Skip to content

Latest commit

 

History

History
executable file
·
538 lines (472 loc) · 78.2 KB

Interesting_Things.md

File metadata and controls

executable file
·
538 lines (472 loc) · 78.2 KB
Raw

Interesting Things & Useful Stuff

Table of Contents

Sort

https://www.recordedfuture.com/disinformation-service-campaigns/ https://getindico.io/

https://www.niceideas.ch/roller2/badtrash/entry/deciphering-the-bengladesh-bank-heist https://citizenlab.ca/2018/10/the-kingdom-came-to-canada-how-saudi-linked-digital-espionage-reached-canadian-soil/

  • Cambridge Analytica explains how the Trump campaign worked
    • Molly Schweickert, Vice President Global Media from Cambridge Analytica on "How digital advertising worked for the US 2016 presidential campaign". How they used Facebook user data and other sources to target specific users with individual messages for the 2016 Trump election campaign. She is Alexander Nix' digital marketing expert.

http://www.tidepools.co/history.html https://www.iafrikan.com/2019/09/02/south-africa-mass-surveillance-spying-undersea-fiber-cables/ http://habitatchronicles.com/2007/03/the-untold-history-of-toontowns-speedchat-or-blockchattm-from-disney-finally-arrives/ https://v1.escapistmagazine.com/articles/view/video-games/issues/issue_101/559-Will-Bobba-for-Furni.3

https://pagedout.institute/?page=issues.php https://www.cnet.com/forums/discussions/beyond-the-grave-virus-infecting-hedge-funds/

https://elpais.com/elpais/2019/03/13/inenglish/1552464196_279320.html http://www.catb.org/~esr/jargon/html/koans.html

https://cepr.shorthandstories.com/haiti-contractors/index.html https://www.brennancenter.org/analysis/just-what-fbi-investigation-fact-sheet https://vault.fbi.gov/FBI%20Domestic%20Investigations%20and%20Operations%20Guide%20%28DIOG%29/FBI%20Domestic%20Investigations%20and%20Operations%20Guide%20%28DIOG%29%202016%20Version/FBI%20Domestic%20Investigations%20and%20Operations%20Guide%20%28DIOG%29%202016%20Version%20Part%2001%20of%2002/view

https://cosmism.blogspot.com/2010/05/existentialism-today-terror-management.html

https://www.mail-archive.com/lt@lists.liberationtech.org/msg00104.html

  • A Verified Information-Flow Architecture
    • SAFE is a clean-slate design for a highly secure computer system, with pervasive mechanisms for tracking and limiting information flows. At the lowest level, the SAFE hardware supports fine-grained programmable tags, with efficient and flexible propagation and combination of tags as instructions are executed. The operating system virtualizes these generic facilities to present an information-flow abstract machine that allows user programs to label sensitive data with rich confidentiality policies. We present a formal, machine-checked model of the key hardware and software mechanisms used to control information flow in SAFE and an end- to-end proof of noninterference for this model.
  • SimpleVisor
    • SimpleVisor is a simple, portable, Intel VT-x hypervisor with two specific goals: using the least amount of assembly code (10 lines), and having the smallest amount of VMX-related code to support dynamic hyperjacking and unhyperjacking (that is, virtualizing the host state from within the host). It works on Windows and UEFI.
  • Adapting Software Fault Isolation to Contemporary CPU Architectures
    • Software Fault Isolation (SFI) is an effective approach to sandboxing binary code of questionable provenance, an interesting use case for native plugins in a Web browser. We present software fault isolation schemes for ARM and x86-64 that provide control-flow and memory integrity with average performance overhead of under 5% on ARM and 7% on x86-64. We believe these are the best known SFI implementations for these architectures, with significantly lower overhead than previous systems for similar architectures. Our experience suggests that these SFI implementations benefit from instruction-level parallelism, and have particularly small impact for work- loads that are data memory-bound, both properties that tend to reduce the impact of our SFI systems for future CPU implementations.

http://spth.virii.lu/articles.htm https://bugs.php.net/bug.php?id=50696 https://dynamicland.org/

End Sort

General Articles

Regex for credit cards
 ^(?:4[0-9]{12}(?:[0-9]{3})?          # Visa
 |  5[1-5][0-9]{14}                  # MasterCard
 |  3[47][0-9]{13}                   # American Express
 |  3(?:0[0-5]|[68][0-9])[0-9]{11}   # Diners Club
 |  6(?:011|5[0-9]{2})[0-9]{12}      # Discover
 |  (?:2131|1800|35\d{3})\d{11}      # JCB
)$

Interesting Talks/Videos

  • Interesting Talks

    • You and Your Research - Haroon Meer
      • What does it take to do quality research? What stops you from being a one-hit wonder? Is there an age limit to productive hackery? What are the key ingredients needed and how can you up your chances of doing great work? In a talk unabashedly stolen from far greater minds we hope to answer these questions and discuss their repercussions.
    • Bootstrapping A Security Research Project Andrew Hay
      • It has become increasingly common to see a headline in the mainstream media talking about the latest car, television, or other IoT device being hacked (hopefully by a researcher). In each report, blog, or presentation, we learn about the alarming lack of security and privacy associated with the device's hardware, communications mechanisms, software/app, and hosting infrastructure in addition to how easy it might be for an attacker to take advantage of one, or multiple, threat vectors. The truth is, anyone can perform this kind of research if given the right guidance. To many security professionals, however, the act of researching something isn,t the problem...it's what to research, how to start, and when to stop. Academics think nothing of researching something until they feel it's "done" (or their funding/tenure runs out). Security professionals, however, often do not have that luxury. This session will discuss how to research, well, ANYTHING. Proven methods for starting, continuing, ending, leading, and collaborating on reproducible research will be discussed - taking into account real-world constraints such as time, money, and a personal life. We will also discuss how to generate data, design your experiments, analyze your results, and present (and in some cases defend) your research to the public.
    • A talk about (info-sec) talks - Haroon Meer
      • Last year there was an Information Security conference taking place for almost every day of the year. This translates to about 15 information security talks per day, every day. The question is, is this a bad thing? Even niche areas of the info-sec landscape have their own dedicated conference these days. Is this a good thing?
    • Take Charge of Your Infosec Career! - Glen Roberts - BSidesSLC2015
      • You spent $5,000, a plane trip, a hotel and a full workweek on your last infosec course but when was the last time you invested even just a few hours of your time exclusively to developing your infosec career in a truly meaningful way? This talk will challenge the way you view your career and give you actionable steps for taking charge of it so you can optimize the rewards and fulfillment you receive from your work. Glen will leverage the stories and best practices from dozens of information security professionals to help inspire your infosec career journey. This presentation will be engaging and speak to the soul in a way that instills ownership of your own career and generates a passion for finding and carving out your own authentic career path.
    • Con Video Rig Enhancements - IronGeek & SkyDog

  • Attacking/PenTester/RedTeam

  • Educational

    • Con Video Rig Enhancements - IronGeek & SkyDog
    • How to Become an InfoSec Autodidact - Kelly Shortridge - Duo Tech Talk
    • Volatile Memory: Behavioral Game Theory in Defensive Security
    • The Art of Explanation: Behavioral Models of InfoSec - Kelly Shortridge
    • 301 The Road to Hiring is Paved in Good Intentions Tim OBrien
    • Ermahgerd: Lawrs - Robert Heverly - Anycon17
      • When do you, and other coders, hackers, developers, and tinkerers, think or worry about the law? If your answer is, ?Not very often,? then this talk is for you. We all need to think about the law. And it's not just privacy, or computer fraud, or even anti-circumvention law, that we should think about. We need to think about law as a whole and how it can help us do or stop us from doing what we want to do. This talk will start with a broad overview of the ways in which we implicate law when we do what we do, and then will focus on what that means for us and the broader implications that can arise from our various activities. Do you think the law would stop you from doing what you want to do or punish you for doing it? It might, but it also might not. If you think it does, do you think you should be able to do what you want to do? If you do, then we need to hack the law, and to do that we?ll need to talk to the legal coders, those writers of our cultural software. This talk will tackle not only law and working with code, but also why it matters for us to be aware of the law and engaged in improving it.
    • The Impact of Dark Knowledge and Secrets on Security and Intelligence Professionals - Richard Thieme
      • Dismissing or laughing off concerns about what it does to a person to know critical secrets does not lessen the impact on life, work, and relationships of building a different map of reality than “normal people” use. One has to calibrate narratives to what another believes. One has to live defensively, warily. This causes at the least cognitive dissonance which some manage by denial. But refusing to feel the pain does not make it go away. It just intensifies the consequences when they erupt. Philip K. Dick said, reality is that which, when you no longer believe in it, does not go away. When cognitive dissonance evolves into symptoms of traumatic stress, one ignores those symptoms at one’s peril. But the very constraints of one’s work often make it impossible to speak aloud about those symptoms, because that might threaten one’s clearances, work, and career. And whistle blower protection is often non-existent.
    • Weapons of Mass Distraction
      • In this talk, we aim to briefly cover the background of sock puppets (and related attacks) before moving on to real world demonstrations & “attacks“. Rigging polls, abusing Twitter, causing Reddit riots & targeting popular news organisations are some of the (many) attacks covered. In all these cases we discuss what we tried, what worked, what didn’t and what the implications are of the attacks. Where possible we will cover defences and solutions.
    • Youre stealing it wrong 30 years of inter pirate battles - Jason Scott - Defcon 18
    • [TROOPERS15] Andreas Lindh - Defender Economics

  • Genuinely Interesting/Unusual

    • Achilles Heel of the American Banking System
    • You're Leaking Trade Secrets - Defcon22 Michael Schrenk
      • Networks don't need to be hacked for information to be compromised. This is particularly true for organizations that are trying to keep trade secrets. While we hear a lot about personal privacy, little is said in regard to organizational privacy. Organizations, in fact, leak information at a much greater rate than individuals, and usually do so with little fanfare. There are greater consequences for organizations when information is leaked because the secrets often fall into the hands of competitors. This talk uses a variety of real world examples to show how trade secrets are leaked online, and how organizational privacy is compromised by seemingly innocent use of The Internet.
    • Exploiting Network Surveillance Cameras Like a Hollywood Hacker - Black Hat 2013
    • Paypals War on Terror - Chaos Communication Congress 31
    • CompSci in the DPRK
    • Disrupting an Adware-serving Skype Botnet
      • Not crazy technical or anything, moreso an interesting tale that shows one person with a little bit of skill can disrupt malvertising campaigns with a little legwork.
    • Software Supply Chains and the Illusion of Control - Derek Weeks
      • In this presentation I am sharing the results of a three-year, industry-wide study on open source development and security practices across 3,000 organizations and 25,000. I will detail how these organizations are employing a vast community of open source component suppliers, warehouses, and development tools that take the form of software supply chains. Modern software development practices are now consuming BILLIONS of open source and third-party components. The tooling with package managers and build tools such as Maven, Gradle, npm, NuGet, RubyGems and others has promoted the usage of components to a convenient standard practice. As a result, 90% of a typical application is now composed of open source components. The good news: use of the components is improving developer productivity and accelerating time to market. However, using these components brings ownership and responsibility with it and this fact is largely overlooked. The unspoken truth: not all parts are created equal. For example, 1 in 16 components in use include known security vulnerabilities. Ugh. This session aims to enlighten development professionals by sharing results from the State of the Software Supply Chain reports from 2015 through 2017. The reports blend of public and proprietary data with expert research and analysis. Attendees in this session will learn: - What our analysis of 25,000 applications reveals about the quality and security of software built with open source components - How organizations like Mayo Clinic, Exxon, Capital One, the U.S. FDA and Intuit are utilizing the principles of software supply chain automation to improve application security - Why avoiding open source components over 3 years old might be a really good idea - How to balance the need for speed with quality and security -- early in the development lifecycle We will also discuss how you can best approach the effort for development teams to identify, track and replace components with known vulnerabilities, while getting more products and new features to market quickly. Attend this session and gain insight as to how your organization’s application development practices compare to others. I'll share the industry benchmarks to take back and discuss with your development, security, and open source governance teams.
    • Hacks, Lies, & Nation States - Mario DiNatale - ANYCON 2017
      • A hilarious and non-technical skewering of the current state of Cybersecurity, the Cybersecurity
    • Money Makes Money: How To Buy An ATM And What You Can Do With It by Leigh Ann Galloway - BSides Manchester2017
    • (In)Outsider Trading – Hacking stocks using public information and (influence) - Robert Len - BSides CapeTown16
      • This talk will take a look at how inadvertently leaked technical information from businesses, can be used to successfully trade stocks. This results in making huge profits. We look at different methods of influencing the stock market, such as DDOS attacks (at critical time periods) and simple techniques such as Phish-baiting CEO’s to acquire sensitive, relevant information that can be applied in the real world to make massive gains in profit. We will also take a look at historic trends. How previous hacks, breaches and DDOS attacks have affected stock prices and investor confidence over time. Specific reference will be made towards listed South African companies (Or a particular listed SA company) and a POC will hopefully be completed by the presentation date.
    • Pwning pwners like a n00b
      • Cybercrime, blackhat hackers and some Ukrainians. If that doesn’t catch your attention, then stop reading. Follow the story of how stupid mistakes, OPSEC fails, and someone with a little too much time on his hands was able to completely dismantle a spamming and webshell enterprise using really simple skills and techniques you could pick up in a week. Did we mention that d0x were had as well? This talk will be an in-depth examination at the investigation and exploitation process involved.
    • Human Trafficking in the Digital Age
    • Stealing Profits from Spammers or: How I learned to Stop Worrying and Love the Spam - Grant Jordan - Defcon17
      • Every time you look at your inbox, there it is... SPAM! Your penis needs enlargement, a horny single girl from Russia "accidentally" emailed you, and a former Nigerian prince knows that you're just the man to safeguard his millions. But in 2007, while still a student at MIT, one particular kind caught my eye: stock spam. Those bizarre stock market "tips" that claim you should buy a particular stock because it's "about to go through the roof!!!!" Like most people, I initially thought nothing of these ridiculous emails. That was until Kyle Vogt (now of Justin.tv) proposed the stupidest idea I had ever heard: "There has to be some way we can make money off these spammers". After trying, and failing, to prove Kyle wrong, the two of us embarked on a 4-month study into the dark depths of stock spam. In this talk, I'll explain how we went from hand-sorting tens of thousands of spam emails to developing a trading strategy able to take a piece of the spammers' profits. And how, in the process, our work produced data that disproved the results of nearly all the existing stock spam research.

  • Insider Threats

  • Policy

    • Just What The Doctor Ordered? - Scott Erven and Shawn Merdinger - DEF CON 22
      • This discussion will also highlight the fallout from security standards not being a requirement for medical device manufacturers, and our experience in identifying and reporting vulnerabilities. We will provide our insight into what needs to be done for healthcare organizations to respond to the new threat of cyber-attack against medical devices. We are working towards a future where cyber security issues in medical devices are a thing of the past. We will discuss the recent success and traction we have gained with healthcare organizations, federal agencies and device manufacturers in addressing these security issues. The train is now moving, so please join us to find out how you can get involved and make a difference by ensuring patient safety.
    • Psychology of Security - Stefan Schumacher - Trooper14
      • In this talk I will introduce the Institute’s research programme about the Psychology of Security. We are going to research the psychological basics of IT security, including: How do people experience IT security? How are they motivated? How do they learn? Why do people tend to make the same mistakes again and again (Buffer Overflow, anyone?)? What can we do to prevent security incidents? Which curricula should be taught about IT security?
    • Killing you softly Josh Bressers
      • The entire security industry has a serious skill problem. We,re technically able, but we have no soft skills. We can,t talk to normal people at all. We can barely even talk to each other, and it's killing our industry. Every successful industry relies on the transfer of skills from the experienced to the inexperienced. Security lacks this today. If I asked you how you learned what you know about security, what would your answer be? In most cases you learned everything you know on your own. There was minimal learning from someone else. This has left us with an industry full of magicians, but even worse it puts us in a place where there is no way to transfer skill and knowledge from one generation to the next. Magicians don,t scale. If we think about this in the context of how we engage non security people it's even worse! Most non security people have no idea what security is, what security does, or even why security is important. It's easy to laugh at the horrible security problems almost everything has today, but in reality we,re laughing at ourselves. Historically we,ve blamed everything else for this problem when in reality it's 100% our fault. One of the our great weaknesses is failing to get the regular people to understand security and why it's important. This isn,t a surprise if you think about how the industry communicates. We can barely talk to each other, how can we possibly talk to someone who doesn,t know anything about security? Normal people are confused and scared, they want to do the right thing but they have no idea what that is. The future leaders in security are going to have to be able to teach and talk to their security peers, but more importantly they will have to engage everyone else. Security is being paid attention to like never before, and yet we have nothing to say to anyone. What has changed in the last few years? If we don,t do our jobs, someone else will do them for us, and we,re not going to like the results. Security isn,t a technical problem, technical problems are easy, security is a communication problem. Communications problems are difficult. Let's figure out how we can fix that.
    • Bridging the Air Gap: Cross Domain Solutions - Patrick Orzechowski
      • For years the government has been using CDS to bridge networks with different classification levels. This talk will focus on what CDS systems are, how they’re built, and what kind of configurations are common in the wild. Furthermore, we’ll look at testing techniques to evaluate the security of these systems and potential ways to exploit holes in configuration and design. We’ll also look at the ways the commercial world might benefit from a data and type-driven firewall as well as some of the downfalls and negative aspects of implementing a cross-domain system.

  • Political

  • Misc/Didn't Fit above

  • Interesting Papers

  • "I want my money back!" Li­mi­t­ing On­line Pass­word-Gues­sing Fi­nan­ci­al­ly -Ma­xi­mi­li­an Golla, Da­ni­el V. Bai­ley, Mar­kus Dür­muth

    • In this work-in-pro­gress re­port, we pro­po­se an opt-in de­po­sit-ba­sed ap­proach to ra­te-li­mi­t­ing that tack­les on­line gues­sing at­tacks. By de­man­ding a small de­po­sit for each login at­tempt, which is im­me­dia­te­ly re­fun­ded after a suc­cess­ful sign in, on­line gues­sing at­ta­ckers face high costs for re­pea­ted un­suc­cess­ful log­ins. We pro­vi­de an in­iti­al ana­ly­sis of sui­ta­ble pay­ment sys­tems and re­a­sonable de­po­sit va­lues for re­al-world im­ple­men­ta­ti­ons and di­s­cuss se­cu­ri­ty and usa­bi­li­ty im­pli­ca­ti­ons of the sys­tem.

  • Emo­ji­Auth: Quan­ti­fy­ing the Se­cu­ri­ty of Emo­ji-ba­sed Au­then­ti­ca­ti­on - Ma­xi­mi­li­an Golla, Den­nis De­te­ring, Mar­kus Dür­muth

    • Mo­bi­le de­vices, such as smart­pho­nes and ta­blets, fre­quent­ly store con­fi­den­ti­al data, yet im­ple­men­ting a se­cu­re de­vice un­lock func­tio­na­li­ty is non-tri­vi­al due to re­stric­ted input me­thods. Gra­phi­cal know­ledge-ba­sed sche­mes have been wi­de­ly used on smart­pho­nes and are ge­ne­ral­ly well ad­ap­ted to the touch­screen in­ter­face on small screens. Re­cent­ly, gra­phi­cal pass­word sche­mes based on emoji have been pro­po­sed. They offer po­ten­ti­al be­ne­fits due to the fa­mi­li­a­ri­ty of users with emoji and the ease of ex­pres­sing me­mo­ra­ble sto­ries. Howe­ver, it is well-known from other gra­phi­cal sche­mes that user-selec­ted au­then­ti­ca­ti­on secrets can sub­stan­ti­al­ly limit the re­sul­ting en­tro­py of the au­then­ti­ca­ti­on secret. In this work, we study the en­tro­py of user-selec­ted secrets for one ex­em­pla­ry in­stan­tia­ti­on of emo­ji-ba­sed au­then­ti­ca­ti­on. We ana­ly­zed an im­ple­men­ta­ti­on using 20 emoji dis­play­ed in ran­dom order on a grid, where a user selects pass­codes of length 4 wi­thout fur­ther re­stric­tions. We con­duc­ted an on­line user study with 795 par­ti­ci­pants, using the collec­ted pass­codes to de­ter­mi­ne the re­sis­tan­ce to gues­sing based on se­ver­al gues­sing stra­te­gies, thus esti­ma­ting the selec­tion bias. We eva­lua­ted Mar­kov mo­del-ba­sed gues­sing stra­te­gies based on the selec­ted se­quence of emoji, on its po­si­ti­on in the grid, and com­bined mo­dels ta­king into ac­count both fea­tures. While we find selec­tion bias based on both the emoji as well as the po­si­ti­on, the me­a­su­red bias is lower than for si­mi­lar sche­mes. De­pen­ding on the model, we can re­co­ver up to 7% at 100 gues­sing at­tempts, and up to 11% of the pass­codes at 1000 gues­sing at­tempts. (For com­pa­ri­son, pre­vious work on the gra­phi­cal An­dro­id Un­lock pat­tern sche­me (CCS 2013) re­co­ver­ed around 18% at 100 and 50% at 1000 gues­sing at­tempts, de­s­pi­te a theo­re­ti­cal key­space of more than dou­b­le the size for the An­dro­id sche­me.) These re­sults de­mons­tra­te some po­ten­ti­al for a usa­ble and re­la­tive­ly se­cu­re sche­me and show that the size of the theo­re­ti­cal key­space is a bad pre­dic­tor for the rea­lis­tic guessa­bi­li­ty of pass­codes.

  • Interesting Software Projects

    • Upspin
      • Upspin is an experimental project to build a framework for naming and sharing files and other data securely, uniformly, and globally: a global name system of sorts. It is not a file system, but a set of protocols and reference implementations that can be used to join things like file systems and other storage services to the name space. Performance is not a primary goal. Uniformity and security are. Upspin is not an official Google product

  • Interesting Hardware Projects

    • Digital Ding Dong Ditch
      • Digital Ding Dong Ditch is a device to hack into and ring my best friend's wireless doorbell whenever I send a text message to the device. The best part of the device is that it causes my friend, without fail, to come outside, find no one, and go back in. In this project, we'll learn not only how to create this device, but how to reverse engineer radio frequencies we know nothing about using RTL-SDR (a ~$14 software defined radio), as well as creating hardware and software using Arduino, the Adafruit FONA (GSM/SMS/2G board), an RF (radio frequency) transmitter to transmit custom signals, and even how to reverse engineer a proprietary radio signal we know nothing about!

Screen Scraping

Tools

  • Tools
    • Scrapy
      • An open source and collaborative framework for extracting the data you need from websites. In a fast, simple, yet extensible way.
    • iMacros for Firefox
      • Automate Firefox. Record and replay repetitious work. If you love the Firefox web browser, but are tired of repetitive tasks like visiting the same sites every days, filling out forms, and remembering passwords, then iMacros for Firefox is the solution you’ve been dreaming of! Whatever you do with Firefox, iMacros can automate it.
    • Scraper - Chrome plugin
      • Scraper is a simple data mining extension for Google Chrome™ that is useful for online research when you need to quickly analyze data in spreadsheet form. To use it: highlight a part of the webpage you'd like to scrape, right-click and choose "Scrape similar...". Anything that's similar to what you highlighted will be rendered in a table ready for export, compatible with Google Docs™. This is a work-in-progress (i.e. there are bugs), and is currently intended for intermediate to advanced users who are comfortable with XPath, though jQuery is also supported to an extent.
    • IRobot
      • IRobot@IRobotSoft is an intelligent Web automation software. It features a small core that powers everything you need for handling Web data. You can easily teach and create your own robots to automate your daily activities. The robots will click links, submit forms, connect to databases, and run custom code to analyse data.
    • OutWit Hub - Shareware
      • OutWit Hub breaks down Web pages into their different constituents. Navigating from page to page automatically, it extracts information elements and organizes them into usable collections.
    • Webrecorder
      • Create high-fidelity, interactive web archives of any web site you browse
    • wikiteam
      • Tools for downloading and preserving wikis
    • Paste-Scraper
    • Wayback scraper
    • scrape-twitter
      • Access Twitter data without an API key
    • Puppeteer
      • Puppeteer is a Node library which provides a high-level API to control Chrome or Chromium over the DevTools Protocol. Puppeteer runs headless by default, but can be configured to run full (non-headless) Chrome or Chromium.
    • teleport
      • Modern SSH server for clusters and teams.

Simulators/ions

  • Simulators
    • Shadow
      • Summary: Shadow is a unique, open source discrete-event network simulator that runs real applications like Tor. Shadow combines the accuracy of emulation with the efficiency and control of simulation, achieving the best of both approaches
    • Hflow2
      • Data Analysis System
    • VirtualPlant
      • VirtuaPlant is a Industrial Control Systems simulator which adds a “similar to real-world control logic” to the basic “read/write tags” feature of most PLC simulators. Paired with a game library and 2d physics engine, VirtuaPlant is able to present a GUI simulating the “world view” behind the control system allowing the user to have a vision of the would-be actions behind the control systems.strated as the fruits of the bug hunting labour.

Various Purpose Based OS's

  • Various Purpose Based OS's
    • Parrot Security
    • Qubes
      • Qubes is an open-source operating system designed to provide strong security for desktop computing using Security by Compartmentalization approach. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers. Qubes Release 1 was released in September 2012 and Release 2 in September 2014. Qubes also supports Windows-based AppVMs beginning with Release 2 (currently in “Beta”). Qubes Release 3 is coming soon and will introduce Hypervisor Abstraction Layer (HAL), allowing easy porting to alternative virtualization systems.
    • Liberte
      • Liberté Linux is a secure, reliable, lightweight and easy to use Gentoo-based LiveUSB/SD/CD Linux distribution with the primary purpose of enabling anyone to communicate safely and covertly in hostile environments. Whether you are a privacy advocate, a dissident, or a sleeper agent, you are equally likely to find Liberté Linux useful as a mission-critical communication aid.
    • Archassault
      • The ArchAssault Project is an Arch Linux derivative for penetration testers, security professionals and all-around Linux enthusiasts. This means we import the vast majority of the official upstream Arch Linux packages, these packages are unmodified from their upstream source. While our Arch Linux base is primarily untouched, there are times were we have to fork a package to be able to better support our vast selection of tools. All of our packages strive to maintain the Arch Linux standards, methods and philosophies.
    • Kali linux
      • You do pentesting with it.
    • Tails
      • Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity, and helps you to: use the Internet anonymously and circumvent censorship; all connections to the Internet are forced to go through the Tor network; leave no trace on the computer you are using unless you ask it explicitly; use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging.
    • PenQ
      • PenQ is an open source, Linux-based penetration testing browser bundle we built over Mozilla Firefox. It comes pre-configured with security tools for spidering, advanced web searching, fingerprinting, anonymous browsing, web server scanning, fuzzing, report generating and more.
    • Active Defense Harbinger Distribution (ADHD)
      • The Active Defense Harbinger Distribution (ADHD) is a Linux distro based on Ubuntu LTS. It comes with many tools aimed at active defense preinstalled and configured. The purpose of this distribution is to aid defenders by giving them tools to "strike back" at the bad guys. ADHD has tools whose functions range from interfering with the attackers' reconnaissance to compromising the attackers' systems. Innocent bystanders will never notice anything out of the ordinary as the active defense mechanisms are triggered by malicious activity such as network scanning or connecting to restricted services.
    • Blogpost going over it/setting it up - HolisticInfosec

Interesting Software

  • Generally Interesting
    • scanless
      • Command-line utility for using websites that can perform port scans on your behalf. Useful for early stages of a penetration test or if you'd like to run a port scan on a host and have it not come from your IP address.
    • Simplevisor
      • SimpleVisor is a simple, portable, Intel VT-x hypervisor with two specific goals: using the least amount of assembly code (10 lines), and having the smallest amount of VMX-related code to support dynamic hyperjacking and unhyperjacking (that is, virtualizing the host state from within the host). It runs on both Windows and UEFI.
  • Data Visualization
    • ProcDOT
      • This tool processes Sysinternals Process Monitor (Procmon) logfiles and PCAP-logs (Windump, Tcpdump) to generate a graph via the GraphViz suite. This graph visualizes any relevant activities (customizable) and can be interactively analyzed.
    • Local
    • Foreign LINUX
      • Foreign LINUX is a dynamic binary translator and a Linux system call interface emulator for the Windows platform. It is capable of running unmodified Linux binaries on Windows without any drivers or modifications to the system. This provides another way of running Linux applications under Windows in constrast to Cygwin and other tools.
  • Network
    • Netdude
      • The Network Dump data Displayer and Editor is a framework for inspection, analysis and manipulation of tcpdump trace files. It addresses the need for a toolset that allows easy inspection, modification, and creation of pcap/tcpdump trace files. Netdude builds on any popular UNIX-like OS, such as Linux, the BSDs, or OSX.
  • Programming Related
    • Hachoir
      • Hachoir is a Python library that allows to view and edit a binary stream field by field
    • pdf-bot
      • 🤖 A Node queue API for generating PDFs using headless Chrome. Comes with a CLI, S3 storage and webhooks for notifying subscribers about generated PDFs
    • exitmap
      • A fast and modular scanner for Tor exit relays.
    • SniffJoke
      • SniffJoke is an application for Linux that handle transparently your TCP connection, delaying, modifyng and inject fake packets inside your transmission, make them almost impossible to be correctly readed by a passive wiretapping technology (IDS or sniffer)
    • Unicorn-Engine
      • Unicorn is a lightweight multi-platform, multi-architecture CPU emulator framework.
    • Distributed File Storage Using JavaScript Botnets
  • Other
    • ZeroMQ
    • recap
      • recap is a reporting script that generates reports of various information about the server.
    • LuxBase
    • Delta Copy
      • In technical terms, DeltaCopy is a "Windows Friendly" wrapper around the Rsync program, currently maintained by Wayne Davison. "rsync" is primarily designed for Unix/Linux/BSD systems. Although ports are available for Windows, they typically require downloading Cygwin libraries and manual configuration.
    • autojump - a faster way to navigate your filesystem
      • autojump is a faster way to navigate your filesystem. It works by maintaining a database of the directories you use the most from the command line.
    • Universal Extractor
      • Universal Extractor is a program designed to decompress and extract files from any type of archive or installer, such as ZIP or RAR files, self-extracting EXE files, application installers, etc
  • Personal Utilities
    • CyberChef - GCHQ
      • CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character encodings, and much more.
    • WizTree
      • WizTree is a disk space analyzer that will quickly scan your entire hard drive and shows you which files and folders are using the most disk space. WizTree obtains information by directly scanning the MFT file, so it can only work with local (directly attached) drives formatted with the NTFS file system. It won't work with network drives, substituted drives or non-NTFS formatted drives. We may add support for other drive types in the future if there's enough demand.
    • Xmount
      • What is xmount? xmount allows you to convert on-the-fly between multiple input and output harddisk image types. xmount creates a virtual file system using FUSE (Filesystem in Userspace) that contains a virtual representation of the input image. The virtual representation can be in raw DD, DMG, VHD, VirtualBox's virtual disk file format or in VmWare's VMDK file format. Input images can be raw DD, EWF (Expert Witness Compression Format) or AFF (Advanced Forensic Format) files. In addition, xmount also supports virtual write access to the output files that is redirected to a cache file. This makes it possible to boot acquired harddisk images using QEMU, KVM, VirtualBox, VmWare or alike.
    • HashID
      • hashID is a tool written in Python 3 which supports the identification of over 220 unique hash types using regular expressions. It is able to identify a single hash, parse a file or read multiple files in a directory and identify the hashes within them. hashID is also capable of including the corresponding hashcat mode and/or JohnTheRipper format in its output. hashID works out of the box with Python 2 = 2.7.x or Python 3 = 3.3 on any platform.
    • gibbersense
      • Extract Sense out of Gibberish stuff
    • algo
      • 1-click IPSEC VPN in the Cloud
    • cyberfree
      • Cyber-free browsing extension for Chrome
    • noVNC
      • noVNC is a HTML5 VNC client that runs well in any modern browser including mobile browsers (iOS and Android).
    • No More Secrets
      • This project provides a command line tool called nms that recreates the famous data decryption effect seen on screen in the 1992 hacker movie Sneakers. For reference, you can see this effect at 0:35 in this movie clip.
    • Hardentools
      • Hardentools is a collection of simple utilities designed to disable a number of "features" exposed by operating systems (Microsoft Windows, for now), and primary consumer applications. These features, commonly thought for Enterprise customers, are generally useless to regular users and rather pose as dangers as they are very commonly abused by attackers to execute malicious code on a victim's computer. The intent of this tool is to simply reduce the attack surface by disabling the low-hanging fruit. Hardentools is intended for individuals at risk, who might want an extra level of security at the price of some usability. It is not intended for corporate environments.
    • Etcher
      • Etcher is a powerful OS image flasher built with web technologies to ensure flashing an SDCard or USB drive is a pleasant and safe experience. It protects you from accidentally writing to your hard-drives, ensures every byte of data was written correctly and much more.
    • Windows Firewall Control - Managing Windows Firewall is now easier than ever
    • Magic Wormhole
      • This package provides a library and a command-line tool named wormhole, which makes it possible to get arbitrary-sized files and directories (or short pieces of text) from one computer to another. The two endpoints are identified by using identical "wormhole codes": in general, the sending machine generates and displays the code, which must then be typed into the receiving machine.
  • Editors
    • wxHex Editor
      • wxHexEditor is another Free Hex Editor, build because there is no good hex editor for Linux system, specially for big files.
  • GPU Keylogger
    • Demon
      • GPU keylogger PoC by Team Jellyfish