Razorback is a framework for an intelligence driven security solution.
It consists of a Dispatcher at the core of the system, surrounded by
Nuggets of varying types.
This nugget provides logging output via syslog.
Razorback is a framework for an intelligence driven security solution.
It consists of a Dispatcher at the core of the system, surrounded by
Nuggets of varying types.
This nugget checks the VirusTotal API for the MD5 of the submitted file.
If the file is found, the short data of the alert will contain the results
from the JSON response from VirusTotal.
Razorback is a framework for an intelligence driven security solution.
It consists of a Dispatcher at the core of the system, surrounded by
Nuggets of varying types.
The Yara nugget allows modified Yara rules to dictate which flags are
set when they alert.
shimmer is a pair of small programs (a client and a server) that provide an
alternative to port knocking program such as tumbler and are used to hide a
valuable port (such as a hidden web server or SSH) on a public IP address.
smap is a simple scanner for SIP enabled devices
smap sends off various SIP requests awaiting responses from SIP
enabled DSL router, proxies and user agents. It could be considered
a mashup of nmap and sipsak ;)
ssdeep is a tool for computing context triggered piecewise hashes.
Unlike other hash calculators such as md5, it supports partial match between
the original file and modified/truncated files. It can also compute the
degree of similarity between files.
PAM module which permits authentication for arbitrary services via
ssh-agent. Written with sudo in mind, but like any auth PAM module,
can be used for many purposes.
The Nmap::Parser library provides a Ruby interface to
Nmap's scan data. It can run Nmap and parse its XML
output directly from the scan, parse a file containing
the XML data from a separate scan, parse a String of
XML data from a scan, or parse XML data from an object
via its read() method. This information is presented
in an easy-to-use and intuitive fashion for storage
and manipulation.
Razorback is a framework for an intelligence driven security solution.
It consists of a Dispatcher at the core of the system, surrounded by
Nuggets of varying types.
SnortSam is an intelligent agent that allows the popular
open-source Intrusion Detection System called Snort to block
intruding connections by reconfiguration of many firewalls
and Cisco devices.