background preloader

Snort

Talisker's Netcat: the TCP/IP swiss army Features | Suricata Suricata implements a complete signature language to match on known threats, policy violations and malicious behaviour. Suricata will also detect many anomalies in the traffic it inspects. Suricata is capable of using the specialized Emerging Threats Suricata ruleset and the VRT ruleset. High Performance A single Suricata instance is capable of inspecting multi-gigabit traffic. The engine is built around a multi threaded, modern, clean and highly scalable code base. Automatic protocol detection Suricata will automatically detect protocols such as HTTP on any port and apply the proper detection and logging logic. NSM: More than an IDS Suricata can log HTTP requests, log and store TLS certificates, extract files from flows and store them to disk. TLS/SSL Logging and Analysis: Not only can you match against most aspects of an SSL/TLS exchange within the ruleset laguage thanks to Suricata’s TLS Parser, you can also log all key exchanges for analysis. Lua scripting Industry standard outputs

Laboratoire SUPINFO des Technologies Cisco SIEM Software & Log Management Single-purpose SIEM software and log management tools provide valuable security information, but often require expensive and time-consuming integration efforts to bring in log files from disparate sources such as asset inventory, vulnerability assessment, endpoint agents, and IDS products. Once you have the data, you then must research and write correlation rules to identify threats in your environment. These challenges multiply as you migrate workloads and services from on-premises infrastructure to public cloud environments. For today’s resource-strapped IT teams, the time and expense required to deploy a SIEM seriously delays their time to threat detection, and thus, return on investment. With AlienVault USM, you can start detecting threats in your environment from Day One. That’s because the USM platform includes an extensive and continuously evolving library of correlation rules researched and written by the AlienVault Labs Security Research Team.

Security Toolbox These tools are not open source, only freeware, so please don't ask for the source code. All tools here are coded by me (Arne) with the exception of Snitch which is coded by me and Roger Lindgren together. These tools are intented for white hat use only. Unfortunately some antivirus vendors are not exactly scrupulous when it comes to including detection signatures in their software. I have removed some old tools from this page, but they can be found on the archived tools page. On my other site (vidstrom.net) you can find other tools coded by me. BrowseList BrowseList retrieves the browse list on a Windows network. CECrypt CECrypt is a file encryption tool for Windows CE that can encrypt with either 3-DES or IDEA. ClearLogs ClearLogs clears the event log (Security, System or Application) that you specify. CryptF A file encryption tool that can encrypt with either 3-DES or IDEA. DBProbe DBProbe checks the directed broadcast ping amplification factor for a network. DumpUsers EFSView EtherChange IPEye

PuTTY Download Page Home | FAQ | Feedback | Licence | Updates | Mirrors | Keys | Links | Team Download: Stable · Snapshot | Docs | Changes | Wishlist PuTTY is a free implementation of SSH and Telnet for Windows and Unix platforms, along with an xterm terminal emulator. It is written and maintained primarily by Simon Tatham. The latest version is 0.70. Download it here. LEGAL WARNING: Use of PuTTY, PSCP, PSFTP and Plink is illegal in countries where encryption is outlawed. Use of the Telnet-only binary (PuTTYtel) is unrestricted by any cryptography laws. Latest news 2017-07-08 PuTTY 0.70 released, containing security and bug fixes PuTTY 0.70, released today, fixes further problems with Windows DLL hijacking, and also fixes a small number of bugs in 0.69, including broken printing support and Unicode keyboard input on Windows. 2017-04-29 PuTTY 0.69 released, containing security and bug fixes 2017-02-21 PuTTY 0.68 released, containing ECC, a 64-bit build, and security fixes We've also redesigned our website. Site map

DNS LOOKUP NAXSI, un WAF open source pour Nginx / GLMF-152 / GNU/Linux Magazine La sécurité web, on peut en rire, ou en pleurer, mais il semble difficile de ne pas s'en soucier au risque de s'en mordre les doigts. La réalité du niveau de sécurité des applicatifs web étant ce qu'elle est, les pare-feu applicatifs deviennent des palliatifs indispensables. 1. Un WAF, Web Application Firewall (pare-feu applicatif web), est une brique logicielle, généralement placée en amont d'un applicatif web, et qui a pour but d'analyser les requêtes HTTP arrivant à ce dernier. Ce logiciel peut prendre de multiples formes, comme : - placé en amont de l'applicatif, sous forme d'un reverse proxy (par exemple dans le cas d'appliances) ; - sous forme d'un composant du serveur HTTP lui-même (par exemple mod_security pour Apache) ; - intégré directement au code de l'applicatif (OWASP ESAPI, PHP IDS). La très grande majorité des WAF fonctionnent à la manière des antivirus, en s'appuyant sur une base de signatures, censés représenter les différents motifs d'attaques possibles. 2. 2.1. 2.2. 2.3.

wilders.org Tera Term Open Source Project Speedzilla - Test de Performance Internet - Le test de bande passante No 1 en thin client ! checkrules bnf · nbs-system/naxsi Wiki Checkrules CheckRules instruct naxsi to take an action (LOG, BLOCK, DROP, ALLOW) based on a specific score associated to the request. This score has usually been set by one or several rule(s). CheckRule must be present at location level. Basic Usage A typical CheckRule is : CheckRule "$SQL >= 8" BLOCK; If the $SQL is equal or superior to '8', apply BLOCK flag to the request. Other Usages CheckRule(s) can as well be used to mix white and black-lists. CheckRule "$UWA >= 4" DROP; CheckRule "$XSS >= 8" BLOCK; Thus - even in learning mode - any request with $UWA score equal to 4 will block the requests, while requests with $XSS score (even superior to 8) will only be blocked on location(s) not in learning.

WinLock WinLock WinLock is a comprehensive security software for personal or publicly accessible computers running all versions of Windows from 2000 to Windows 8. It is a program that ensures that only authorized people can access sensitive information on your computer. This security tool allows you to restrict your users from accessing important system resources like Control Panel, desktop, and system registry, disable Windows hotkeys (such as Alt-Ctrl-Del, Alt-Tab, Ctrl-Esc, etc.), hide the Start button and taskbar. With WinLock you can control how long others can use your computer. It loads automatically with Windows and allows you to add an optional startup message, provide audio notification, and set the time limit. Parental control system lets you activate filters that allow access to websites that are useful for learning and reference only. Use WinLock Remote Administrator to control, configure, and monitor each remote WinLock client. Purchase Lock desktop. Download

Related:  juanpedroasir2