pysec101 / pysec101 · GitLabGitLab.com
Two malicious Python libraries caught stealing SSH and GPG keys
The Python security team removed two trojanized Python libraries from PyPI (Python Package Index) that were caught stealing SSH and GPG keys from the projects of infected developers. The two libraries were created by the same developer and mimicked other more popular libraries -- using a technique called typosquatting to register similarly-looking names. The first is "python3-dateutil," which imit
GitHub - johnnykv/heralding: Credentials catching honeypot
Sometimes you just want a simple honeypot that collects credentials, nothing more. Heralding is that honeypot! Currently the following protocols are supported: ftp, telnet, ssh, http, https, pop3, pop3s, imap, imaps, smtp, vnc, postgresql and socks5. You need Python 3.7.0 or higher. 2019-04-14 13:10:11,854 (root) Initializing Heralding version 1.0.4 2019-04-14 13:10:11,879 (heralding.reporting.fil
BeautifulSoup+Pythonで、マルウェア動的解析サイトからWebスクレイピング - Qiita
はじめに JoeSandboxというマルウェアを解析してレポートを出力してくれるサイトがあります。 https://www.joesandbox.com JoeSandboxには色々バージョンがありますが、Cloud Basicというバージョンであれば無料でマルウェア解析ができます。 さらにCloud Basicで解析されたレポートは公開されますので、他の人の分析結果レポートを見ることもできます。 今回はマルウェアの分析結果レポートをBeautifulSoup+PythonでWebスクレイピングし、プロセス情報を取得してみたいと思います。 ちなみにCloud Basic以外のバージョンですとWeb APIが利用できますが、Cloud Basicでは利用できないようです。 JoeSandboxについて 分析画面です。この画面でマルウェアを指定し、色々なオプションなどを設定したのちに分析を行い
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
http://www.automatingosint.com/blog/2016/12/vacuuming-image-metadata-from-the-wayback-machine/
Harpoon: an OSINT / Threat Intelligence tool | Etienne's Website
GitHub - Te-k/harpoon: CLI tool for open source and threat intelligence
GitHub - 0xbharath/domains-from-csp: A script to extract domain names from Content Security Policy(CSP) headers
GitHub - fail2ban/fail2ban: Daemon to ban hosts that cause multiple authentication errors
GitHub - Martlark/flask-ipban: Flask module to allow banning of ip addresses that spam a flask python web site
GitHub - cmu-sei/cyobstract: A tool to extract structured cyber information from incident reports.
GitHub - t4d/StalkPhish: StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
GitHub - phishai/phish-ai-api: Official python API for Phish.AI public and private API to detect zero-day phishing websites
GitHub - vulnersCom/api: Vulners Python API wrapper
GitHub - BishopFox/GitGot: Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
GitHub - 0x4D31/salt-scanner: Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
GitHub - szski/shapeshifter: GraphQL security testing tool
GitHub - gcxtx/Zoom: Automatic & lightning fast wordpress vulnerability scanner
GitHub - jakecreps/swamp: An OSINT tool for discovering associated sites through Google Analytics Tracking IDs
GitHub - Te-k/pysecuritytrails: Python3 wrapper for the Security Trails API