Network-Analysis-Tools - Pcap Capture File Analysis Tool

Pcap Capture File Analysis Tool Features 1-Top 10 Visited Sites 2-Emails 3-All Request Urls 4-User-Agents List 5-String Grep Mode 6-Connection details 7-Ports Used 8-ALL Ip List 9-Manuel Packet Filter 10-Smtp Analysis 11-Web Attack Detect Installation Modules $ pip install pyshark $ pip install...

Modular File Scanning Analysis Framework: MultiScanner

MultiScanner is a file analysis framework that allows the user to evaluate a set of files with a set of tools. Tools can be custom built python scripts, web APIs, software running on another machine, etc. Tools are incorporated by creating modules that run in the MultiScanner framework. Modules a...

Malware Analysis System: Cuckoo Sandbox

Cuckoo Sandbox is an advanced, extremely modular, and 100% open source automated malware analysis system with infinite application opportunities. By default it is able to: Analyze many different malicious files executables, office documents, pdf files, emails, etc as well as malicious websites...

ManageEngine EventLog Analyzer < 10.6 build 10060 - SQL Execution

Exploit Title: ManageEngine EventLog Analyzer SQL query execution Product: ManageEngine EventLog Analyzer Vulnerable Versions: v10.6 build 10060 and previous versions Tested Version: v10.6 build 10060 Windows Advisory Publication: 14/09/2015 Vulnerability Type: authenticated SQL query execution...

Incident Response Malware Analysis: IRMA

Incident Response Malware Analysis: IRMA is an asynchronous and customizable analysis platform for suspicious files! IRMA intends to be an open-source platform designed to help identifying and analyzing malicious files. However, today’s defense is not only about learning about a file, but it is...

[Autopsy] Digital Investigation Analysis

Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory...

Windows file Checksums: Violations

List Windows files with checksum violations. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[REMnux] A Linux Distribution for Malware Analysis

REMnux incorporates a number of tools for analyzing malicious executables that run on Microsoft Windows, as well as browser-based malware, such as Flash programs and obfuscated JavaScript. This popular toolkit includes programs for analyzing malicious documents, such PDF files, and utilities for...

Dissecting a mobile malware

The capillary diffusion of mobile devices, the lack of security systems on these platforms and low level of awareness on principal cyber threats made them a privileged target for cybercrime. We have assisted in the recent year to an explosion of malware designed to hit principal mobile OSs, in a...

http-virustotal NSE Script

Checks whether a file has been determined as malware by Virustotal. Virustotal is a service that provides the capability to scan a file or check a checksum against a number of the major antivirus vendors. The script uses the public API which requires a valid API key and has a limit on 4 queries p...

iScanner - Tool to detect and remove malicious codes and web page

iScanner - Tool to detect and remove malicious codes and web page iScanner is a free open source tool lets you detect and remove malicious codes and web page malwares from your website easily and automatically. iScanner will not only show you the infected files in your server but it's also able t...

NetworkMiner 1.1 - Network Forensic Analysis Tool (NFAT) Released

NetworkMiner 1.1 - Network Forensic Analysis Tool NFAT Released NetworkMiner is a Network Forensic Analysis Tool NFAT for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting...

Inside a Malicious PDF Attack

PDFs are widely used business file format, which makes them a common target for malware attacks. On the surface, PDFs are secure, but because they have so many “features,” hackers have learned how to hide attacks deep under the surface. By using a number of utilities, we are able to reverse...

CVE-2009-0887

Integer signedness error in the pamStrTok function in libpam/pammisc.c in Linux-PAM aka pam 1.0.3 and earlier, when a configuration file contains non-ASCII usernames, might allow remote attackers to cause a denial of service, and might allow remote authenticated users to obtain login access with ...

OpenSG OSGHDRImageFileType.cpp Radiance RGBE文件解析栈溢出漏洞

BUGTRAQ ID: 33362 OpenSG是用于创建实时图形程序的可移植场景图系统。 OpenSG的Source/System/Image/OSGHDRImageFileType.cpp文件中的HDRImageFileType::checkHDR函数存在栈溢出漏洞。如果用户受骗打开了特制的Radiance RGBE（.hdr）文件，就可以触发这个溢出，导致执行任意指令。 OpenSG 1.8.0 OpenSG ------ 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://opensg.vrsource.org/trac...

Hacking tricks of how to circumvent security devices-vulnerability warning-the black bar safety net

Hacker's clever is not just that they know how to invade the server, but also that they know how to disguise their attacks. Malicious attackers will use a variety of escape means to allow yourself to not be detected, so as system administrator, should also be aware of these means to cope with the...

Moderate: Red Hat Security Advisory: webalizer security update

Updated Webalizer packages are available for Red Hat Linux Advanced Server 2.1 which fix an obscure buffer overflow bug in the DNS resolver code. Updated 13 Jan 2003 Added fixed packages for the Itanium IA64 architecture. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1...

Buffer overflow in webalizer

Buffer overflow in host name resolution during log analizing...