Recently Browsing 0 members
No registered users viewing this page.
Members online now
No members to show
By Salaheldin A.
OSINT Tools collections:
Verification Toolset : https://start.me/p/ZGAzN7/verification-toolset
Mapping & Monitoring : https://start.me/p/7k4BnY/mapping-monitoring
Search Engines: https://start.me/p/b56G5Q/search-engines
Social Media Dashboard : https://start.me/p/m6MbeM/social-media-intelligence-dashboard
Threat Intel, OSINT and malware investigation resources : https://start.me/p/rxRbpo/ti
AML Toolbox : https://start.me/p/rxeRqr/aml-toolbox
Technisette collection : https://start.me/p/wMdQMQ/tools
Ph055a collection : https://github.com/Ph055a/OSINT-Collection
By Sherman Chu
I'm sure that everyone in this club can agree that OSINT can be a very powerful force-multiplier in infosec, but how do ya'll manage the collection of OSINT?
Specifically, is the collection effort indexed and evaluated in a way that infosec teams (whether SMB or major-enterprise level) can go back and look at the efficacy, integrity, and veracity of said collection effort?
Do ya'll use frameworks such as the Admiralty System to evaluated OSINT data?
By Kev Breen
Its a tool I created almost 2 years ago, but its still finding sensitive data being posted to pastebin and other sites, Either deliberately by bad guys or accidentally by people who do not know any better.
It also comes with Slack, SMS and email alerting for detected rules
Some links to some useful info:
https://techanarchy.net/blog/hunting-pastebin-with-pastehunter https://techanarchy.net/blog/pastehunter-the-results https://github.com/kevthehermit/pastehunter https://pastehunter.readthedocs.io/en/latest/
By Kevin Beaumont
Two researchers have a talk upcoming at DefCon about SSL VPN vulnerabilities, and they've started (although not in the talk) by detailing a unauthenticated remote code execution vulnerability in Palo-Alto GlobalProtect, their VPN system: http://blog.orange.tw/2019/07/attacking-ssl-vpn-part-1-preauth-rce-on-palo-alto.html
The short version is:
- Bad vulnerability
- Actually exploitable
- Because it's on both your VPN and firewall box (Palo-Alto do both), the attacker owns your network via the internet
- They released a patch for the issue a year ago, but didn't issue a CVE or tell people about the issues for whatever reason - so you want to check if you actually run a vulnerable version still.
Vendor advisory here after I tweeted about it: https://securityadvisories.paloaltonetworks.com/Home/Detail/158