Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the data loss prevention DLP incident Forensics Preview in Websense Triton 7.8.3 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via a crafted 1 email or 2 HTTP request, which triggers a DLP Policy...

CVE-2015-2747

Multiple cross-site scripting XSS vulnerabilities in the data loss prevention DLP incident Forensics Preview in Websense Triton 7.8.3 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via a crafted 1 email or 2 HTTP request, which triggers a DLP Policy...

Websense Data Security DLP incident Forensics Preview is vulnerable to Cross-Site Scripting

------------------------------------------------------------------------ Websense Data Security DLP incident Forensics Preview is vulnerable to Cross-Site Scripting ------------------------------------------------------------------------ Han Sahin, September 2014...

Mozilla Releases Open Source Masche Forensics Tool

Mozilla has released an open source memory forensics tool that some college students designed and built during the company’s recent Winter of Security event. The new tool, known as Masche, is designed specifically for investigating server memory and has the advantage of being able to scan running...

Kali Linux

Kali Linux Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security Ltd. Mati Aharoni, Devon Kearns and Raphaël Hertzog are the core developers. Kali Linux is preinstalled with over 300...

Collect DNS Records Passively: PassiveDNS

Collect DNS Records Passively A tool to collect DNS records passively to aid Incident handling, Network Security Monitoring NSM and general digital forensics. PassiveDNS sniffs traffic from an interface or reads a pcap-file and outputs the DNS-server answers to a log file. PassiveDNS can...

GRR Rapid Response

GRR Rapid Response is an incident response framework focused on remote live forensics. GRR consists of an agent client that can be deployed to a target system, and server infrastructure that can manage and talk to the agent. Client Features: Cross-platform support for Linux, OS X and Windows...

Army Research Lab Releases Dshell Forensics Framework

The U.S. Army has released to open source an internal forensics analysis framework that the Army Research Lab has been using for some time. The framework, known as Dshell, is a Python tool that runs on Linux and its designed to help analysts investigate compromises within their environments. The...

Ghiro 0.2 - Automated Digital Image Forensics Tool

Sometime forensic investigators need to process digital images as evidence. There are some tools around, otherwise it is difficult to deal with forensic analysis with lot of images involved. Images contain tons of information, Ghiro extracts these information from provided images and display them...

ManageEngine EventLog Analyzer 9.0 - Directory Traversal / XSS Vulnerabilities

Exploit for jsp platform in category web applications ...:::::ManageEngine EventLog Analyzer Directory Traversal/XSS Vulnerabilities::::.... Sobhan System Network & Security Group sobhansys ------------------------------------------------------- Date: 2015-01-24 Exploit Author: AmirHadi Yazdani...

Data Stream Encryption: ciphr

Data Stream Encryption Ciphr is a CLI tool for performing and composing encoding, decoding, encryption, decryption, hashing, and other various operations on streams of data. It takes provided data, file data, or data from stdin, and executes a pipeline of functions on the data stream, writing the...

Law Firm - Forensics Services

As cyber threats and attacks have increased year over year, Coalfire has seen a drastic increased need for support to law firms in cybersecurity cases. Attacks and threats vary so often, many law firms lack the skills required to properly evaluate cyber-attacks involving their clients. As such la...

Next Generation Penetration Testing Distro: Cyborg Hawk

Next Generation Penetration Testing Distro The world’s most advanced, powerful and yet beautiful penetration testing distribution ever created.Lined up with ultimate collection of tools for pro Ethical Hackers and Cyber Security Experts. Simplify security in your IT infrastructure with Cyborg. It...

Detekt Open Source Surveillance Detection Tool

Hours spent on long-distance phone calls to political activists in the Middle East, journalists in Africa or human rights organizations in Asia are stressful for Claudio Guarnieri, an independent security researcher, white-hat hacker and civil rights activist. Often he has to convince that party,...

Open Source OpenSOC Security Analytics Framework Released

Cisco announced today that it has made available through open source a framework that integrates data analytics tools into security operations. “The OpenSOC framework helps organizations make big data part of their technical security strategy by providing a platform for the application of anomaly...

Radare - The Reverse Engineering Framework

r2 is a rewrite from scratch of radare in order to provide a set of libraries and tools to work with binary files This is the rewrite of radare 1.x branch to provide a framework with a set of libraries and programs to work with binary data. Radare project started as a forensics tool, an scriptabl...

Binary File Descriptor Library (libbfd) - Out-of-Bounds Crash

Binary File Descriptor Library libbfd - Out-of-Bounds Crash Many shell users, and certainly a lot of the people working in computer forensics or other fields of information security, have a habit of running /usr/bin/strings on binary files originating from the Internet. Their understanding is tha...

SEANux — Syrian Electronic Army To Release its Own Linux-based Distribution

Lots of Linux distributions are offered free of cost on the Internet by a number of companies, non-commercial organizations and by many individuals as well, and now, the notorious Syrian Electronic Army SEA has announced their own Linux distribution known as SEANux. A Linux distribution is a...

CAINE 6.0 "Dark Matter" - Distribution with a complete forensic environment

CAINE Computer Aided INvestigative Environment is an Italian GNU/Linux live distribution created as a project of Digital Forensics. Currently the project manager is Nanni Bassetti. CAINE offers a complete forensic environment that is organized to integrate existing software tools as software...

CVE-2012-5619

The Sleuth Kit TSK 4.0.1 does not properly handle "." dotfile file system entries in FAT file systems and other file systems for which . is not a reserved name, which allows local users to hide activities it more difficult to conduct forensics activities, as demonstrated by Flame...