource mediums for infosec news and publications, parses all content, classifies and hydrates the data-set, then presents this via a simple UI. Fully automated infosec resource aggregation from feeds/mediums that dates back 15+ years. Filtering and keyword searching across all resources. A resource category classifier organises resources into several potential disciplines. A resource ranking formula that factors in several attributes. Highlighting resources that have been featured by reputable infosec curators. Tracking popularity across social media platforms. Cross referencing between resources. Integration with Shodan to show hosting information of resources and NVD to enrich CVE references.
No API yet.
Maybe add to Searx?
An open, precise, and distributed approach to producing and consuming vulnerability information for open source.
All advisories in this database use the OpenSSF OSV format, which was developed in collaboration with open source communities. The OSV schema provides a human and machine readable data format to describe vulnerabilities in a way that precisely maps to open source package versions or commit hashes.
An easy-to-use API is available to query for all known vulnerabilities by either a commit hash, or a package version.
Patch into Searx?
Practice Ops: Virtualization, firewalls, VLAN, WAF, SIEM, IDS/IPS...
Practice Red: Penetration testing of vulnerable machines while seeing what the blue team sees. Can you become stealthier?
Practice Blue: Firewall and IPS rules, SIEM analysis and dashboard development...
Purple teaming: Red and Blue working together to develop the ultimate set of rules
Protect: Deploy Kali-Purple to protect your network
A suite of WiFi/Bluetooth offensive and defensive tools for the ESP32.
OpenEDR is a sophisticated, free, open source endpoint detection and response solution. It provides analytic detection with Mitre ATT&CK visibility for event correlation and root cause analysis of adversarial threat activity and behaviors in real time. This world-class endpoint telemetry platform is available to all cyber-security professionals, and every sized organization, to defend against threat actors and cyber criminals.
The Federal Virtual Training Environment (FedVTE) provides the following courses free of charge and without login requirements. You must use a modern browser (Edge, Chrome, Firefox) and have cookies enabled to track your progress in these courses.
Securely store passwords using industry standard encryption, quickly auto-type them into desktop applications, and use our browser extension to log into websites.
Complete database encryption using industry standard 256-bit AES. Fully compatible with KeePass Password Safe formats. Your password database works offline and requires no internet connection.
Every feature looks, feels, works, and is tested on Windows, macOS, and Linux. You can expect a seamless experience no matter which operating system you are using.