Accounts
8,165,160,541
Leaks
810
Leaked accounts per day
879,875
Is someone spying on you?
Everyday personal data is stolen in criminal cyber attacks. A large part of the stolen information is subsequently made public on Internet databases, where it serves as the starting point for other illegal activities.
With the HPI Identity Leak Checker, it is possible to check whether your email address, along with other personal data (e.g. telephone number, date of birth or address), has been made public on the Internet where it can be misused for malicious purposes.
Reviews
October 29, 2018
Martin Brinkmann: A look at Spybot Identity Monitor for Windows
Spybot Identity Monitor is a simple program to monitor email addresses and usernames against the Have I Been Pwned database of leaked account information.
The program offers a better overview in my opinion as you can add as many accounts as you like to it and get information about all of them in the interface. The option to rerun checks on logon is useful if you are particularly worried about accounts.
This is a simple place where you can download crackmes to improve your reverse engineering skills. If you want to submit a crackme or a solution to one of them, you must register. But before that, I strongly recommend you to read the FAQ
Number of users:
1500
Number of crackmes:
3016
Number of solutions:
4206
Vérifiez la sécurité de votre compte Gmail
Taipan - Web Application Security Scanner
https://github.com/taipan-scanner/Taipan/releases/latest
Taipan is a an automated web application scanner which allows to identify web vulnerabilities in an automatic fashion. This project is the core engine of a broader project which include other components, like a web dashboard where you can manage your scan or download a PDF report and a scanner agent to run on specific host. Below are some screenshots of the Taipan dashboard:
If you are interested in trying the full product, you can contact me at: aparata[AT]gmail.com
Release Download
Download Build Release
If you want to try the dev version of Taipan without to wait for an official release, you can download the build version. This version is built every time that a commit is done and the build process is not broken.
You can download it from the Artifacts Directory.
Using Taipan
Taipan can run on both Windows (natively) and Linux (with mono). To run it in Linux you have to install mono in version >= 4.8.0. You can track the implementation of the new features in the related <a href="https://github.com/taipan-scanner/Taipan/projects/1">Kanban board</a>.
Scan Profile
Taipan allow to scan the given web site by specify different kind of profiles. Each profile enable or disable a specific scan feature, to show all the available profile just run Taipan with the --show-profiles_ option.
Scan/Stop/Pause a scan
During a scan you can interact with it by set the scan in Pause or Stop it if necessary. In order to do so you have to press:
- P: pause the scan
- S: stop the scan
- R: resume a paused scan
The state change is not immediate and you have to wait until all threads have reached the desider state.
Launch a scan
To launch a new scan you have to provide the url and the profile which must be used. It is not necessary to specify the full profile name, a prefix is enough.
Taipan.exe -p Full -u http://127.0.0.1/Below an example of execution:
<a href="https://asciinema.org/a/166362" target="_blank"><img src="https://asciinema.org/a/166362.png" /></a>
Taipan Components
Taipan is composed of four main components:
- Web Application fingerprinter: it inspects the given application in order to identify if it is a COTS application. If so, it extracts the identified version.
- Hidden Resource Discovery: this component scans the application in order to identify resources that are not directly navigable or that shouldn't be accessed, like secret pages or test pages.
- Crawler: This component navigates the web site in order to provide to the other components a list of pages to analyze. It allows to mutate the request in order to find not so common pathes.
- Vulnerability Scanner: this component probes the web application and tries to identify possible vulnerabilities. It is composed of various AddOn in order to easily expand its Knowledge Base.
License
.NET Core (including the coreclr repo) is licensed under the MIT license.
License: GNU General Public License, version 2 or later; see LICENSE included in this archive for details.
Debian/Ubuntu
Le comportement par défaut de Debian et Ubuntu est d’utiliser service memcached status/start/restart/force-reload pour gérer le service Memcached. Si tel est votre cas, éditez le fichier /etc/memcached.conf en étant connecté en root.
Vous pouvez commencer par ajouter cette option qui désactive l’écoute UDP, laquelle est obsolète, comme expliqué précédemment.
Disable UDP protocol
-U 0
Si votre serveur memcached n’est utilisé que par la machine locale, vous pouvez alors activer l’option suivante qui vous évitera d’exposer votre service sur Internet :
-l 127.0.0.1
Une fois les modifications effectuées, sauvegardez le fichier et utilisez l’une de ces deux commandes pour redémarrer votre configuration :
service memcached force-reload
/etc/init.d/memcached force-reload
CentOS - Fedora - Red Hat
Le comportement par défaut de CentOS, Fedora et Red Hat est d’utiliser service memcached status/start/restart/force-reload pour gérer le service Memcached. Si tel est votre cas, éditez le fichier /etc/sysconfig/memcached en étant connecté en root.
Si votre serveur memcached n’est utilisé que par la machine locale, nous vous conseillons la ligne d’OPTIONS suivante qui vous évitera d’exposer votre service sur Internet en désactivant le protocole UDP, lequel est devenu obsolète :
OPTIONS="-l 127.0.0.1 -U 0"
Si votre serveur memcached est également utilisé par des serveurs tiers, alors cette simple ligne d’OPTIONS permettra de désactiver uniquement le protocole UDP :
OPTIONS="-U 0"
Une fois les modifications effectuées, sauvegardez le fichier et utilisez la commande suivante pour redémarrer la configuration :
sudo service memcached force-reload
Arch Linux
Le comportement par défaut d’Arch Linux est d’utiliser systemctl start/restart/stop memcached pour gérer le service Memcached. Si tel est votre cas, éditez le fichier /usr/lib/systemd/system/memcached en étant connecté en root.
Si votre serveur memcached n’est utilisé que par la machine locale, nous vous conseillons la ligne suivante qui vous évitera d’exposer votre service sur Internet en désactivant le protocole UDP, lequel est devenu obsolète :
ExecStart=/usr/bin/memcached -l 127.0.0.1 -U 0 -o modern
Si votre serveur memcached est également utilisé par des serveurs tiers, alors cette simple ligne permettra de désactiver uniquement le protocole UDP :
ExecStart=/usr/bin/memcached -U 0 -o modern
Une fois les modifications effectuées, sauvegardez le fichier et utilisez l’une de ces deux commandes pour redémarrer la configuration :
sudo systemctl daemon-reload
sudo systemctl force-reload memcached
French Data Network – FDN (IPv4 : 80.67.169.12 / 80.67.169.40 – IPv6 : 2001:910:800::12 / 2001:910:800::40)
OpenDNS (IPv4 : 208.67.222.222 / 208.67.220.220 – IPv6 : 2620:0:ccc::2 / 2620:0:ccd::2)
FreeDNS (IPv4 : 37.235.1.174 / 37.235.1.177)
Level3 (IPv4 : 209.244.0.3 / 209.244.0.4)
DNS Watch (IPv4 : 84.200.69.80 / 84.200.70.40 – IPv6 : 2001:1608:10:25::1c04:b12f / 2001:1608:10:25::9249:d69b)
UncensoredDNS (IPv4 : 91.239.100.100 / 89.233.43.71 – IPv6 : 2001:67c:28a4:: / 2a01:3a0:53:53::)
Verisign (IPv4 : 64.6.64.6 / 64.6.65.6 – IPv6 : 2620:74:1b::1:1 / 2620:74:1c::2:2)
Comodo Secure DNS (IPv4 : 8.26.56.26 / 8.20.247.20)
DNS Advantage (IPv4 : 156.154.70.1 / 156.154.71.1)
Norton ConnectSafe (IPv4 : 199.85.126.10 / 199.85.127.10)
OpenNIC (IPv4 : 185.121.177.177 / 169.239.202.202 – IPV6 : 2a05:dfc7:5::53 / 2a05:dfc7:5353::53)
Quad9 (IPv4 : 9.9.9.9 – IPv6 : 2620:fe::fe)
Crypto Sheriff
Pour nous permettre de définir le type de rançongiciel qui affecte votre système, nous vous prions de remplir le formulaire ci-dessous. Ainsi, nous pourrons verifier si une solution est disponible. Si c’est bien le cas, nous vous fournirons un lien pour télécharger la solution de déchiffrement.
Comment oseriez-vous répondre non ? Lorsque vous n’avez rien à cacher, vous ne pouvez pas faire de distinction entre ce que vous admettez rendre public et ce qui vous dérange un peu plus. Dès lors que vous imposez une barrière, vous avez quelque chose à cacher (et c’est bien normal !).
Nous autres, êtres humains, nous distinguons les uns des autres parce que nous avons tous une vie privée, une intimité que nous ne dévoilons pas à tout bout de champ.
http://jenairienacacher.fr/
Quickstart
PhpMetrics provides various metrics about PHP projects.
Installation
composer global require 'phpmetrics/phpmetrics'
phpmetrics --report-html=myreport.html /path/of/your/sources
How web malware scanner works?
Comodo Web malware scanner uses advanced malware detection technologies to identify viruses and malicious code on a web page. It is a cloud-based service that can detect continuous security threats and attacks on e-commerce websites. Further, the Web Inspector also utilizes sophisticated technologies such as
Dynamic page analysis,
Signature based detection
Buffer overflow detection
Heuristic detection techniquesLinks of malware hack check tools :
- Loki
- phpscanner
- php-malware-finder
- php-malware-scanner
- Yasca
- acunetix
- RIPS-scanner
- nikto2
- phpsecaudit
- sectools
- phpsec
Loki
Simple IOC Scanner
Scanner for Simple Indicators of Compromise
phpscanner
PHP scanner written in Python for identifying PHP backdoors and php malicious code. This tool is mainly reusing below mentioned tools. To use this tool, you need to install yara library for Python from the source.
php-malware-finder
Does its very best to detect obfuscated/dodgy code as well as files using PHP functions often used in malwares/webshells. Detection is performed by crawling the filesystem and testing files against a set of YARA rules.
php-malware-scanner
Scans the current working directory and display results with the score greater than the given value. Released under the MIT license.
Yasca (GitHub)
an open source program which looks for security vulnerabilities, code-quality, performance, and conformance.
acunetix Web Security Scanner
Acunetix WVS automatically checks your web applications for SQL Injection, XSS & other web vulnerabilities.
RIPS
A static source code analyser for vulnerabilities in PHP .scripts
nikto2
an open source web server scanner which performs comprehensive tests against web servers for multiple items, including potentially dangerous files/program.
ClamAV extension for PHP (php-clamav) - a fork of the php-clamavlib project allows to incorporate virus scanning features in your PHP scripts.
Older projects: securityscanner, phpsecaudit.
Check also the following security websites:
sectools.org
phpsec.org PHP Security Consortium
Founded in January 2005, the PHP Security Consortium (PHPSC) is an international group of PHP experts dedicated to promoting secure programming practices within the PHP community. Members of the PHPSC seek to educate PHP developers about security through a variety of resources, including documentation, tools, and standards.This tool is going to check if any URLs from your site are currently listed in a couple of Phishing DBs. If it finds any the tool will let you know if Google has the URL flagged for Social Engineering. It is also going to check the URL you enter to see if it is currently listed in Google’s Malware API, if Google has the URL flagged.
When you submit the tool will query the API to see if the URL is listed and respond with -
null -> The URL/domain is not currently flagged by Google, not in the Safe Browsing API.
MALWARE -> The domain is currently flagged by Google as malicious
SOCIAL_ENGINEERING -> The URL is currently flagged by Google as a SOCIAL_ENGINEERING URL, either "traditional phishing" OR deceptive content - SEE: Social Engineering (Phishing and Deceptive Sites)
UNWANTED_SOFTWARE -> The domain is currently flagged by Google for downloading unwanted software - SEE:Unwanted Software Policy
MALWARE, SOCIAL_ENGINEERING, UNWANTED_SOFTWARE -> You can probably figure this one out (real rare for this to occurr)Performant Endpoint Visibility
osquery allows you to easily ask questions about your Linux, Windows, and macOS infrastructure. Whether your goal is intrusion detection, infrastructure reliability, or compliance, osquery gives you the ability to empower and inform a broad set of organizations within your company.
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 1484120AC4E9F8A1A577AEEE97A80C63C9D8B80B
sudo add-apt-repository "deb [arch=amd64] https://osquery-packages.s3.amazonaws.com/xenial xenial main"
sudo apt-get update
sudo apt-get install osquery
Burp Suite is the leading software for web security testing_
Thousands of organizations use Burp Suite to find security exposures before it’s too late.
Create and validate TLSA records (DANE)
Hi,
I've talked about SSHFP in my last blog post and now, let’s talk about TLSA, another useful DNS record to put in a DNSSEC secured zone.
I will apply the example to HTTPS here but you can do this for everything that use TLS in fact (except for the web browser plugin part).
DANE and TLSA
PHP Malware Finder
Webshell finder,
kiddies hunter,
website cleaner.
https://github.com/nbs-system/php-malware-finder
Detect potentially malicious PHP files.