There are new available articles, click to refresh the page.

Associated-Threat-Analyzer - Detects Malicious IPv4 Addresses And Domain Names Associated With Your Web Application Using Local Malicious Domain And IPv4 Lists

By: Zion3R — September 3^rd 2023 at 11:30

Associated-Threat-Analyzer detects malicious IPv4 addresses and domain names associated with your web application using local malicious domain and IPv4 lists.

Installation

From Git

git clone https://github.com/OsmanKandemir/associated-threat-analyzer.git
cd associated-threat-analyzer && pip3 install -r requirements.txt
python3 analyzer.py -d target-web.com

From Dockerfile

You can run this application on a container after build a Dockerfile.

Warning : If you want to run a Docker container, associated threat analyzer recommends to use your malicious IPs and domains lists, because maintainer may not be update a default malicious IP and domain lists on docker image.

docker build -t osmankandemir/threatanalyzer .
docker run osmankandemir/threatanalyzer -d target-web.com

From DockerHub

docker pull osmankandemir/threatanalyzer
docker run osmankandemir/threatanalyzer -d target-web.com

Usage

-d DOMAIN , --domain DOMAIN Input Target. --domain target-web1.com
-t DOMAINSFILE, --DomainsFile Malicious Domains List to Compare. -t SampleMaliciousDomains.txt
-i IPSFILE, --IPsFile Malicious IPs List to Compare. -i SampleMaliciousIPs.txt
-o JSON, --json JSON  JSON output. --json

DONE

First-level depth scan your domain address.

TODO list

Third-level or the more depth static files scanning for target web application.

Default Malicious IPs and Domains Sources

https://github.com/stamparm/blackbook

https://github.com/stamparm/ipsum

Development and Contribution

See; CONTRIBUTING.md

Download Associated-Threat-Analyzer

KitPloit - PenTest Tools!

Polaris - Validation Of Best Practices In Your Kubernetes Clusters

By: Zion3R — July 2^nd 2023 at 12:30

Polaris is an open source policy engine for Kubernetes

Polaris is an open source policy engine for Kubernetes that validates and remediates resource configuration. It includes 30+ built in configuration policies, as well as the ability to build custom policies with JSON Schema. When run on the command line or as a mutating webhook, Polaris can automatically remediate issues based on policy criteria.

Polaris can be run in three different modes:

As a dashboard - Validate Kubernetes resources against policy-as-code.
As an admission controller - Automatically reject or modify workloads that don't adhere to your organization's policies.
As a command-line tool - Incorporate policy-as-code into the CI/CD process to test local YAML files.

Documentation

Check out the documentation at docs.fairwinds.com

Join the Fairwinds Open Source Community

The goal of the Fairwinds Community is to exchange ideas, influence the open source roadmap, and network with fellow Kubernetes users. Chat with us on Slack or join the user group to get involved!

Other Projects from Fairwinds

Enjoying Polaris? Check out some of our other projects:

Goldilocks - Right-size your Kubernetes Deployments by compare your memory and CPU settings against actual usage
Pluto - Detect Kubernetes resources that have been deprecated or removed in future versions
Nova - Check to see if any of your Helm charts have updates available
rbac-manager - Simplify the management of RBAC in your Kubernetes clusters

Or check out the full list

Fairwinds Insights

If you're interested in running Polaris in multiple clusters, tracking the results over time, integrating with Slack, Datadog, and Jira, or unlocking other functionality, check out Fairwinds Insights, a platform for auditing and enforcing policy in Kubernetes clusters.

Download Polaris

KitPloit - PenTest Tools!

Seekr - A Multi-Purpose OSINT Toolkit With A Neat Web-Interface

By: noreply@blogger.com (Unknown) — April 6^th 2023 at 12:30

A multi-purpose toolkit for gathering and managing OSINT-Data with a neat web-interface.

Introduction

Seekr is a multi-purpose toolkit for gathering and managing OSINT-data with a sleek web interface. The backend is written in Go and offers a wide range of features for data collection, organization, and analysis. Whether you're a researcher, investigator, or just someone looking to gather information, seekr makes it easy to find and manage the data you need. Give it a try and see how it can streamline your OSINT workflow!

Check the wiki for setup guide, etc.

Why use seekr over my current tool ?

Seekr combines note taking and OSINT in one application. Seekr can be used alongside your current tools. Seekr is desingned with OSINT in mind and optimized for real world usecases.

Key features

Database for OSINT targets
GitHub to email
Account cards for each person in the database
Account discovery intigrating with the account cards
Pre defined commonly used fields in the database

Getting Started - Installation

Windows

Download the latest exe here

Linux (stable)

Download the latest stable binary here

Linux (unstable)

To install seekr on linux simply run:

git clone https://github.com/seekr-osint/seekr
cd seekr
go run main.go

Now open the web interface in your browser of choice.

Run on NixOS

Seekr is build with NixOS in mind and therefore supports nix flakes. To run seekr on NixOS run following commands.

nix shell github:seekr-osint/seekr
seekr

Intigrating seekr into your current workflow

journey
	title How to Intigrate seekr into your current workflow.
	section Initial Research
		Create a person in seekr: 100: seekr
    Simple web research: 100: Known tools
		Account scan: 100: seekr
	section Deeper account investigation
		Investigate the accounts: 100: seekr, Known tools
		Keep notes: 100: seekr
  section Deeper Web research
    Deep web research: 100: Known tools
    Keep notes: 100: seekr
	section Finishing the report
		Export the person with seekr: 100: seekr
		Done.: 100

Feedback

We would love to hear from you. Tell us about your opinions on seekr. Where do we need to improve?... You can do this by just opeing up an issue or maybe even telling others in your blog or somewhere else about your experience.

Legal Disclaimer

This tool is intended for legitimate and lawful use only. It is provided for educational and research purposes, and should not be used for any illegal or malicious activities, including doxxing. Doxxing is the practice of researching and broadcasting private or identifying information about an individual, without their consent and can be illegal. The creators and contributors of this tool will not be held responsible for any misuse or damage caused by this tool. By using this tool, you agree to use it only for lawful purposes and to comply with all applicable laws and regulations. It is the responsibility of the user to ensure compliance with all relevant laws and regulations in the jurisdiction in which they operate. Misuse of this tool may result in criminal and/or civil prosecut ion.

Download Seekr

FreshRSS