Information Security (InfoSec)

  • 0

MonitorDarkly: Monitor OSD Exploitation.  github.com

"The Dell 2410U monitor has a Genesis (now owned by ST) display controller onboard. The exploit sends debug messages to this chip using Genesis's "GProbe" protocol over DDC2bi, which lets it write to RAM, read and write display registers, execute arbitrary code, reflash the device, etc."

  • 0

Malspider: web spidering framework that detects characteristics of web compromises.  github.com

Malspider has built-in detection for characteristics of compromise like hidden iframes, reconnaisance frameworks, vbscript injection, email address disclosure, etc. As we find stuff we will continue to add classifications to this tool and we hope you will do the same. Malspider will be a much better tool if CIRT teams and security practioners around the world contribute to the project.

  • 0
  • 0
  • 0

ThreatHunting Project: Hunting for adversaries in your IT environment  threathunting.net

"Here you will find links to a number of different published hunting procedures. It my hope that this will give you some concrete starting points, or if you are an experienced hunter, help you find additional techniques to add to your repertoire."

  • 0

CIRCLean - USB key sanitizer  circl.lu

"CIRCLean is a independent hardware solution to clean documents from untrusted (obtained) USB keys / USB sticks. The device converts automatically untrusted documents into a readable format and stores these clean files on a trusted (user owned) USB key/stick. - The sanitizing is done by converting and copying the content of the untrusted key to the trusted one. It is based on the mime type of the files"

  • 0

Panopticon - libre, cross platform disassembler - reverse engineering  panopticon.re

"Panopticon is a disassembler that understands the semantics of opcodes. This way it's able to help the user by discovering and displaying invariants that would have to be discovered "by hand" in traditional disassemblers. This allows an interactive search through the space of all possible program executions."

  • 0

Google: Android Security 2015 Annual Report  security.googleblog.com

"a look at how Google services protect the Android ecosystem, an overview of new security protections introduced in 2015, and our work with Android partners and the security research community at large. The full report is here"

  • 0

ID Ransomware - Identify 55 different ransomware samples  id-ransomware.malwarehunterteam.com

"This service is strictly for identifying what ransomware may have encrypted your files. It will attempt to point you in the right direction, and let you know if there is a known way of decrypting your files."

  • 0

Open Sourced Vulnerability Database (OSVDB): FIN  blog.osvdb.org

"This was not an easy decision, and several of us struggled for well over ten years trying to make it work at great personal expense. The industry simply did not want to contribute and support such an effort. The OSVDB blog will continue to be a place for providing commentary on all things related to the vulnerability world."

  • 0

The linux-stable security tree project  lwn.net

"The purpose is to create a derivative tree from the regular stable tree that would contain only commits that fix security vulnerabilities."

  • 0

NCC Group Bomb.Codes: files for decompression bomb testing  bomb.codes

"A decompression bomb is a file designed to crash or render useless the program or system reading it, i.e. a denial of service. The following files can be used to test whether an application is vulnerable to this type of attack."

  • 0

DET (extensible) Data Exfiltration Toolkit  github.com

"DET (is provided AS IS), is a proof of concept to perform Data Exfiltration using either single or multiple channel(s) at the same time. The idea was to create a generic toolkit to plug any kind of protocol/service."

  • 0

Blog: Purple Teaming - Lessons Learned & Ruxcon Slides  carnal0wnage.attackresearch.com

"Purple Teaming is “Putting more Offense in your Defense” and “More Defense in your Of-fense”. We do this to iteratively improve the quality of both our Red and Blue Teams by conducting focused Red Teams with clear training objectives for the Blue Team. "

  • 0

Sunlight: Fine-grained Targeting Detection at Scale with Statistical Confidence  columbia.github.io

"Today’s Web services leverage users’ information – such as emails, search logs, or locations – and use them to target advertisements, prices, or products at users. Presently, users have little insight into how their data is used for such purposes."

  • 0

FROST: Forensic Recovery Of Scrambled Telephones  www1.informatik.uni-erlangen.de

"We show that cold boot attacks against Android phones are generally possible for the first time, and we perform our attacks practically against Galaxy Nexus devices from Samsung. To break disk encryption, the bootloader must be unlocked before the attack because scrambled user partitions are wiped during unlocking. However, we show that cold boot attacks are more generic and allow to retrieve sensitive information, such as contact lists, visited web sites, and photos, directly from RAM, even though the bootloader is locked."

  • 0

OMEMO: Multi-End Message and Object Encryption  conversations.im

"XMPP Extension Protocol (XEP) for secure multi-client end-to-end encryption. It is an open standard based on Axolotl and PEP which can be freely used and implemented by anyone."

  • 0

Directory Services Internals: Open-sourced  github.com

"The DSInternals PowerShell Module exposes several internal and undocumented features of Active Directory."

  • 0

Firmware.RE: unpacks, scans & analyzes almost any firmware package and facilitates the quick detection of vulnerabilities, backdoors.  firmware.re

"we present the first fully automated framework that applies dynamic firmware analysis techniques to achieve, in a scalable manner, automated vulnerability discovery within embedded firmware images. "

  • 0

Panopticlick V2 released by @EFF - Designed to preach the gospel of Privacy Badger.  panopticlick.eff.org

"When you visit a website, online trackers and the site itself may be able to identify you – even if you’ve installed software to protect yourself. It’s possible to configure your browser to thwart tracking, but many people don’t know how."

  • 0

CVE-2015-8370: Grub2 Authentication 0-Day  hmarco.org

"A vulnerability in Grub2 has been found. Versions from 1.98 (December, 2009) to 2.02 (December, 2015) are affected. The vulnerability can be exploited under certain circumstances, allowing local attackers to bypass any kind of authentication (plain or hashed passwords). And so, the attacker may take control of the computer."

  • 0

Oral B Triumph Toothbrush with SmartGuide™ Security Advisory   gse-compliance.blogspot.com.au

"The attacker can determine the users brushing habits. It is possible to report on the location of the mouth that is being brushed and the amount of time spent on each of four defined “quantrants”."

  • 0
  • 0
  • 0

@SamyKamkar - Magspoof - credit card/magstripe spoofer  github.com

"MagSpoof is a device that can spoof/emulate any magnetic stripe or credit card. It can work "wirelessly", even on standard magstripe/credit card readers, by generating a strong electromagnetic field that emulates a traditional magnetic stripe card."

  • 0

Blog: Matthew Garrett - Why improving kernel security is important  mjg59.dreamwidth.org

"The Washington Post published an article today which describes the ongoing tension between the security community and Linux kernel developers. This has been roundly denounced as FUD, with Rob Graham going so far as to claim that nobody ever attacks the kernel. Unfortunately he's entirely and demonstrably wrong, it's not FUD and the state of security in the kernel is currently far short of where it should be."

  • 0

Whitepaper: Intel x86 considered harmful  blog.invisiblethings.org

"We will look at security problems arising from the x86’s over-complex firmware design (BIOS, SMM, UEFI, etc.), discuss various Intel security technologies (such as VT-d, TXT, Boot Guard and others), consider how useful they might be in protecting against firmware-related security threats and other attacks -- The 2nd paper, the one about the practical defense, is coming soon."

  • 0

The Web Authentication Arms Race – A Tale of Two Security Experts  blog.slaks.net

"Web authentication systems have evolved over the past ten years to counter a growing variety of threats. This post will present a fictional arms race between a web application developer and an attacker, showing how different threats can be countered with the latest security technologies."

  • 0

Blog: Why I recommend Chrome to family... Thoughts and observations on the ecosystem of security bugs By Matt Jones  elttam.com.au

"The ecosystem of security bugs is very complex - history shows the importance of secure software architectures and mitigation controls. I believe sound architectures also leads to a better understanding and management of security threats."

  • 0

Blog: The Global Village idiot - Geoff Huston  potaroo.net

"Between the various government agencies who pressed for this legislation, the lawyers who drafted the legislation, the politicians who advocated its adoption and the bureaucrats who are overseeing its implementation, then as far as I can tell none of them get it."

  • 0

Drduh/OS-X-Yosemite-Security-and-Privacy-Guide  github.com

"This is a collection of thoughts on securing a modern Mac running OS X Yosemite and some steps on how to improve privacy."

  • 0

Andrew Case: Privacy & Security Conscious Browsing Guide  gist.github.com

"Recommendations on how to browse in a privacy and security conscious manner. This information is compiled from a number of sources, which are referenced throughout the document, as well as my own experiences with the described technologies."

  • 0

Blog: Another Take At Public Key Distribution  andres.systems

"While the main security argument for this system does NOT rely on gossip, everything here is compatible with the gossip systems proposed for Certificate Transparency and CONIKS. In short, gossip is a mechanism for detecting attacks when all verifiers are evil and are presenting two conflicting views of the world."

  • 0

PCG: A Family of Better Random Number Generators  pcg-random.org

"PCG is a family of simple fast space-efficient statistically good algorithms for random number generation. Unlike many general-purpose RNGs, they are also hard to predict."

  • 0

RPISEC Modern Binary Exploitation - CSCI 4968 Course materials  github.com

"This repository contains the materials as developed and used by RPISEC to teach Modern Binary Exploitation at Rensselaer Polytechnic Institute in Spring 2015. This was a university course developed and run solely by students to teach skills in vulnerability research, reverse engineering, and binary exploitation."

  • 0

OpenSSL CVE-2015-1793 (Alternative chains certificate forgery) Exploit Analysis  translate.wooyun.io

"If you are using the affected version(OpenSSL 1.0.2b/1.0.2c and OpenSSL 1.0.1n/1.0.1o), please update your OpenSSL to the latest one."

  • 0

Firefox-debloat: Stop Firefox leaking data about you  github.com

"This list aims to block core Firefox features which actively leak data to third-party services (as opposed to attempts of sites to track you or otherwise passively collect information). As it isn't always easy to draw a strict line, the most critical passive data faucets like WebRTC are also mentioned."

  • 0
  • 0

Cryptologie Blog: Let's Encrypt Overview  cryptologie.net

Let's Encrypt Launch Schedule (Let’s Encrypt has reached a point where we’re ready to announce our launch schedule.)

  • First certificate: Week of July 27, 2015
  • General availability: Week of September 14, 2015

  • 0

Of History & Hashes: A Brief History of Password Storage, Transmission, & Cracking  trustedsec.com

“Software vulnerabilities generally get patched, but bad design decisions and recurring configuration mistakes are forever”. 

  • 0
  • 0

Facebook: Securing Email Communications from Facebook (Using PGP)  facebook.com

"To enhance the privacy of this email content, today we are gradually rolling out an experimental new feature that enables people to add OpenPGP public keys to their profile; these keys can be used to "end-to-end" encrypt notification emails sent from Facebook to your preferred email accounts. People may also choose to share OpenPGP keys from their profile, with or without enabling encrypted notifications."

  • 0

NewsRollup: KCodes NetUSB (Netgear, TP-Link, Trendnet, Zyxel)

"NetUSB suffers from a remotely exploitable kernel stack buffer overflow. Because of insufficient input validation, an overly long computer name can be used to overflow the "computer name" kernel stack buffer. This results in memory corruption which can be turned into arbitrary remote code execution."

  • 0

Google Research: Secrets, Lies, & Account Recovery  research.google.com

"Our analysis confirms that secret questions generally offer a security level that is far lower than user-chosen passwords. It turns out to be even lower than proxies such as the real distribution of surnames in the population would indicate. Surprisingly, we found that a significant cause of this insecurity is that users often don't answer truthfully."

  • 0

OSQuery - Performant Endpoint Visibility  osquery.io

"osquery gives you the ability to query and log things like running processes, logged in users, password changes, usb devices, firewall exceptions, listening ports, and more."

  • osqueryi> SELECT * FROM startup_items;

  • 0

Vault - A tool for managing secrets  vaultproject.io

"Secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Vault handles leasing, key revocation, key rolling, and auditing. Vault presents a unified API to access multiple backends: HSMs, AWS IAM, SQL databases, raw key/value, and more."

  • 0

Opmsg message encryption - gpg alternative with DH perfect-forward-secrecy  github.com

opmsg is a replacement for gpg which can encrypt/sign/verify your mails or create/verify detached signatures of local files. Even though the opmsg output looks similar, the concept is entirely different.

  • 0

CESG.gov.uk: Obsolete platforms security guidance  gov.uk

From the UK government’s National Technical Authority for Information Assurance (CESG)."Short-term mitigation advice for public sector organisations unable to fully migrate away from obsolete software before it is no longer supported" HN.

  • 0

HardenFlash - Patching Flash binary to stop exploits and zero-days  github.com

"In Feb 2013, the author revealed the a.k.a. "Vector Spray" exploitation technique, which was later used again and again in almost every single Flash or IE zero-day attack. Unfortunately, Adobe hasn't took any action yet to harden - a weakness is so obvious and has been abused for more than 2 years."

  • 0

The Tor BSD Diversity Project (TDP)  torbsd.github.io

"the overwhelming GNU/Linux monoculture that is an Achilles’ Heel. Monocultures in nature are dangerous, as vulnerabilities are held in common across a broad spectrum. Diversity means single vulnerabilities are less likely to harm the entire ecosystem."