Latest

  • 0
  • 0

MonitorDarkly: Monitor OSD Exploitation.  github.com

"The Dell 2410U monitor has a Genesis (now owned by ST) display controller onboard. The exploit sends debug messages to this chip using Genesis's "GProbe" protocol over DDC2bi, which lets it write to RAM, read and write display registers, execute arbitrary code, reflash the device, etc."

  • 0
  • 0

Malspider: web spidering framework that detects characteristics of web compromises.  github.com

Malspider has built-in detection for characteristics of compromise like hidden iframes, reconnaisance frameworks, vbscript injection, email address disclosure, etc. As we find stuff we will continue to add classifications to this tool and we hope you will do the same. Malspider will be a much better tool if CIRT teams and security practioners around the world contribute to the project.

  • 0
  • 0
  • 0

SC4-HSM: Fully-open USB2 HSM (hardware-secure module)  sc4.us

"Generates and stores cryptographic keys using an on-board hardware random number generator, and it uses those keys to perform cryptographic operations, mainly generating secure digital signatures (not to be confused with an electronic signature. These are not the same.) The keys are stored in such a way that they cannot be extracted from the device even by someone who has physical possession of the device. This is the central feature of any HSM."

  • 0

BlindBox: Deep Packet Inspection over Encrypted Traffic  iot.stanford.edu

"Many network middleboxes perform deep packet inspection (DPI), a set of useful tasks which examine packet payloads. These tasks include intrusion detection (IDS), exfiltration detection, and parental filtering. However, a long-standing issue is that once packets are sent over HTTPS, middleboxes can no longer accomplish their tasks because the payloads are encrypted. Hence, one is faced with the choice of only one of two desirable properties: the functionality of middleboxes and the privacy of encryption."

  • 0

WireGuard: modern VPN  wireguard.io

"WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster,simpler, leaner, and more useful than IPSec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. "

  • 0

Dev-Sec: Security + DevOps - Automatic Server Hardening  dev-sec.io

"Hardening adds a layer into your automation framework, that configures your operating systems and services. It takes care of difficult settings, compliance guidelines, cryptography recommendations, and secure defaults."

  • 0

ThreatHunting Project: Hunting for adversaries in your IT environment  threathunting.net

"Here you will find links to a number of different published hunting procedures. It my hope that this will give you some concrete starting points, or if you are an experienced hunter, help you find additional techniques to add to your repertoire."

  • 0

U2f-zero - open source U2F token  github.com

"U2F Zero is an open source U2F token for 2 factor authentication. It is implemented securely. It works with Google accounts, Github, Duo, OpenSSH, and anything else supporting U2F."

  • 0

CrypTech Open Hardware Security Module  cryptech.is

"The open-source hardware cryptographic engine must be of general use to the broad Internet community, covering needs such as securing email, web, DNSsec, PKIs, etc."

  • 0

CIRCLean - USB key sanitizer  circl.lu

"CIRCLean is a independent hardware solution to clean documents from untrusted (obtained) USB keys / USB sticks. The device converts automatically untrusted documents into a readable format and stores these clean files on a trusted (user owned) USB key/stick. - The sanitizing is done by converting and copying the content of the untrusted key to the trusted one. It is based on the mime type of the files"

  • 0

Panopticon - libre, cross platform disassembler - reverse engineering  panopticon.re

"Panopticon is a disassembler that understands the semantics of opcodes. This way it's able to help the user by discovering and displaying invariants that would have to be discovered "by hand" in traditional disassemblers. This allows an interactive search through the space of all possible program executions."

  • 0

SnapchatDB - 4.6 million users leaked  snapchatdb.info

"You are downloading 4.6 million users' phone number information, along with their usernames. -- For now, we have censored the last two digits of the phone numbers in order to minimize spam and abuse."

  • 0
  • 0

A Systematic Analysis of the Juniper Dual EC Incident  eprint.iacr.org

"In December 2015, Juniper Networks announced that unknown attackers had added unauthorized code to ScreenOS, the operating system for their NetScreen VPN routers. This code created two vulnerabilities: an authentication bypass that enabled remote administrative access, and a second vulnerability that allowed passive decryption of VPN traffic"

  • 0

Google: Android Security 2015 Annual Report  security.googleblog.com

"a look at how Google services protect the Android ecosystem, an overview of new security protections introduced in 2015, and our work with Android partners and the security research community at large. The full report is here"

  • 0

ID Ransomware - Identify 55 different ransomware samples  id-ransomware.malwarehunterteam.com

"This service is strictly for identifying what ransomware may have encrypted your files. It will attempt to point you in the right direction, and let you know if there is a known way of decrypting your files."

  • 0

NoviceLive/bintut: Teach you a binary exploitation for great good  github.com

"Dynamic or live demonstration of classical exploitation techniques of typical memory corruption vulnerabilities, from debugging to payload generation and exploitation, for educational purposes."

  • 0

Open Sourced Vulnerability Database (OSVDB): FIN  blog.osvdb.org

"This was not an easy decision, and several of us struggled for well over ten years trying to make it work at great personal expense. The industry simply did not want to contribute and support such an effort. The OSVDB blog will continue to be a place for providing commentary on all things related to the vulnerability world."

  • 0

The linux-stable security tree project  lwn.net

"The purpose is to create a derivative tree from the regular stable tree that would contain only commits that fix security vulnerabilities."

  • 0

NCC Group Bomb.Codes: files for decompression bomb testing  bomb.codes

"A decompression bomb is a file designed to crash or render useless the program or system reading it, i.e. a denial of service. The following files can be used to test whether an application is vulnerable to this type of attack."

  • 0

Blind Return Oriented Programming (BROP)  scs.stanford.edu

"The BROP attack makes it possible to write exploits without possessing the target's binary. It requires a stack overflow and a service that restarts after a crash. Based on whether a service crashes or not (i.e., connection closes or stays open), the BROP attack is able to construct a full remote exploit that leads to a shell. The BROP attack remotely leaks enough gadgets to perform the write system call, after which the binary is transferred from memory to the attacker's socket."

  • 0

DET (extensible) Data Exfiltration Toolkit  github.com

"DET (is provided AS IS), is a proof of concept to perform Data Exfiltration using either single or multiple channel(s) at the same time. The idea was to create a generic toolkit to plug any kind of protocol/service."

  • 0

Mr. Fart’s Favorite Colors or 'Why your phone’s security is unlike any other'  medium.com

"The security we encounter every day — when it works at all — is usually built out of shades of gray: Lock your door. Need more? Arm your alarm. Even more? Don’t feed Fido for a day. Marginal benefits, marginal costs."

  • 0

Blog: Purple Teaming - Lessons Learned & Ruxcon Slides  carnal0wnage.attackresearch.com

"Purple Teaming is “Putting more Offense in your Defense” and “More Defense in your Of-fense”. We do this to iteratively improve the quality of both our Red and Blue Teams by conducting focused Red Teams with clear training objectives for the Blue Team. "

  • 0

USENIX Enigma 2016 Conference videos  youtube.com

USENIX Association is excited to announce the launch of Enigma, a new security conference geared towards those working in both industry and research. https://www.usenix.org/conference/enigma2016

 

  • 0

Blog: OpenSSL Key Recovery Attack on DH small subgroups (CVE-2016-0701)  intothesymmetry.blogspot.com.au

"The actual attack I performed is literally a verbatim application of a classical paper published in 1997: A Key Recovery Attack on Discrete Log-based Schemes Using a Prime Order Subgroup.The attack is as beautiful as simple. Here I will try to sketch it. For details please refer to the original paper."

  • 0

Sunlight: Fine-grained Targeting Detection at Scale with Statistical Confidence  columbia.github.io

"Today’s Web services leverage users’ information – such as emails, search logs, or locations – and use them to target advertisements, prices, or products at users. Presently, users have little insight into how their data is used for such purposes."

  • 0
  • 0

SLOTH: Security Losses from Obsolete and Truncated Transcript Hashes (CVE-2015-7575)

"SLOTH is an acronym for the loss of security due to the use of obsolete and truncated hash constructions in mainstream Internet protocols. SLOTH is also a not-so-subtle reference to laziness in the protocol design community with regard to removing legacy cryptographic constructions."

  • 0

FROST: Forensic Recovery Of Scrambled Telephones  www1.informatik.uni-erlangen.de

"We show that cold boot attacks against Android phones are generally possible for the first time, and we perform our attacks practically against Galaxy Nexus devices from Samsung. To break disk encryption, the bootloader must be unlocked before the attack because scrambled user partitions are wiped during unlocking. However, we show that cold boot attacks are more generic and allow to retrieve sensitive information, such as contact lists, visited web sites, and photos, directly from RAM, even though the bootloader is locked."

  • 0

Ntru-crypto: Open Source NTRU Public Key Cryptography and Reference Code  github.com

"NTRU is a lattice-based public key cryptosystem from Security Innovation and the leading alternative to RSA and Elliptic Curve Cryptography (ECC) due to its higher performance and resistance to attacks from quantum computers."

  • 0

OMEMO: Multi-End Message and Object Encryption  conversations.im

"XMPP Extension Protocol (XEP) for secure multi-client end-to-end encryption. It is an open standard based on Axolotl and PEP which can be freely used and implemented by anyone."

  • 0

Id0-rsa.pub: Crypto Coding Challenges - Similar to Matasano CryptoPals  id0-rsa.pub

"ProjectEuler for Crypto - Some problems related to computer security (specifically poorly implemented security). Do Them. You are free to use any language and environment you like to complete them. The problems require familiarity with programming, but not necessarily with applied cryptography or computer security in general."

  • 0

Directory Services Internals: Open-sourced  github.com

"The DSInternals PowerShell Module exposes several internal and undocumented features of Active Directory."

  • 0

Internet Research Task Force (IRTF)  irtf.org

"The Internet Research Task Force (IRTF) promotes research of importance to the evolution of the Internet by creating focused, long-term Research Groups working on topics related to Internet protocols, applications, architecture and technology."

  • 0
  • 0

Whitepaper: @rootkovska - State considered harmful - A proposal for a stateless laptop  blog.invisiblethings.org

"The main principle introduced below is the requirement for the laptop hardware to be stateless, i.e. lacking any persistent storage. This includes it having no firmware-carrying flash memory chips. All the state is to be kept on an external, trusted device. This trusted device is envisioned to be of a small USB stick or SD card form factor."

  • 0

Whitepaper: The Moral Character of Cryptographic Work  web.cs.ucdavis.edu

"Abstract: Cryptography rearranges power: it configures who can do what, from what. This makes cryptography an inherently political tool, and it confers on the field an intrinsically moral dimension. The Snowden revelations motivate a reassessment of the political and moral positioning of cryptography. They lead one to ask if our inability to effectively address mass surveillance constitutes a failure of our field. I believe that it does. I call for a community-wide effort to develop more effective means to resist mass surveillance. I plead for a reinvention of our disciplinary culture to attend not only to puzzles and math, but, also, to the societal implications of our work."

  • 0
  • 0

Firmware.RE: unpacks, scans & analyzes almost any firmware package and facilitates the quick detection of vulnerabilities, backdoors.  firmware.re

"we present the first fully automated framework that applies dynamic firmware analysis techniques to achieve, in a scalable manner, automated vulnerability discovery within embedded firmware images. "

  • 0

Panopticlick V2 released by @EFF - Designed to preach the gospel of Privacy Badger.  panopticlick.eff.org

"When you visit a website, online trackers and the site itself may be able to identify you – even if you’ve installed software to protect yourself. It’s possible to configure your browser to thwart tracking, but many people don’t know how."

  • 0
  • 0
  • 0

CVE-2015-8370: Grub2 Authentication 0-Day  hmarco.org

"A vulnerability in Grub2 has been found. Versions from 1.98 (December, 2009) to 2.02 (December, 2015) are affected. The vulnerability can be exploited under certain circumstances, allowing local attackers to bypass any kind of authentication (plain or hashed passwords). And so, the attacker may take control of the computer."

  • 0

Oral B Triumph Toothbrush with SmartGuide™ Security Advisory   gse-compliance.blogspot.com.au

"The attacker can determine the users brushing habits. It is possible to report on the location of the mouth that is being brushed and the amount of time spent on each of four defined “quantrants”."

  • 0