Jan 16, 2015

Tools: Open Source Gitrob tool scans GitHub Repository for sensitive information

Open source tool called Gitrob trawls the Github repositories for sensitive data  Security researcher and member of SoundCloud security team, Michael Henriksen has developed a open source command line tool that can crawl the GitHub repositories and reveal sensitive information back to him.  Henriksen was tasked by SoundCloud to come up with creating a system that will constantly check the company’s GitHub organizations (i.e. repositories) for unintentionally leaked sensitive information. Henrikson did just that.  He has developed an open source, command line tool that can be used for occasional checks of the same nature both by companies’ security personnel and by professional penetration testers looking for an easy way into a target organizations’ networks.  Developers generally like to share their code with many of them do so by open sourcing it on GitHub, a social code hosting and collaboration service. Many companies also use GitHub as a convenient place to host both private and public code repositories by creating GitHub organizations where employees can be joined.  Sometimes employees might publish things that should not be publicly available.  They may publish sensitive information such as credentials, private keys, secret tokens, and so on,  Such things can be harvested by cyber criminals and in turn they can directly compromise the system of the company that owns that particular repository. This can happen by accident or because the employee does not know the sensitivity of the information.  Henriksen’s tool Gitrob makes it easy to search all the public repositories of a company’s GitHub organization, as well as all the public repositories of the organization’s members (the company’s employees). 

How it works
Gitrob first starts collecting all public repositories of the organization itself. It then goes on to collect all the organization members and their public repositories, in order to compile a list of repositories that might be related or have relevance to the organization.  When the list of repositories has been compiled, it proceeds to gather all the filenames in each repository and runs them through a series of observers that will flag the files, if they match any patterns of known sensitive files. This step might take a while if the organization is big or if the members have a lot of public repositories.  All of the members, repositories and files will be saved to a PostgreSQL database. When everything has been sifted through, it will start a Sinatra web server locally on the machine, which will serve a simple web application to present the collected data for analysis.  Henriksen tested the tool against a number of GitHub organizations belonging big and small firms and found surprising results. “The tool found several interesting things ranging from low-level, to bad and all the way to company-destroying kind of information disclosure,” he noted, adding that he notified the companies in question of this so that they can remove the information in question.

Source:: http://www.techworm.net/2015/01/open-source-gitrob-tool-scans-github-repository-sensitive-information.html


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Jan 15, 2015

Howto: One line command for check(ping6) IPv6

ping6 -c3 -I wlan0 ff02::1 | awk ' /bytes from/ { print $4 }' | sort -u | sed 's/:$//'

ping6 -c3 -I wlan0 ff02::1 | awk ' /bytes from/ { print $4 }' | sort -u | sed 's/:$//' | awk '{ print "ping6 -c3 -I wlan0 " $1 }'  | /bin/sh | awk ' /PING/ { print $2 } /packets transmitted/ { print $0 "\n" }  '  
 

Source:: http://ipv6-or-no-ipv6.blogspot.be/2015/01/one-liner-to-check-and-ping6-ipv6.html


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Tools: Digital image forensics - Automated and open source

 All Ghiro features can be controlled via web interface. You can upload images, bunch of images, navigate reports, get a quick or deep overview of images analysis.  You can group images in cases, search for any kind of analysis data, search photo near a GPS location, administer users, view all images in the system.  

Source:: http://www.getghiro.org/

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Tools: CapTipper - Malicious HTTP traffic explorer tool

CapTipper is a python tool to analyze, explore and revive HTTP malicious traffic. CapTipper sets up a web server that acts exactly as the server in the PCAP file, and contains internal tools, with a powerful interactive console, for analysis and inspection of the hosts, objects and conversations found.  The tool provides the security researcher with easy access to the files and the understanding of the network flow, and is useful when trying to research exploits, pre-conditions, versions, obfuscations, plugins and shellcodes.  Feeding CapTipper with a drive-by traffic capture (e.g of an exploit kit) displays the user with the requests URI's that were sent and responses meta-data. The user can at this point browse to http://127.0.0.1/[URI] and receive the response back to the browser. In addition, an interactive shell is launched for deeper investigation using various commands such as: hosts, hexdump, info, ungzip, body, client, dump and more.

Source:: http://omriher.blogspot.co.il/2015/01/captipper-malicious-http-traffic.html




If you like my blog, Please Donate Me
Or Click The Banner For Support Me.