FastNetMon DDoS detection tool | FastNetMon Official site
DDoS DetectionScalable lightning-fast volumetric attacks detection with solid support for all major network vendors. Keep your network and business secure! Don't wait until you are under DDoS attack. FastNetMon DDoS Detection is fast, reliable and automated. Learn MoreGet Free Trial BGP BlackHole AutomationMany flexible options to divert or block attacked host or a network via bundled BGP service
Hardening - Debian Wiki
This page describes methods and techniques relevant to package maintainers. For users and system engineers wishing to improve the security of running Debian systems, start from: SecurityManagement For package maintainers wishing to sandbox services using systemd, see: ServiceSandboxing Using Hardening Options Several compile-time options (detailed below) can be used to help harden a resulting bina
GitHub - future-architect/vuls: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
For a system administrator, having to perform security vulnerability analysis and software update on a daily basis can be a burden. To avoid downtime in a production environment, it is common for a system administrator to choose not to use the automatic update option provided by the package manager and to perform update manually. This leads to the following problems. The system administrator will
GitHub - iSECPartners/sslyze: Current development of SSLyze now takes place on a separate repository
GitHub - rbsec/sslscan: sslscan tests SSL/TLS enabled services to discover supported cipher suites
A potentially breaking change has been made to the XML output in version 2.0.0-beta4. Previously, multiple <certificate> elements could be returned (one by default, and a second one if --show-certificate was used). The key changes are: A new parent <certificates> element that will contain the <certificate> elements. <certificate> elements have a new type attribute, which can either be: short for t
GitHub - google/nsjail: A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security.
Overview What forms of isolation does it provide Which use-cases are supported Isolation of network services (inetd style) Isolation with access to a private, cloned interface (requires root/setuid) Isolation of local processes Isolation of local processes (and re-running them, if necessary) Examples of use Bash in a minimal file-system with uid==0 and access to /dev/urandom only /usr/bin/find in
AIDE - Advanced Intrusion Detection Environment
AIDE (Advanced Intrusion Detection Environment, [eyd]) is a file and directory integrity checker. It creates a database from the regular expression rules that it finds from the config file(s). Once this database is initialized it can be used to verify the integrity of the files. It has several message digest algorithms (see below) that are used to check the integrity of the file. All of the usual
GitHub - netblue30/firejail: Linux namespaces and seccomp-bpf sandbox
Firejail is a lightweight security tool intended to protect a Linux system by setting up a restricted environment for running (potentially untrusted) applications. More specifically, it is an SUID sandbox program that reduces the risk of security breaches by using Linux namespaces, seccomp-bpf and Linux capabilities. It allows a process and all its descendants to have their own private view of the
GitHub - EnableSecurity/wafw00f: WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
$ wafw00f -l ______ / \ ( Woof! ) \ ____/ ) ,, ) (_ .-. - _______ ( |__| ()``; |==|_______) .)|__| / (' /|\ ( |__| ( / ) / | \ . |__| \(_)_)) / | \ |__| ~ WAFW00F : v2.2.0 ~ The Web Application Firewall Fingerprinting Toolkit [+] Can test for these WAFs: WAF Name Manufacturer -------- ------------ ACE XML Gateway Cisco aeSecure aeSecure AireeCDN Airee Airlock Phion/Ergon Alert Logic Alert Logic Al
GitHub - TrustInSoft/tis-interpreter: An interpreter for finding subtle bugs in programs written in standard C
This is tis-interpreter, an interpreter of C for detecting undefined behavior. tis-interpreter detects subtle bugs in C programs that may not have eye-visible effects when executing the same programs compiled in the traditional way. Some of the bugs that are discovered lead to security vulnerabilities. Fortunately, most don’t. tis-interpreter works by interpreting C programs statement by statement
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
GitHub - giuseppe/easyseccomp: DSL language to write seccomp filters
GitHub - rhboot/dbxtool: Tool for UEFI Secure Boot DBX updates
GitHub - square/sudo_pair: Plugin for sudo that requires another human to approve and monitor privileged sudo sessions
GitHub - bettercap/bettercap: The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.
GitHub - ionescu007/SpecuCheck: SpecuCheck is a Windows utility for checking the state of the software mitigations and hardware against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4)
GitHub - david942j/seccomp-tools: Provide powerful tools for seccomp analysis
GitHub - google/kafel: A language and library for specifying syscall filtering policies.
GitHub - orlyjamie/mimikittenz: A post-exploitation powershell tool for extracting juicy info from memory.
GitHub - containers/bubblewrap: Low-level unprivileged sandboxing tool used by Flatpak and similar projects
GitHub - omegaup/minijail: a tiny, custom launcher that handles namespacing, control groups, chroot'ing, and more
