37 matches found
cyber-operation-lab
Full-Spectrum Cyber Operation Lab: Red Team Execution & Blue T...
SigInt-Hombre 1.0
SigInt-Hombre is a python script that generates derived Suricata detection rules from live URLhaus threat indicators at runtime and deploys them to the Security Onion platform for high-coverage real-time network monitoring...
EUVD-2020-20477
Malware in sbrugna...
EUVD-2018-1805
Malware in sbrugna...
EUVD-2018-1803
Malware in sbrugna...
CVE-2020-27985
Security Onion v2 prior to 2.3.10 has an incorrect sudo configuration, which allows the administrative user to obtain root access without using the sudo password by editing and executing /home//SecurityOnion/setup/so-setup...
CVE-2020-27985
Security Onion v2 prior to 2.3.10 has an incorrect sudo configuration, which allows the administrative user to obtain root access without using the sudo password by editing and executing /home//SecurityOnion/setup/so-setup...
CVE-2020-27985
Security Onion v2 prior to 2.3.10 has an incorrect sudo configuration, which allows the administrative user to obtain root access without using the sudo password by editing and executing /home//SecurityOnion/setup/so-setup...
Design/Logic Flaw
Security Onion v2 prior to 2.3.10 has an incorrect sudo configuration, which allows the administrative user to obtain root access without using the sudo password by editing and executing /home//SecurityOnion/setup/so-setup...
CVE-2020-27985
Security Onion v2 prior to 2.3.10 has an incorrect sudo configuration, which allows the administrative user to obtain root access without using the sudo password by editing and executing /home//SecurityOnion/setup/so-setup...
CVE-2020-27985
Security Onion v2 prior to 2.3.10 contains a misconfigured sudo setup that allows the administrative user to obtain root access without a password by editing and executing /home//SecurityOnion/setup/so-setup. The issue is a local privilege escalation affecting deployments based on the affected 2....
Security Onion Solutions Security Onion Security Breaches
Security Onion Solutions Security Onion is an American Security Onion Solutions software for threat search, enterprise security monitoring and log management. The software supports Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, Wazuh, Sguil, Squit, NetworkMiner and many other security too...
RITA - Real Intelligence Threat Analytics
RITA is an open source framework for network traffic analysis. The framework ingests Bro/Zeek Logs in TSV format, and currently supports the following major features: Beaconing Detection : Search for signs of beaconing behavior in and out of your network DNS Tunneling Detection Search for signs o...
Ntopng on Security Onion
so16@so16:$ mkdir git so16@so16:$ cd git so16@so16:/git$ ls so16@so16:/git$ wget --no-check-certificate https://github.com/branchnetconsulting/so-ntopng-installer/raw/master/installntopngonso16 --2019-02-11 02:48:02--...
Network Security Monitoring: Security Onion
Network Security Monitoring NSM is, put simply, monitoring your network for security related events. It might be proactive, when used to identify vulnerabilities or expiring SSL certificates, or it might be reactive, such as in incident response and network forensics. Whether you’re tracking an...
Importing Pcap into Security Onion
Within the last week, Doug Burks of Security Onion SO added a new script that revolutionizes the use case for his amazing open source network security monitoring platform. I have always used SO in a live production mode, meaning I deploy a SO sensor sniffing a live network interface. As the...
Security Onion Solutions Squert Command Execution Vulnerability
Security Onion Solutions Squert is a web application for querying and viewing event data stored in the Shuil database. A security vulnerability exists in the .inc/callback.php file in Security Onion Solutions Squert versions 1.3.0 through 1.6.7. An attacker can exploit the vulnerability by sendin...
Security Onion Solutions Squert Command Execution Vulnerability (CNVD-2018-05761)
Security Onion Solutions Squert is a web application for querying and viewing event data stored in the Shuil database. A security vulnerability exists in the .inc/callback.php file in Security Onion Solutions Squert versions 1.0.1 through 1.6.7. The vulnerability can be exploited to execute...
CVE-2018-1000044
Security Onion Solutions Squert version 1.1.1 through 1.6.7 contains a SQL Injection vulnerability in .inc/callback.php that can result in execution of SQL commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the sensors parameter, used in ec. Th...
CVE-2018-1000043
Security Onion Solutions Squert version 1.0.1 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command OS Command Injection vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web reques...