Active Directory Security Assessment Tool – 10 minute mail

PingCastle is a Active Directory Security Assessment Tool designed to quickly assess the Active Directory security level with a methodology based on a risk assessment and maturity framework. It does not aim at a perfect evaluation but rather as an efficiency compromise.

Pingcastle - Active Directory Security Assessment Tool

The risk level regarding Active Directory security has changed. Several vulnerabilities have been made popular with tools like mimikatz or sites likes adsecurity.org.

CMMI is a well known methodology from the Carnegie Mellon university to evaluate the maturity with a grade from 1 to 5, PingCastle has adapated CMMI to Active Directory security.

The aim of the tool is to get you to 80% AD security in 20% of the time it would traditionally take.

PingCastle Active Directory Security Assessment Tool Features

Health Check

This is the default report produced by PingCastle. It quickly collects the most important information of the Active Directory and establish an overview. Based on a model and rules, it evaluates the score of the sub-processes of the Active Directory. Then it reports the risks.

Active Directory map

This report produce a map of all Active Directory that PingCastle knows about. This map is built based on existing health check reports or when none is available, via a special mode collecting the required information as fast as possible.

Deploy and collect reports

Monitoring domains from a bastion can be easy. But for those without network connection it might be difficult. There are many deployment strategies available with PingCastle.

Consolidation

When multiple reports of PingCastle have been collected, they can be regrouped in a single report. This facilitates the benchmark of all domains.

Scanner

Checking workstations for local admin privileges, open shares, startup time is usually complex and requires an admin. PingCastle’s scanner bypass these classic limits.

Using Pingcastle Active Directory Security Assessment Tool

You can download Pingcastle here:

PingCastle_2.8.1.0.zip

Or read more here.


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

API Automated Security Testing For REST – 10 minute mail

$ python astra.py help

 

                      _

        /       | |

       /     ___| |_ _ __ __ _

      / / / __| __| __/ _` |

     / ____ __ |_| | | (_| |

    /_/    ____/__|_|  __,_|

 

 

 

usage: astra.py [h] [c {Postman,Swagger}] [n COLLECTION_NAME] [u URL]

                [headers HEADERS] [method {GET,POST}] [b BODY]

                [l LOGINURL] [H LOGINHEADERS] [d LOGINDATA]

 

REST API Security testing Framework

 

optional arguments:

  h, help            show this help message and exit

  c {Postman,Swagger}, collection_type {Postman,Swagger}

                        Type of API collection

  n COLLECTION_NAME, collection_name COLLECTION_NAME

                        Type of API collection

  u URL, url URL     URL of target API

  headers HEADERS, headers HEADERS

                        Custom headers.Example: {“token” : “123”}

  method {GET,POST}, method {GET,POST}

                        HTTP request method

  b BODY, body BODY  Request body of API

  l LOGINURL, loginurl LOGINURL

                        URL of login API

  H LOGINHEADERS, loginheaders LOGINHEADERS

                        Headers should be in a dictionary format. Example:

                        {“accesstoken” : “axzvbqdadf”}

  d LOGINDATA, logindata LOGINDATA

                        login data of API


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

HiddenWall – Create Hidden Kernel Modules – 10 minute mail

HiddenWall is a Linux kernel module generator used to create hidden kernel modules to protect your server from attackers. It supports custom rules with netfilter (block ports, hidden mode, rootkit functions etc).

HiddenWall - Create Hidden Kernel Modules

The motivation is basically another layer of protection, much like a hidden firewall – setting securelevel to 2 on BSD would have a similar effect.

In a typical attack, the bad actor can alter your IPTables or UFW rules – with HiddenWall you still have another layer that can block external access because it hooks directly into netfilter from kernel land.

The author created it to protect his own servers but realised it also helps people who can’t write low-level code roll their own customized, hidden kernel modules.

If you can write low-level code, you can always add more module templates to HiddenWall.

Installing HiddenWall to Create Hidden Kernel Modules

Verify if the kernel version is 3.x, 4.x or 5.x:

Clone the repository

Enter the folder

Edit your firewall rules in directory rules/server.yaml, the python scripts use that file to generate a new firewall module.

If you want to study the static code to generate, look the content at directory “templates”.

Then you would want to generate a kernel module following your YAML file of rules:

Then install it with insmod.

You can download HiddenWall here:

HiddenWall03.zip

Or read more here.


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

LambdaGuard – AWS Lambda Serverless Security Scanner – 10 minute mail

LambdaGuard is a tool which allows you to visualise and audit the security of your serverless assets, an open-source AWS Lambda Serverless Security Scanner.

LambdaGuard -  AWS Lambda Serverless Security Scanner

AWS Lambda is an event-driven, serverless computing platform provided by Amazon Web Services. It is a computing service that runs code in response to events and automatically manages the computing resources required by that code.

LambdaGuard is an AWS Lambda auditing tool designed to create asset visibility and provide actionable results. It provides a meaningful overview in terms of statistical analysis, AWS service dependencies and configuration checks from the security perspective.

There are various common pitfalls in a serverless environment which LambdaGuard the lambda serverless security scanner can scan for and find such as:

  • Poorly defined policies (Unrestricted Actions, Unrestricted Principal, Undefined Conditions)
  • Public S3 buckets
  • Public SQS queues
  • Public API Gateway

It can also optionally run static code analysis on function source code (using SonarQube).

It outputs reports in JSON and/or HTML.

How to Install LambdaGuard AWS Lambda Serverless Security Scanner

From PyPI

From Github

You can download LambdaGuard here:

LambdaGuard-master.zip

Or read more here.


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

AI-driven Network Intrusion Detection System – 10 minute mail

luis@luisxps:~/c++/aiengine/src$ ./aiengine h

aiengine 1.9.0

Mandatory arguments:

  I [ input ] arg                Sets the network interface ,pcap file or

                                    directory with pcap files.

 

Link Layer optional arguments:

  q [ tag ] arg      Selects the tag type of the ethernet layer (vlan,mpls).

 

TCP optional arguments:

  t [ tcpflows ] arg (=32768) Sets the number of TCP flows on the pool.

 

UDP optional arguments:

  u [ udpflows ] arg (=16384) Sets the number of UDP flows on the pool.

 

Regex optional arguments:

  R [ enablesignatures ]     Enables the Signature engine.

  r [ regex ] arg (=.*)       Sets the regex for evaluate agains the flows.

  c [ flowclass ] arg (=all) Uses tcp, udp or all for matches the signature

                 on the flows.

  m [ matchedflows ]         Shows the flows that matchs with the regex.

  M [ matchedpacket ]        Shows the packet payload that matchs with

                                 the regex.

  C [ continue ]              Continue evaluating the regex with the

                                 next packets of the Flow.

  j [ rejectflows ]          Rejects the flows that matchs with the

                                     regex.

  w [ evidence ]              Generates a pcap file with the matching

                                     regex for forensic analysis.

 

Frequencies optional arguments:

  F [ enablefrequencies ]       Enables the Frequency engine.

  g [ groupby ] arg (=dstport) Groups frequencies by srcip,dstip,srcpor

                    t and dstport.

  f [ flowtype ] arg (=tcp)     Uses tcp or udp flows.

  L [ enablelearner ]           Enables the Learner engine.

  k [ keylearner ] arg (=80)    Sets the key for the Learner engine.

  b [ buffersize ] arg (=64)    Sets the size of the internal buffer for

                                    generate the regex.

      Q [ bytequality ] arg (=80)   Sets the minimum quality for the bytes of

                                        the generated regex.

  y [ enableyara ]              Generates a yara signature.

 

Optional arguments:

  n [ stack ] arg (=lan)    Sets the network stack (lan,mobile,lan6,virtual,

                   oflow).

  d [ dumpflows ]           Dump the flows to stdout.

  s [ statistics ] arg (=0) Show statistics of the network stack (5 levels).

  T [ timeout ] arg (=180)  Sets the flows timeout.

  P [ protocol ] arg        Show statistics of a specific protocol of the

                                   network stack.

  a [ port ] arg (=0)       Sets the HTTP listenting port.

  e [ release ]             Release the caches.

  l [ releasecache ] arg   Release a specific cache.

  p [ pstatistics ]         Show statistics of the process.

      o [ summary ]             Show protocol summmary statistics

                                   (bytes,packets,% bytes,cache miss,memory).

  h [ help ]                Show help.

  v [ version ]             Show version string.


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.