EmoCheck

GitHub release Github All Releases

Emotet detection tool for Windows OS.
How to use

Download EmoCheck from the Releases page.
Run EmoCheck on the host.
Check the exported report.

Home SSH Hardening Guides Contact

About

This free tool audits the configuration of an SSH server or client and highlights the areas needing improvement.

Too many admins overlook SSH configuration when setting up new systems. Unfortunately, the defaults for many operating systems are optimized for compatibility, not security.

To see a sample report, click here.

Analysis Report http://winnti-scanner-victims-will-be-notified.threatsinkhole.com

Kaspersky
Threat Intelligence Portal

Check you file !!!

Taipan - Web Application Security Scanner

https://github.com/taipan-scanner/Taipan/releases/latest

Taipan is a an automated web application scanner which allows to identify web vulnerabilities in an automatic fashion. This project is the core engine of a broader project which include other components, like a web dashboard where you can manage your scan or download a PDF report and a scanner agent to run on specific host. Below are some screenshots of the Taipan dashboard:

If you are interested in trying the full product, you can contact me at: aparata[AT]gmail.com

Release Download

• Source code
• Download binary

Download Build Release

If you want to try the dev version of Taipan without to wait for an official release, you can download the build version. This version is built every time that a commit is done and the build process is not broken.

You can download it from the Artifacts Directory.

Using Taipan

Taipan can run on both Windows (natively) and Linux (with mono). To run it in Linux you have to install mono in version >= 4.8.0. You can track the implementation of the new features in the related <a href="https://github.com/taipan-scanner/Taipan/projects/1">Kanban board</a>.

Scan Profile

Taipan allow to scan the given web site by specify different kind of profiles. Each profile enable or disable a specific scan feature, to show all the available profile just run Taipan with the --show-profiles_ option.

Scan/Stop/Pause a scan

During a scan you can interact with it by set the scan in Pause or Stop it if necessary. In order to do so you have to press:

• P: pause the scan
• S: stop the scan
• R: resume a paused scan

The state change is not immediate and you have to wait until all threads have reached the desider state.

Launch a scan

To launch a new scan you have to provide the url and the profile which must be used. It is not necessary to specify the full profile name, a prefix is enough.

Taipan.exe -p Full -u http://127.0.0.1/

Below an example of execution:

<a href="https://asciinema.org/a/166362" target="_blank"><img src="https://asciinema.org/a/166362.png" /></a>

Taipan Components

Taipan is composed of four main components:

• Web Application fingerprinter: it inspects the given application in order to identify if it is a COTS application. If so, it extracts the identified version.
• Hidden Resource Discovery: this component scans the application in order to identify resources that are not directly navigable or that shouldn't be accessed, like secret pages or test pages.
• Crawler: This component navigates the web site in order to provide to the other components a list of pages to analyze. It allows to mutate the request in order to find not so common pathes.
• Vulnerability Scanner: this component probes the web application and tries to identify possible vulnerabilities. It is composed of various AddOn in order to easily expand its Knowledge Base.

License

.NET Core (including the coreclr repo) is licensed under the MIT license.

License: GNU General Public License, version 2 or later; see LICENSE included in this archive for details.

How web malware scanner works?

Comodo Web malware scanner uses advanced malware detection technologies to identify viruses and malicious code on a web page. It is a cloud-based service that can detect continuous security threats and attacks on e-commerce websites. Further, the Web Inspector also utilizes sophisticated technologies such as

Dynamic page analysis,
Signature based detection
Buffer overflow detection
Heuristic detection techniques

Links of malware hack check tools :

• Loki
• phpscanner
• php-malware-finder
• php-malware-scanner
• Yasca
• acunetix
• RIPS-scanner
• nikto2
• phpsecaudit
• sectools
• phpsec

Loki

Simple IOC Scanner
Scanner for Simple Indicators of Compromise

phpscanner

PHP scanner written in Python for identifying PHP backdoors and php malicious code. This tool is mainly reusing below mentioned tools. To use this tool, you need to install yara library for Python from the source.

php-malware-finder

Does its very best to detect obfuscated/dodgy code as well as files using PHP functions often used in malwares/webshells. Detection is performed by crawling the filesystem and testing files against a set of YARA rules.

php-malware-scanner

Scans the current working directory and display results with the score greater than the given value. Released under the MIT license.

Yasca (GitHub)

an open source program which looks for security vulnerabilities, code-quality, performance, and conformance.

acunetix Web Security Scanner

Acunetix WVS automatically checks your web applications for SQL Injection, XSS & other web vulnerabilities.

RIPS

A static source code analyser for vulnerabilities in PHP .scripts

nikto2

an open source web server scanner which performs comprehensive tests against web servers for multiple items, including potentially dangerous files/program.

ClamAV extension for PHP (php-clamav) - a fork of the php-clamavlib project allows to incorporate virus scanning features in your PHP scripts.

Older projects: securityscanner, phpsecaudit.

Check also the following security websites:

sectools.org

phpsec.org PHP Security Consortium

    Founded in January 2005, the PHP Security Consortium (PHPSC) is an international group of PHP experts dedicated to promoting secure programming practices within the PHP community. Members of the PHPSC seek to educate PHP developers about security through a variety of resources, including documentation, tools, and standards.

Lynis

Open source auditing

https://cisofy.com/documentation/lynis/get-started/#installation-git

Lynis is an open source security auditing tool. Used by system administrators, security professionals, and auditors, to evaluate the security defenses of their Linux and UNIX-based systems. It runs on the host itself,

so it performs more extensive security scans than vulnerability scanners. It is also the client in our Lynis Enterprise offering.
Supported operating systems

Lynis runs on almost all UNIX-based systems and versions, including:

    AIX
    FreeBSD
    HP-UX
    Linux
    macOS
    NetBSD
    OpenBSD
    Solaris
    and others ```

mail scan security

Malware Analysis by Cuckoo Sandbox