Razorback is a framework for an intelligence driven security solution.
It consists of a Dispatcher at the core of the system, surrounded by
Nuggets of varying types.
This nugget is an open-source PDF analyzer that does not require an
external commercial application to function.
Razorback is a framework for an intelligence driven security solution.
It consists of a Dispatcher at the core of the system, surrounded by
Nuggets of varying types.
This nugget checks the VirusTotal API for the MD5 of the submitted file.
If the file is found, the short data of the alert will contain the results
from the JSON response from VirusTotal.
Razorback is a framework for an intelligence driven security solution.
It consists of a Dispatcher at the core of the system, surrounded by
Nuggets of varying types.
The Yara nugget allows modified Yara rules to dictate which flags are
set when they alert.
Airbrussh is a concise log formatter for Capistrano and SSHKit. It displays
well-formatted, useful log output that is easy to read. Airbrussh also saves
Capistrano's verbose output to a separate log file just in case you need
additional details for troubleshooting.
revealrk searches for hidden processes. If you have a kernel mod
rootkit loaded into memory without hiding any process, don't expect
to find anything.
Reveal RootKit is intended to run out of cron or similar services
on a regular basis and avoids verbose output as long as nothing was
found.
Snort-rep is a Snort reporting tool that can produce text or HTML
output from a syslog file. The reports contain:
* Portscan summary
* Alert Summary by ID
* Alert summary by remote host and ID
* Alert summary by local host and ID
* Alert summary by local port and ID
libsodium is a library for network communication, encryption,
decryption, signatures, etc.
libsodium is a portable, cross-compilable, installable,
packageable, API-compatible version of NaCl(security/nacl).
NaCl's goal is to provide all of the core operations needed
to build higher-level cryptographic tools.
Pam_helper is a small utility which allows non-PAM, or non-setuid
applications to make use of PAM's authentication services. It was mainly
created to allow gnome-screensaver to make use of PAM, but any application
could use it. It accepts two arguments, the PAM service name, and a
username. It reads the user's password from stdin.
Net::SSH::Gateway is a library for programmatically tunneling connections to
servers via a single "gateway" host. It is useful for establishing Net::SSH
connections to servers behind firewalls, but can also be used to forward ports
and establish connections of other types, like HTTP, to servers with i
restricted access.
* Easily manage forwarded ports
* Establish Net::SSH connections through firewalls
xspy is a utility for monitoring keypresses on remote X servers. It
takes advantage of an oversight in X Windows (R5 & R6) to find out
about keypresses even in "secure mode". It works by polling the
keyboard, by default every hundredth of a second.