Quickstart
PhpMetrics provides various metrics about PHP projects.
Installation
composer global require 'phpmetrics/phpmetrics'
phpmetrics --report-html=myreport.html /path/of/your/sources
How web malware scanner works?
Comodo Web malware scanner uses advanced malware detection technologies to identify viruses and malicious code on a web page. It is a cloud-based service that can detect continuous security threats and attacks on e-commerce websites. Further, the Web Inspector also utilizes sophisticated technologies such as
Dynamic page analysis,
Signature based detection
Buffer overflow detection
Heuristic detection techniques
Simple IOC Scanner
Scanner for Simple Indicators of Compromise
PHP scanner written in Python for identifying PHP backdoors and php malicious code. This tool is mainly reusing below mentioned tools. To use this tool, you need to install yara library for Python from the source.
Does its very best to detect obfuscated/dodgy code as well as files using PHP functions often used in malwares/webshells. Detection is performed by crawling the filesystem and testing files against a set of YARA rules.
Scans the current working directory and display results with the score greater than the given value. Released under the MIT license.
an open source program which looks for security vulnerabilities, code-quality, performance, and conformance.
Acunetix WVS automatically checks your web applications for SQL Injection, XSS & other web vulnerabilities.
A static source code analyser for vulnerabilities in PHP .scripts
an open source web server scanner which performs comprehensive tests against web servers for multiple items, including potentially dangerous files/program.
ClamAV extension for PHP (php-clamav) - a fork of the php-clamavlib project allows to incorporate virus scanning features in your PHP scripts.
Check also the following security websites:
Founded in January 2005, the PHP Security Consortium (PHPSC) is an international group of PHP experts dedicated to promoting secure programming practices within the PHP community. Members of the PHPSC seek to educate PHP developers about security through a variety of resources, including documentation, tools, and standards.
This tool is going to check if any URLs from your site are currently listed in a couple of Phishing DBs. If it finds any the tool will let you know if Google has the URL flagged for Social Engineering. It is also going to check the URL you enter to see if it is currently listed in Google’s Malware API, if Google has the URL flagged.
When you submit the tool will query the API to see if the URL is listed and respond with -
null -> The URL/domain is not currently flagged by Google, not in the Safe Browsing API.
MALWARE -> The domain is currently flagged by Google as malicious
SOCIAL_ENGINEERING -> The URL is currently flagged by Google as a SOCIAL_ENGINEERING URL, either "traditional phishing" OR deceptive content - SEE: Social Engineering (Phishing and Deceptive Sites)
UNWANTED_SOFTWARE -> The domain is currently flagged by Google for downloading unwanted software - SEE:Unwanted Software Policy
MALWARE, SOCIAL_ENGINEERING, UNWANTED_SOFTWARE -> You can probably figure this one out (real rare for this to occurr)
Performant Endpoint Visibility
osquery allows you to easily ask questions about your Linux, Windows, and macOS infrastructure. Whether your goal is intrusion detection, infrastructure reliability, or compliance, osquery gives you the ability to empower and inform a broad set of organizations within your company.
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 1484120AC4E9F8A1A577AEEE97A80C63C9D8B80B
sudo add-apt-repository "deb [arch=amd64] https://osquery-packages.s3.amazonaws.com/xenial xenial main"
sudo apt-get update
sudo apt-get install osquery
Hi,
I've talked about SSHFP in my last blog post and now, let’s talk about TLSA, another useful DNS record to put in a DNSSEC secured zone.
I will apply the example to HTTPS here but you can do this for everything that use TLS in fact (except for the web browser plugin part).
DANE and TLSA
PHP Malware Finder
Webshell finder,
kiddies hunter,
website cleaner.
https://github.com/nbs-system/php-malware-finder
Detect potentially malicious PHP files.
Scan Linux for Vulnerable Packages
How do you know wether your Linux server (which has no desktop update notifier or unattended security updates running) does need to be updated? Of course an
apt-get update && apt-get --dry-run upgrade
might give an indication. But what of the package upgrades do stand for security risks and whose are only simple bugfixes you do not care about?
Check using APT
One useful possibility is apticron which will tell you which packages should be upgraded and why. It presents you the package ChangeLog to decided wether you want to upgrade a package or not. Similar but less details is cron-apt which also informs you of new package updates.
Open source auditing
https://cisofy.com/documentation/lynis/get-started/#installation-git
Lynis is an open source security auditing tool. Used by system administrators, security professionals, and auditors, to evaluate the security defenses of their Linux and UNIX-based systems. It runs on the host itself,
so it performs more extensive security scans than vulnerability scanners. It is also the client in our Lynis Enterprise offering.
Supported operating systems
Lynis runs on almost all UNIX-based systems and versions, including:
AIX
FreeBSD
HP-UX
Linux
macOS
NetBSD
OpenBSD
Solaris
and others ```
UniqueMachine
is my computer unique?(Developing, not fully supported)
badssl check
Nous sommes utilisateurs de nombreux identifiants en tout genre pour accéder à des services. Nos contrats sont immatériels, car conclus en ligne. Nos paiements ou prélèvements sont bien réels. Gérer avec rigueur cet ensemble d'informations devient un enjeu important pour nous, mais aussi pour nos ayants droit qui auront bien des difficultés à retrouver toutes ces informations disséminées sur le NET, si nous ne les regroupons pas et n'en assurons pas la transmission.
MemoCloud apporte une réponse à ces attentes en permettant de stocker et gérer toutes ces informations numériques en ligne. Et parce que cela peut être utile, nous proposons de gérer vos documents importants (copies actes authentiques, assurances vie, produits financiers, etc..), ainsi que vos instructions en cas d'incapacité ou décès.
MemoCloud est votre coffre-fort numérique pour toutes vos informations importantes.
En cas d’incapacité ou de décès MemoCloud assure la transmission (distribution) des informations aux bénéficiaires que vous avez désignés en cas d'incapacité ou de décès. C’est la fonction testamentaire de MemoCloud.
MemoCloud est en ligne, vous pouvez l'utiliser dès à présent,
S'inscrire et profiter des services de MemoCloud est gratuit pour la fonction coffre fort, avec une limite de stockage de 100 Mo.
Pour profiter de la transmission des informations aux bénéficiaires que vous aurez désignés, nous proposons un abonnement de 40€ TTC par an et un espace de stockage porté à 1 Go.
MemoCloud est aujourd'hui la solution qui propose une chaîne complète de services de stockage, gestion et transmission.
Nous sommes la garantie que vos informations ne s'égareront pas dans le réseau mondial, mais seront distribuées aux bonnes personnes pour le meilleur usage.
MemoCloud est l'assurance vie de vos informations numériques
AnonTab allows you to browse safely, anonymously and privately to any suspicious URLs from within your everyday browser!
This extension simply equips your web browser with a special tab in which your real IP address is masked via public Google proxy servers; all connections are SSL/TLS encrypted. No tracking, no logs, no scripts and no history entries—totally off the record browsing. Fear not!
GitHub repository: https://github.com/0xsobky/AnonTab.
SysGauge is a free system and performance monitoring utility allowing one to monitor the CPU usage, memory usage, network transfer rate, operating system performance, the status and resource usage of running processes, file system performance, USB performance, disk space usage, disk read activity, disk write activity, disk read transfer rate, disk write transfer rate, disk read IOPS and disk write IOPS for individual logical disks or all physical disks installed in the computer.
Download SysGauge v1.5.18
32 bit http://www.sysgauge.com/setups/sysgauge_setup_v1.5.18.exe
64 bit http://www.sysgauge.com/setups_x64/sysgauge_setup_v1.5.18_x64.exe