siem security tool

Find a wireless network Finding a wireless network is the first step in an attack, where two common tools are recommended: 1, Network Stumbler a.k.a NetStumbler. This windows-based tool makes it very easy to find radio signals that are broadcast in a range, and to determine which signals or noise information can be used for site measurements. 2, Kismet. A key feature of the lack of NetStumbler is to show which wireless networks do not have a broa

Skipfish is a free, open-source, and Web application.ProgramSecurity detection tools. Skipfish features: -Fast: skipfish is fully written by C. It features highly optimized HTTP processing capabilities and the lowest CPU usage. It can easily process 2000 requests per second; -Easy to use: Uses heuristic scanning technology to host multiple web architectures. Supports automatic learning, Dictionary dynamic creation, and automatic form creation. -Cutting-edge

Book review: Look at the official introduction, need 2 wireless network card support, one should be used to affect the user and normal hotspot connection, that is, Dos attack, and another can simulate a fake AP waiting for user access, this attack will be on the internet of things and smart home security products such as a great impact, Specifically see my article "Door magnetic alarm system crack conjecture" Original address: http://www.freebuf.

Project background:Software patch management, malware scanning, file integrity checking, security review, configuration error checking, and more. To have a security vulnerability automatic scanning Tool!!Better not money!Test environment:VMware Workstation 11Server: ip:192.168.0.19 off iptables setenforce0SECURECRT (SSH remote connection software)Lynis-2.1.0-1.el

Taking the most typical remote management software for example, network management can help users solve problems remotely. However, when such software is in the hands of hackers, it becomes a "high-risk" weapon for remote control of users' computers. While understanding the positive and common features of the software, if you can see the potential risks of the software, it will greatly reduce the security issues caused by the software.Looking at the h

Share: Security Testing Tool tips There is an article about security testing tools: Gunfight at The OK Button.15 key points of the security testing tool are listed in this article:1. Test any type of vulnerabilities in source code.2. Test any type of vulnerability for binary

Gosec is a Go Language source security Analysis tool that scans the go AST (abstract syntax tree) to see if there is a security issue with the source code. License According to the Apache 2.0 version of license, you will not be able to use the file unless you have complied with the license. You can get a copy of the license here. Installation $ go get github.com/

When you use the ASP. NET Web Site Administration tool, the following issues occur safely:The main reason for this is that the user and role information needs to be created in security management, so the database is used, but you do not have a database set up.You can open the command prompt tool with VS comes with:Open and enter the Aspnet_regsql command, set the

Lynis Security vulnerability Detection Tool https://cisofy.com/download/lynis/https://cisofy.com/files/lynis-2.2.0.tar.gzCommand: sudo./lynis--check-all-qsudo grep warning/var/log/lynis.logsudo grep suggestion/var/log/lynis.logsudo vi/etc/cron.daily/scan.sh#!/bin/shauditor= "Automated" date=$ (DATE +%y%m%d) host=$ (hostname) log_dir= "/var/log/lynis" report= "$LOG _dir/ Report-${host}.${date} "data=" $LOG _

Arachni is a versatile, modular, high-performance ruby framework designed to help infiltrate testers and administrators evaluate the security of Web applications. At the same time Arachni open source is free, can be installed on Windows, Linux and Mac systems, and can export evaluation reports.First, Arachni download and start, take the Linux environment as an example: http://www.arachni-scanner.com/download/Unzip the file arachni-1.5.1-0.5.12-darwin-

sources via HTTP, the page is still marked as unsafe. This is the so-called mixed content page, where mixed content pages are only partially protected because HTTP content (unencrypted content) can be hacked by sniffers and susceptible to man-in-the-middle attacks. Click on the left to provide a link to the network panel view. A man-in-the-middle attack (Man-in-the-middle Attack, "MITM attack") is an "indirect" intrusion pattern that, by various technical means, places a computer

This article mainly introduced the PHP.ini Security Configuration Detection Tool PCC Brief Introduction, this tool is very practical, may detect the PHP configuration file to have the security hidden trouble, and proposes the corresponding configuration suggestion, needs the friend may refer to under Overview Some ti

other user accounts are not important. This is a long-term and chronic weakness in Linux and Unix security. A simple reinstallation can replace damaged system files, but what should I do with data files? Any intrusion has the potential to cause massive damage. In fact, to spread spam, copy sensitive files, provide fake music or movie files, and launch attacks against other systems, there is no need for root access. IDS new favorite: PSAD Psad is shor

The UMAP2 is a Python-based USB Host Security Assessment tool developed by NCC Group and the Cisco SAS team.It has all the features supported by the first edition: UMAP2EMULATE:USB Device Enumeration Umap2scan: Usbhost Scan for device support Umap2detect:usbhost Operating system detection (not yet implemented) UMAP2FUZZ:USB Host Fuzzing Additionally, additional features are added t

As early as two years ago, Google search engine guide on the proposed if the site is an HTTPS URL (installation of SSL security certificate) in a certain condition factors will be the site's weight and ranking has a certain positive effect. In the following two years, our domestic search engine also began to be based on whether the site to join the SSL certificate a discussion, but from the user experience and the actual needs, if we use the interacti

IOS security-network packet analysis tool Charles I wrote an article earlier: IOS development-image search (source code + resolution) Many of my friends are curious about how I got Baidu's image search API, which is actually very simple. The network packet analysis tool "Charles" can be easily implemented. To obtain the image search API, you only need to perform

As a database, MySQL is synonymous with ease of use. most database-driven web applications choose it as their own database. For this reason, MySQL is applied to many WEB servers. Although MySQL command line tool is indeed useful, it is sometimes time-consuming to complete the task, unless you are familiar with SQL syntax, familiar with mysqlGUImysql management tool As a database, MySQL is synonymous with

Article Title: Configure an open-source security tool for the Solaris server (below ). Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source. Linux.chinaitlab.com/safe/737833.html "> the http://linux.chinaitlab.com/safe/737833.html configures open source

Security Scan Tool Nikto introduction to simple useNikto is an open source (GPL) Web server scanner that provides a comprehensive range of scanning of Web servers with more than 3300 potentially dangerous file/cgis, over 625 server versions, and over 230 specific server issues. Scan items and plug-ins can be updated automatically (if needed). Complete its underlying functionality based on Whisker/libwhisker

IntroductionWireshark uses a very good clutch software, in the graphical interface of absolute dominance; although it has a few options in the character interface to use, but after all, it is not very convenient, the following I introduce a NB of the end of the clutch tool tcpdump1. Promiscuous modeLinux NIC has promiscuous mode one says that when promiscuous mode is turned on, the NIC can crawl all the packets, whether or not the package is sent to i