Mitigating-Web-Shells
Guidance for mitigation web shells. #nsacyber (by nsacyber)
Mitigating-Obsolete-TLS
Guidance for mitigating obsolete Transport Layer Security configurations. #nsacyber (by nsacyber)
Our great sponsors
| Mitigating-Web-Shells | Mitigating-Obsolete-TLS | |
|---|---|---|
| 1 | 3 | |
| 839 | 240 | |
| 0.8% | 3.8% | |
| 0.0 | 0.0 | |
| 11 months ago | over 1 year ago | |
| YARA | PowerShell | |
| GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Mitigating-Web-Shells
Posts with mentions or reviews of Mitigating-Web-Shells.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-03-03.
-
Mass exploitation of on-prem Exchange servers :(
There is likely a Cobalt Strike BEACON acting as C2 now even if you've patched. I recommend full incident response mode, probably want to isolate the server. Run an integrity check against a known good config with WinDiff or NSA's dirChecker to find other anomolies. https://github.com/nsacyber/Mitigating-Web-Shells
Mitigating-Obsolete-TLS
Posts with mentions or reviews of Mitigating-Obsolete-TLS.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-04-26.
-
Looking for a method of blocking TLS 1.0 client traffic at the PFSense firewall.
Snort rules from NSA Cybersecurity Directorate: https://github.com/nsacyber/Mitigating-Obsolete-TLS/tree/master/snort
-
Wednesday Links - Edition 2021-01-13
Mitigating Obsolete TLS (2 min read) 🛡️ https://github.com/nsacyber/Mitigating-Obsolete-TLS
- Guidance for mitigating obsolete Transport Layer Security configurations
What are some alternatives?
When comparing Mitigating-Web-Shells and Mitigating-Obsolete-TLS you can also consider the following projects:
Suricata - Suricata git repository maintained by the OISF
Automate-Powershell