Linux – Openvas 7 on the raspberry pi

Install OpenVAS 7 on the raspberry pi

You can download a ready to use Rapberryvas image from these mirrors:
mirror1
mirror2
(I used a 16GB sdcard to flash them using Win32DiskImager. )
username: pi password:0penvas
login Openvas https://ip user: openvas password:0penvas

Openvas is a great vulnerability scanner
No packages are available for version 7 so i have installed it from source on my raspberry pi.
http://www.openvas.org/install-source.html

Continue reading Linux – Openvas 7 on the raspberry pi

FacebookTwitterGoogle+Share

windows – jellyfish gpu r.a.t. (rootkit)

download
Developers of team Jellyfish  have posted a PoC of a portable executable gpu remote access tool. They already posted a linux version earlier this week.

Tapping an infected computer’s GPU allows malware to run without the usual software hooks or modifications mallware makes in the operating system kernel. Those modifications can be dead giveaways that a system is infected.

Advantages of gpu stored rootkits:

  • No gpu malware analysis tools available on web
  • Can snoop on cpu host memory via DMA
  • Gpu can be used for fast/swift mathematical calculations like xor’ing or parsing
  • Stubs
  • Malicious memory may be retained across warm reboots. (Did more conductive research on the theory of malicious memory still being in gpu after shutdown)

It is just a mather of time untill a version emerge that runs on graphics processors integrated into CPUs.

FacebookTwitterGoogle+Share

windows – net tools 5.0.70

download

Description

Net Tools is a comprehensive set of host monitoring, network scanning, security, administration tools and much more, a real swiss knife. The tools range from ip port scanners to Google PageRank Calculator’s.

Installation

Extract the zip file and right-click on the setup.exe and go to properties. Change the compatibility mode to Windows XP (Service Pack 3) and enable Run as Administrator:
nettools setup.exe properties

After this just start the setup.exe and click a few times on next.

Continue reading windows – net tools 5.0.70

FacebookTwitterGoogle+Share

windows – urlprotocolview

download

Description

URLProtocolView is a simple utility that displays all URL protocols (for example: ftp:, telnet:, mailto:) that are currently installed on your system. For each URL protocol, the following information is displayed: The protocol name, the protocol description, the command-line that is executed when you type or click the URL, the product name, and the company name.
This utility also allows you to easily enable/disable the URL protocols.

Installation

URLProtocolView doesn’t require any installation process or additional DLLs. Just copy the executable file (URLProtocolView.exe) to any folder you like, and run it.

Usage

The main window of URLProtocolView displays all URL protocols installed on your system. You can easily disable a protocol by selecting it and pressing F8. To enable it back, press F7.

urlprotocolview screenprint
urlprotocolview screenprint
FacebookTwitterGoogle+Share

linux – bro network security monitor

download bro
Before installing Bro, you’ll need to ensure that some dependencies are in place.

Required Dependencies

Bro requires the following libraries and tools to be installed before you begin:

To build Bro from source, the following additional dependencies are required:

Continue reading linux – bro network security monitor

FacebookTwitterGoogle+Share