Our great sponsors
| Loki | opencve | |
|---|---|---|
| 12 | 21 | |
| 3,219 | 1,618 | |
| - | 3.2% | |
| 5.7 | 4.4 | |
| about 2 months ago | 7 days ago | |
| Python | Python | |
| GNU General Public License v3.0 only | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Loki
-
My Boss Downloaded and Opened a .lnk File and Installed a Malware in His Device
You should run a tool like loki for ioc scanning. This will identify persistence https://github.com/Neo23x0/Loki
-
Deep system malware detection
Link to Loki is here just in case you need it. https://github.com/Neo23x0/Loki
-
What are some of the most frequently used (or favorite) tools in your toolbox?
Loki - YARA/IOC scanner
-
PChunter equivalent on Linux?
loki
- Rage about CVE dataset quality(?)
-
Cybersecurity professionals - what’s your “toolkit”/process to check a desktop PC is clean (or infected), before concluding that a reinstall of the OS is needed?
https://github.com/Neo23x0/Loki is a good tool to check for the presence of anomalies.
-
Which rootkit scanner to use in a could environment ?
Nextron Thor Scanner
-
Proxyshell Vulnerability is Actively used in Exchange servers
Loki - Yara Scanning is recommended for checking the webshell https://github.com/Neo23x0/Loki
-
Question about spyware
I am not an expert, but this is what I would start by doing. Ideally, if you can read javascript, try and understand what the tampermonkey script does. If you still have script, you could try analysing it with tools such as loki. Even if loki doesnt match it you could compute the sha256 signature and look it up on valhalla.
- Is it possible to write an antivirus in python?
opencve
- Auth0 increases price by 300%
- how to stay up to date with new CVEs?
- Where do you get your information regarding new vulnerabilities and security risks?
-
PaperCut MF/NG vulnerability
Don't like someone else running it? No problem, it's open source and you can run it yourself https://github.com/opencve/opencve
-
Tracking vulnerabilities that your company is effected by.
I use https://www.opencve.io you can make a account and then subscribe to different products and/or vendors to get automated updates via mail if there are new vulnerabilities that affect these products
-
Getting informed about exploits / CVEs
www.opencve.io and filter on your vendors and hw models.
- CVE sources
-
CVE Vulnerability Tracking
Check out OpenCVE, I find it as an excellent tool.
-
zero-day exploit notifications
https://www.opencve.io/ - Site that allows you to be emailed of new CVEs by subscribing to different products and vendors.
-
CVE Search
https://www.opencve.io/ is something to use as well.
What are some alternatives?
yara - The pattern matching swiss knife
grype - A vulnerability scanner for container images and filesystems
reversinglabs-yara-rules - ReversingLabs YARA Rules
vulnix - Vulnerability (CVE) scanner for Nix/NixOS.
signature-base - YARA signature and IOC database for my scanners and tools
vulnmine - Vulnmine searches for vulnerable hosts using MS SCCM host / software inventory data with NIST NVD Vulnerability feed data.
hazedumper - up to date csgo offsets and hazedumper config
CVE-2021-37740 - PoC for DoS vulnerability CVE-2021-37740 in firmware v3.0.3 of SCN-IP100.03 and SCN-IP000.03 by MDT. The bug has been fixed in firmware v3.0.4.
Veil-Evasion - Veil Evasion is no longer supported, use Veil 3.0!
openvas-scanner - This repository contains the scanner component for Greenbone Community Edition.
pyHanko - pyHanko: sign and stamp PDF files
DependencyCheck - OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.