Suggestions for a web interface for OSSEC?
Hey folks, I have an older version of OSSEC and I'm working on upgrading it. I see that in the newer versions they no longer offer their WUI... Does anyone know of some other interface for OSSEC that's available? I've found one by atomicorp and inquired with them, but I just want to see if there's anything else available... Free is great as I work for a small non-profit... I've searched around but haven't found anything as of yet...
Submitted April 15, 2018 at 06:24AM by Mystery_Hat
via reddit https://ift.tt/2qx4pi5
Hey folks, I have an older version of OSSEC and I'm working on upgrading it. I see that in the newer versions they no longer offer their WUI... Does anyone know of some other interface for OSSEC that's available? I've found one by atomicorp and inquired with them, but I just want to see if there's anything else available... Free is great as I work for a small non-profit... I've searched around but haven't found anything as of yet...
Submitted April 15, 2018 at 06:24AM by Mystery_Hat
via reddit https://ift.tt/2qx4pi5
reddit
Suggestions for a web interface for OSSEC? • r/security
Hey folks, I have an older version of OSSEC and I'm working on upgrading it. I see that in the newer versions they no longer offer their WUI......
Static Analysis Tool to Detect Security Vulnerabilities in Python Web Applications (Updated - See Comment)
https://ift.tt/2pY9mhi
Submitted April 15, 2018 at 05:34AM by TechLord2
via reddit https://ift.tt/2HmSHjQ
https://ift.tt/2pY9mhi
Submitted April 15, 2018 at 05:34AM by TechLord2
via reddit https://ift.tt/2HmSHjQ
GitHub
python-security/pyt
pyt - A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
LevelUp 0x02 CFP is open - a free virtual conference for bug bounty hunters
https://ift.tt/2vklO2u
Submitted April 15, 2018 at 05:28AM by QforQ
via reddit https://ift.tt/2Hr7QAv
https://ift.tt/2vklO2u
Submitted April 15, 2018 at 05:28AM by QforQ
via reddit https://ift.tt/2Hr7QAv
Bugcrowd
Bugcrowd announces LevelUp 0x02, the virtual hacking conference
Bugcrowd announces LevelUp 0x02, the free, online bug bounty hunter conference! CFP is open.
[TOOL] Password Spraying GSuite using AWS Lambdas
https://ift.tt/2qx8JOl
Submitted April 15, 2018 at 07:33AM by ustayready
via reddit https://ift.tt/2ELHq7j
https://ift.tt/2qx8JOl
Submitted April 15, 2018 at 07:33AM by ustayready
via reddit https://ift.tt/2ELHq7j
GitHub
ustayready/CredKing
CredKing - Password spraying using AWS Lambda for IP rotation
Disk Encryption - Full Disk and File Encryption, Offline Security Bitloc...
https://www.youtube.com/attribution_link?a=JIa-eZbUq5o&u=%2Fwatch%3Fv%3DXfUEmD9jxL8%26feature%3Dshare
Submitted April 15, 2018 at 10:45AM by marblehandicrafts
via reddit https://ift.tt/2qxQGGV
https://www.youtube.com/attribution_link?a=JIa-eZbUq5o&u=%2Fwatch%3Fv%3DXfUEmD9jxL8%26feature%3Dshare
Submitted April 15, 2018 at 10:45AM by marblehandicrafts
via reddit https://ift.tt/2qxQGGV
YouTube
Disk Encryption - Full Disk and File Encryption, Offline Security Bitlocker Amazing Techno Tutorials
Disk Encryption - Full Disk and File Encryption - Offline Security By Amazing Techno Tutorials Please Subscribe : https://www.youtube.com/amazingtechnotutori...
SirenJack: Emergency alert sirens can be hacked using a radio, laptop
https://ift.tt/2JFcol6
Submitted April 15, 2018 at 02:55PM by Iot_Security
via reddit https://ift.tt/2viLRH8
https://ift.tt/2JFcol6
Submitted April 15, 2018 at 02:55PM by Iot_Security
via reddit https://ift.tt/2viLRH8
CSO Online
SirenJack: Emergency alert sirens can be hacked using a radio, laptop
Emergency alert systems manufactured by Acoustic Technology Inc. can be hijacked and made to play any audio thanks to a vulnerability dubbed SirenJack.
Anyone want noscripts that extract data from chrome and Firefox?
Or should I post this somewhere else? If so please tell me
Submitted April 15, 2018 at 12:47PM by ClassicToxin
via reddit https://ift.tt/2HlBF5z
Or should I post this somewhere else? If so please tell me
Submitted April 15, 2018 at 12:47PM by ClassicToxin
via reddit https://ift.tt/2HlBF5z
reddit
Anyone want noscripts that extract data from chrome and... • r/security
Or should I post this somewhere else? If so please tell me
Trigger: Using Netfliter hooks and BPF to conceal TCP ports
https://ift.tt/2HB91Lp
Submitted April 15, 2018 at 04:26PM by The_Lost_Vagabond
via reddit https://ift.tt/2qwWnVC
https://ift.tt/2HB91Lp
Submitted April 15, 2018 at 04:26PM by The_Lost_Vagabond
via reddit https://ift.tt/2qwWnVC
GitHub
landhb/Trigger
Trigger - Layer 4 Single Packet Authentication Linux kernel module utilizing Netfilter hooks and kernel supported Berkeley Packet Filters (BPF)
A road from a weak ----> medium---> strong password...
https://ift.tt/2JOrCo4
Submitted April 15, 2018 at 05:34PM by Majortom80
via reddit https://ift.tt/2vhIjor
https://ift.tt/2JOrCo4
Submitted April 15, 2018 at 05:34PM by Majortom80
via reddit https://ift.tt/2vhIjor
Interduce Inf-Sec to people
I'm require to show our security department in intersting/funny way, in 30 second thing, maybe video clip or something. We're responsibile for anything that related to security in the company, starting from design, implement and even Incident Response. Any cool idea how to do that ?
Submitted April 15, 2018 at 06:15PM by Churator
via reddit https://ift.tt/2EOd83x
I'm require to show our security department in intersting/funny way, in 30 second thing, maybe video clip or something. We're responsibile for anything that related to security in the company, starting from design, implement and even Incident Response. Any cool idea how to do that ?
Submitted April 15, 2018 at 06:15PM by Churator
via reddit https://ift.tt/2EOd83x
reddit
Interduce Inf-Sec to people • r/security
I'm require to show our security department in intersting/funny way, in 30 second thing, maybe video clip or something. We're responsibile for...
Python API for Zero Day Phishing Detection Based on Computer Vision
https://ift.tt/2JN7kLB
Submitted April 15, 2018 at 06:09PM by jekapats
via reddit https://ift.tt/2Hp8azz
https://ift.tt/2JN7kLB
Submitted April 15, 2018 at 06:09PM by jekapats
via reddit https://ift.tt/2Hp8azz
GitHub
phishai/phish-ai-api
phish-ai-api - Official python API for Phish.AI public and private API to detect zero-day phishing websites
Hackers stole a casino's high-roller database through a thermometer in the lobby fish tank
https://ift.tt/2qAE7KO
Submitted April 15, 2018 at 09:18PM by Ironican14
via reddit https://ift.tt/2HtSxa6
https://ift.tt/2qAE7KO
Submitted April 15, 2018 at 09:18PM by Ironican14
via reddit https://ift.tt/2HtSxa6
Business Insider Deutschland
Hackers stole a casino's high-roller database through a thermometer in the lobby fish tank
Hacking internet of things devices is a growing problem for companies, the CEO of Darktrace told a conference this week.
PowerHammer: Exfiltrating Data from Air-Gapped Computers through Power Lines
https://ift.tt/2HfAtAy
Submitted April 15, 2018 at 09:46PM by tiger6700
via reddit https://ift.tt/2JOhX0G
https://ift.tt/2HfAtAy
Submitted April 15, 2018 at 09:46PM by tiger6700
via reddit https://ift.tt/2JOhX0G
Python API for Zero Day Phishing Detection Based on Computer Vision
https://ift.tt/2JN7kLB
Submitted April 15, 2018 at 10:32PM by jekapats
via reddit https://ift.tt/2qzzfpt
https://ift.tt/2JN7kLB
Submitted April 15, 2018 at 10:32PM by jekapats
via reddit https://ift.tt/2qzzfpt
GitHub
phishai/phish-ai-api
phish-ai-api - Official python API for Phish.AI public and private API to detect zero-day phishing websites
Google Authenticator as a service. A bad idea?
Yesterday my tablet went into bootloop and took my Google Authenticator secrets with it. It turned out, it was not really possible to extract any data from it, as it was not rooted. Fortunately I had most of my recovery codes safe, but now I have to go over all the services and reset the access, some of them (Tumblr) does not provide backup codes. So I went online to see if there's any google-authenticator-like online services, but I couldn't find any. Why is that? Nobody wants to take responsibility for those codes? Or I was looking in the wrong places?
Submitted April 15, 2018 at 10:28PM by MammothMKIV
via reddit https://ift.tt/2GZAmtv
Yesterday my tablet went into bootloop and took my Google Authenticator secrets with it. It turned out, it was not really possible to extract any data from it, as it was not rooted. Fortunately I had most of my recovery codes safe, but now I have to go over all the services and reset the access, some of them (Tumblr) does not provide backup codes. So I went online to see if there's any google-authenticator-like online services, but I couldn't find any. Why is that? Nobody wants to take responsibility for those codes? Or I was looking in the wrong places?
Submitted April 15, 2018 at 10:28PM by MammothMKIV
via reddit https://ift.tt/2GZAmtv
reddit
Google Authenticator as a service. A bad idea? • r/security
Yesterday my tablet went into bootloop and took my Google Authenticator secrets with it. It turned out, it was not really possible to extract any...
List of Open Source & Commercial Adversary Emulation Tools
https://ift.tt/2GYv2Ti
Submitted April 16, 2018 at 12:40AM by songya
via reddit https://ift.tt/2qyod3K
https://ift.tt/2GYv2Ti
Submitted April 16, 2018 at 12:40AM by songya
via reddit https://ift.tt/2qyod3K
PenTestIT
List of Adversary Emulation Tools - PenTestIT
This post is the most comprehensive attempt at listing open source and commercial adversary emulation tools such as CALDERA, APT Simulator, Invoke-Adversary, Metta, Red Team Automation, Infection Monkey, Cobalt Strike, Immunity Adversary Simulation, etc.
Hide message inside a string, using non printable charaters. Useful for fingerprinting texts.
https://ift.tt/2H4j7Dv
Submitted April 16, 2018 at 01:32AM by Deadlybeef
via reddit https://ift.tt/2HBD3OV
https://ift.tt/2H4j7Dv
Submitted April 16, 2018 at 01:32AM by Deadlybeef
via reddit https://ift.tt/2HBD3OV
GitHub
offdev/zwsp-steg-js
zwsp-steg-js - Zero-Width Space Steganography, encodes/decodes hidden messages as non printable/readable characters.
Five Pentesting Tools and Techniques (That Every Sysadmin Should Know)
https://ift.tt/2ELmeyd
Submitted April 16, 2018 at 01:29AM by regul8_
via reddit https://ift.tt/2EO8jHu
https://ift.tt/2ELmeyd
Submitted April 16, 2018 at 01:29AM by regul8_
via reddit https://ift.tt/2EO8jHu
Medium
Five Pentesting Tools and Techniques (That Every Sysadmin Should Know)
Step into the mind of a pentester.
BSidesSF 2018 - Rise of CoinMiners presentation slides.
https://ift.tt/2qyGrmB
Submitted April 16, 2018 at 01:10AM by GelosSnake
via reddit https://ift.tt/2EO4P86
https://ift.tt/2qyGrmB
Submitted April 16, 2018 at 01:10AM by GelosSnake
via reddit https://ift.tt/2EO4P86
Early Bird Code Injection Technique - Injected Code Runs before the EP of main thread - avoids detection by anti-malware hooks [Video and Article]
https://ift.tt/2vd4eNL
Submitted April 16, 2018 at 06:40AM by TechLord2
via reddit https://ift.tt/2EOAGFz
https://ift.tt/2vd4eNL
Submitted April 16, 2018 at 06:40AM by TechLord2
via reddit https://ift.tt/2EOAGFz
Cyberbit
New 'Early Bird' Code Injection Technique Discovered - Cyberbit
Cyberbit malware researchers discovered a new code injection technique that allows execution of malicious code before the entry point of the main thread of a process, hence – it can bypass security product hooks if they are not placed before the main thread…
Steganography with EDM
https://ift.tt/2EFTczR
Submitted April 16, 2018 at 07:53AM by mekura3ohfizzle
via reddit https://ift.tt/2EOl9FY
https://ift.tt/2EFTczR
Submitted April 16, 2018 at 07:53AM by mekura3ohfizzle
via reddit https://ift.tt/2EOl9FY