Search the Community

Showing results for tags 'distro'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
    • Moderators
    • Staff
    • Administration
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
  • Security & Anonymity
  • Operating Systems | Hardware | Programs
  • Graphic Design
  • vBCms Comments
  • live stream tv
  • Marketplace
  • Pentesting Premium
  • Modders Section
  • PRIV8-Section
  • Pentesting Zone PRIV8
  • Carding Zone PRIV8
  • Recycle Bin

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location


Interests


Occupation


TeamViewer


Twitter


Facebook


Youtube


Google+


Tox

Found 11 results

  1. Security Onion 2.3.21 - Linux distro for intrusion detection, enterprise security monitoring, and log management Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, OSSEC, Sguil, Squert, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes! Below are several diagrams to represent the current architecture and deployment scenarios for Security Onion on the Elastic Stack. Core Components Logstash – Parse and format logs. Elasticsearch – Ingest and index logs. Kibana – Visualize ingested log data. Auxiliary Components Curator – Manage indices through scheduled maintenance. ElastAlert – Query Elasticsearch and alert on user-defined anomalous behavior or other interesting bits of information. FreqServer -Detect DGAs and find random file names, script names, process names, service names, workstation names, TLS certificate subjects and issuer subjects, etc. DomainStats – Get additional info about a domain by providing additional context, such as creation time, age, reputation, etc. Changelog v2.3.21 soup has been refactored. You will need to run it a few times to get all the changes properly. We are working on making this even easier for future releases. soup now has awareness of Elastic Features and now downloads the appropriate Docker containers. The Sensors interface has been renamed to Grid. This interface now includes all Security Onion nodes. Grid interface now includes the status of the node. The status currently shows either Online (blue) or Offline (orange). If a node does not check-in on time then it will be marked as Offline. Grid interface now includes the IP and Role of each node in the grid. Grid interface includes a new Filter search input to filter the visible list of grid nodes to a desired subset. As an example, typing in “sensor” will hide all nodes except those that behave as a sensor. The Grid description field can now be customized via the local minion pillar file for each node. SOC will now draw attention to an unhealthy situation within the grid or with the connection between the user’s browser and the manager node. For example, when the Grid has at least one Offline node the SOC interface will show an exclamation mark in front of the browser tab’s title and an exclamation mark next to the Grid menu option in SOC. Additionally, the favicon will show an orange marker in the top-right corner (dynamic favicons not supported in Safari). Additionally, if the user’s web browser is unable to communicate with the manager the unhealth indicators appear along with a message at the top of SOC that states there is a connection problem. Docker has been upgraded to the latest version. Docker should be more reliable now as Salt is now managing daemon.json. You can now install Elastic in a traditional cluster. When setting up the manager select Advanced and follow the prompts. Replicas are controlled in global.sls. You can now use Hot and Warm routing with Elastic in a traditional cluster. You can change the box.type in the minion’s sls file. You will need to create a curator job to re-tag the indexes based on your criteria. Telegraf has been updated to version 1.16.3. Grafana has been updated to 7.3.4 to resolve some XSS vulnerabilities. Grafana graphs have been changed to graphs vs guages so alerting can be set up. Grafana is now completely pillarized, allowing users to customize alerts and making it customizable for email, Slack, etc. See the docs here: [Hidden Content] Yara rules now should properly install on non-airgap installs. Previously, users had to wait for an automated job to place them in the correct location. Strelka backend will not stop itself any more. Previously, its behavior was to shut itself down after fifteen minutes and wait for Salt to restart it to look for work before shutting down again. Strelka daily rule updates are now logged to /nsm/strelka/log/yara-update.log Several changes to the setup script to improve install reliability. Airgap now supports the import node type. Custom Zeek file extraction values in the pillar now work properly. TheHive has been updated to support Elastic 7. Cortex image now includes whois package to correct an issue with the CERTatPassiveDNS analyzer. Hunt and Alert quick action menu has been refactored into submenus. New clipboard quick actions now allow for copying fields or entire events to the clipboard. PCAP Add Job form now retains previous job details for quickly adding additional jobs. A new Clear button now exists at the bottom of this form to clear out these fields and forget the previous job details. PCAP Add Job form now allows users to perform arbitrary PCAP lookups of imported PCAP data (data imported via the so-import-pcap script). Downloads page now allows direct download of Wazuh agents for Linux, Mac, and Windows from the manager, and shows the version of Wazuh and Elastic installed with Security Onion. PCAP job interface now shows additional job filter criteria when expanding the job filter details. Upgraded authentication backend to Kratos 0.5.5. SOC tables with the “Rows per Page” dropdown no longer show truncated page counts. Several Hunt errors are now more descriptive, particularly those around malformed queries. SOC Error banner has been improved to avoid showing raw HTML syntax, making connection and server-side errors more readable. Hunt and Alerts interfaces will now allow pivoting to PCAP from a group of results if the grouped results contain a network.community_id field. New “Correlate” quick action will pivot to a new Hunt search for all events that can be correlated by at least one of various event IDs. Fixed bug that caused some Hunt queries to not group correctly without a .keyword suffix. This has been corrected so that the .keyword suffix is no longer necessary on those groupby terms. Fixed issue where PCAP interface loses formatting and color coding when opening multiple PCAP tabs. Alerts interface now has a Refresh button that allows users to refresh the current alerts view without refreshing the entire SOC application. Hunt and Alerts interfaces now have an auto-refresh dropdown that will automatically refresh the current view at the selected frequency. The so-elastalert-test script has been refactored to work with Security Onion 2.3. The included Logstash image now includes Kafka plugins. Wazuh agent registration process has been improved to support slower hardware and networks. An Elasticsearch ingest pipeline has been added for suricata.ftp_data. Elasticsearch’s indices.query.bool.max_clause_count value has been increased to accommodate a slightly larger number of fields (1024 -> 1500) when querying using a wildcard. On nodes being added to an existing grid, setup will compare the version currently being installed to the manager (>=2.3.20), pull the correct Security Onion version from the manager if there is a mismatch, and run that version. Setup will gather any errors found during a failed install into /root/errors.log for easy copy/paste and debugging. Selecting Suricata as the metadata engine no longer results in the install failing. so-rule-update now accepts arguments to idstools. For example, so-rule-update -f will force idstools to pull rules, ignoring the default 15-minute pull limit. [hide][Hidden Content]]
  2. Security Onion Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, OSSEC, Sguil, Squert, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes! Below are several diagrams to represent the current architecture and deployment scenarios for Security Onion on the Elastic Stack. Core Components Logstash – Parse and format logs. Elasticsearch – Ingest and index logs. Kibana – Visualize ingested log data. Auxiliary Components Curator – Manage indices through scheduled maintenance. ElastAlert – Query Elasticsearch and alert on user-defined anomalous behavior or other interesting bits of information. FreqServer -Detect DGAs and find random file names, script names, process names, service names, workstation names, TLS certificate subjects and issuer subjects, etc. DomainStats – Get additional info about a domain by providing additional context, such as creation time, age, reputation, etc. Changelog v2.2 RC3 First, we have a new so-analyst script that will optionally install a GNOME desktop environment, Chromium web browser, NetworkMiner, Wireshark, and many other analyst tools. Next, we’ve collapsed Hunt filter icons and action links into a new quick action bar that will appear when you click a field value. Actions include: Filtering the hunt query Pivot to PCAP Create an alert in TheHive Google search for the value Analyze the value on VirusTotal.com Finally, we’ve greatly improved support for airgap deployments. There is more work to be done in the next release, but we’re getting closer! [hide][Hidden Content]]
  3. Security Onion Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, OSSEC, Sguil, Squert, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes! Below are several diagrams to represent the current architecture and deployment scenarios for Security Onion on the Elastic Stack. Core Components Logstash – Parse and format logs. Elasticsearch – Ingest and index logs. Kibana – Visualize ingested log data. Auxiliary Components Curator – Manage indices through scheduled maintenance. ElastAlert – Query Elasticsearch and alert on user-defined anomalous behavior or other interesting bits of information. FreqServer -Detect DGAs and find random file names, script names, process names, service names, workstation names, TLS certificate subjects and issuer subjects, etc. DomainStats – Get additional info about a domain by providing additional context, such as creation time, age, reputation, etc. Changelog v2.0 RC1 Re-branded 2.0 to give it a fresh look All documentation has moved to our docs site soup is alive! Note: This tool only updates Security Onion components. Please use the built-in OS update process to keep the OS and other components up to date. so-import-pcap is back! See the so-import-pcap docs here. Fixed issue with so-features-enable Users can now pivot to PCAP from Suricata alerts ISO install now prompts users to create an admin/sudo user instead of using a default account name The web email & password set during setup is now used to create the initial accounts for TheHive, Cortex, and Fleet Fixed issue with disk cleanup Changed the default permissions for /opt/so to keep non-priviledged users from accessing salt and related files Locked down access to certain SSL keys Suricata logs now compress after they roll over Users can now easily customize shard counts per index Improved Elastic ingest parsers including Windows event logs and Sysmon logs shipped with WinLogbeat and Osquery (ECS) Elastic nodes are now “hot” by default, making it easier to add a warm node later so-allow now runs at the end of an install so users can enable access right away Alert severities across Wazuh, Suricata and Playbook (Sigma) have been standardized and copied to event.severity: 1-Low / 2-Medium / 3-High / 4-Critical Initial implementation of alerting queues: Low & Medium alerts are accessible through Kibana & Hunt High & Critical alerts are accessible through Kibana, Hunt and sent to TheHive for immediate analysis ATT&CK Navigator is now a statically-hosted site in the nginx container Playbook All Sigma rules in the community repo (500+) are now imported and kept up to date Initial implementation of automated testing when a Play’s detection logic has been edited (i.e., Unit Testing) Updated UI Theme Once authenticated through SOC, users can now access Playbook with analyst permissions without login Kolide Launcher has been updated to include the ability to pass arbitrary flags – new functionality sponsored by SOS Fixed issue with Wazuh authd registration service port not being correctly exposed Added option for exposure of Elasticsearch REST API (port 9200) to so-allow for easier external querying/integration with other tools Added option to so-allow for external Strelka file uploads (e.g., via strelka-fileshot) Added default YARA rules for Strelka – default rules are maintained by Florian Roth and pulled from [Hidden Content] Added the ability to use custom Zeek scripts Renamed “master server” to “manager node” Improved unification of Zeek and Strelka file data [hide][Hidden Content]]
  4. Security Onion 16.04.6.5 - Linux distro for intrusion detection, enterprise security monitoring, and log management Security Onion Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, OSSEC, Sguil, Squert, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes! Below are several diagrams to represent the current architecture and deployment scenarios for Security Onion on the Elastic Stack. Core Components Logstash – Parse and format logs. Elasticsearch – Ingest and index logs. Kibana – Visualize ingested log data. Auxiliary Components Curator – Manage indices through scheduled maintenance. ElastAlert – Query Elasticsearch and alert on user-defined anomalous behavior or other interesting bits of information. FreqServer -Detect DGAs and find random file names, script names, process names, service names, workstation names, TLS certificate subjects and issuer subjects, etc. DomainStats – Get additional info about a domain by providing additional context, such as creation time, age, reputation, etc. Changelog v16.04.6.5 Zeek 3.0.3 Suricata 4.1.7 Elastic 6.8.7 CyberChef 9.18.2 [Hidden Content]
  5. AttifyOS is a distro intended to help you perform a security assessment and penetration testing of Internet of Things (IoT) devices. It saves you a lot of time by providing a pre-configured environment with all the necessary tools loaded. The new version is based on Ubuntu 18.04 64-Bit – that also means that you’ll receive updates for this version till April 2023. Tools Included Arduino Baudrate BDAddr BetterCap Binwalk Create_AP Cutter DspectrumGUI Dump1090 Firmadyne Firmware Analysis Toolkit Firmware Analysis Toolkit (FAT) Firmware-Mod-Kit (FMK) GHIDRA GNURadio GQRX GR-GSM GR-Paint HackRF Tools HackRF tools Inspectrum JADx Kalibrate-RTL KillerBee LibMPSSE Liquid-DSP LTE-Cell-Scanner NMAP OOK-Decoder Qiling radare2 RFCat RouterSploit RTL-433 RTL-SDR tools Scapy Spectrum Painter Ubertooth tools- URH (Universal Radio Hacker) [HIDE][Hidden Content]]
  6. [Hidden Content]
  7. ArcoLinux is an Arch Linux based distro that uses Arch Linux as a base elements from the AUR (applications from github, debian (deb), redhat (rpm), compressed files, etc…) ArcoLinux created elements (themes, icons, conky’s, tweaks and configs) Features Provide an operating system with all applications with personal theming installed but also bluetooth, printers, … After the installation no fuss and all fun. Provide a continuous stream of tutorials and knowledge on ArcoLinux. Easy setup. No technical knowledge. Low in cpu and memory consumption Provide all icons, themes, cursors, wallpapers, … out of the box. Provide Windows users a comfortable transition to the (Arch) Linux world. Blazing fast. Linux Arch Linux xfce openbox i3wm awesome budgie cinnamon gnome mate bspwm Changelog CALAMARES NEW VERSION 3.2.8 NEW PROJECT ARCOLINUXB XFCE BARE QTILE TUTORIALS AND PROJECTS QTILE OBLOGOUT QTILE MEMORY WIDGET QTILE NET GRAPH WIDGET QTILE NET WIDGET QTILE BATTERY QTILE SUPER + SHIFT + X BREAKING BAD CONKY MAINTENANCE OF GITHUBS NEW IN .BIN GENERAL IMPROVEMENTS FUTURE EFFORTS STAY ROLLING More… [HIDE][Hidden Content]]
  8. Introduction Pentoo Linux is a Live CD and Live USB, based on Gentoo Linux and designed for penetration testing and security assessment. Therefore, it contains plenty of security-focused and pentesting tools. If you’re looking for Kali Linux or BlackArch alternative, Pentoo Linux might be the right choice for you since it brings a rich hacking software repository for your daily security and hacking tasks. In addition, it’s available for both 32 bit and 64 bit architecture. Pentoo Linux might not be the most beginner-friendly distribution, but for all linux enthisiastics it’ll be adventurous voyage for sure. When it come to the Pentoo flavors, you have to choose between two main: hardened, default or i686. Give this Gentoo Linux Overlay a chance and see how it’ll work for you. Pentoo 2019.0 Current Features : Full UEFI including secure boot support Unetbootin et al support, including "Ubuntu only" changes saving OpenCL Enhanced cracking software including John The Ripper and Hashcat Kernel 4.20.2 and all needed patches for injection including the latest 802.11ac drivers XFCE 4.12 Full tools list to the right -> All the latest tools and a responsive development team! [HIDE][Hidden Content]]
  9. How to Install a Complete Linux Distro on Android [Hidden Content]
  10. BackBox Linux: Security Assessment and Penetration Testing Distro [HIDE][Hidden Content]] BackBox is fast and easy to use penetration testing and security assessments distribution based on Ubuntu core. With its own software repositories, you’ll have access to all necessary tools (regularly updated), that you need for your pentesting and security analysis tasks, organized in three main categories: auditing, services and anonymous. Features: Lightweight Linux distribution based on Ubuntu (should work well even on the old hardware). Standard Xfce desktop environment. Launchpad repository core, constantly updated to the latest stable version of the most known and used ethical hacking tools. Includes some of the most commonly known/used hacking and security analysis tools (web application analysis, network analysis, stress tests, sniffing, vulnerability assessment, forensic analysis, exploitation tools, etc.). Built-in anonymous mode. Well organized and designed menu, intuitive, friendly and easy to use (also suitable for beginners). You can change/modify it to suit your needs, and install additional tools, thet aren’t present in the repositories. and so much more. System requirements: 32-bit or 64-bit processor 1024 MB of system memory (RAM) 10 GB of disk space for installation Graphics card capable of 800×600 resolution DVD-ROM drive or USB port (3 GB) Some of the BackBox Linux Tools Information Gathering arping arp-scan ike-scan p0f Vulnerability Assessment nikto skipfish Miscellaneous scapy Exploitation BeEF sqlmap msfconsole WPscan Privilege Excalation Xhydra John The Ripper medusa dsniff Ettercap Wireshark arp-spoof dns-spoof