Search the Community

contents this is the server side code written in nodejs for screenshotting Tor websites. The code itself is just a puppeteer that connects to tor websites through a TOR proxy (which I setup on a different server. See the image below for instructions on how to setup a tor proxy) Its written as a docker img that fetches a list of tor sites from Amazon DynamoDB (you can replace this with SQL), then crawls each one and takes screenshot of them all. Stores it on S3 then exists. This project was run once a day on Azure Container Instances. the lambdasubmitsite.js is redundant actually and can be ignore. Its a rest endpoint (aws lambda) to receive user submitted Tor sites. setup tor proxy in the code you can see the following line const config_tor_proxies = ["18.130.24.239:56826", "18.130.24.239:56824"] I setup two instances of Tor and port 56826 and 56824. One is also sufficient. [Hidden Content]

In modern times as data becomes more secure with encryption, there are certain attacks that you may not be aware of. One specific type of attack is called a side-channel attack. What is a side-channel attack? Side-channel attacks rely on measuring tendencies and frequencies of your computer to establish patterns that can extract private information from your machine. Side-channel attacks or SCA, monitor your power use and electromagnetic emissions during cryptographic operations. Due to the low cost and simplicity of these attacks, multiple side-channel techniques can be used. Here is a list of the different techniques: Cache Attack — Monitor your cache accesses in a shared physical system. Commonly found in virtualized environment or a type of cloud service. Timing Attack — Monitor the time of computations and establishing patterns. Power-Monitoring Attack — Monitor the power consumption by the hardware during computation. Electromagnetic Attack — Based on leaked electromagnetic radiation, which can directly provide plain texts and other information. Such measurements can be used to infer cryptographic keys using techniques equivalent to those in power analysis or can be used in non-cryptographic attacks. Acoustic Cryptanalysis — Exploits sound produced during a computation (rather like power analysis). Differential Fault Analysis — Secrets are discovered by introducing faults in a computation. Data Remanence — Sensitive data are read after supposedly having been deleted. Software-Initiated Fault Attacks — Currently a rare class of side-channels, row hammer is an example in which off-limits memory can be changed by accessing adjacent memory too often (causing state retention loss). Optical - Secrets and sensitive data can be read by visual recording using a high resolution camera, or other devices that have such capabilities (see examples below). Countermeasures Different ways to help prevent these attacks have been introduced but not widely implemented. A few ways to try to prevent these attacks are: Eliminating the release of private information or making sure this information is unrelated to your private data. Power line conditioning and filtering to deter power-monitoring attacks as well as emitting a channel with noise. Blinding technique that serves to alter the algorithm’s input into some unpredictable state rendering some or all of the leakage of useful information. Once your keys are established, hackers could gain access to your data and could increase your chances of corruption or removal. Side-channel and other types of cyberattacks are one of the key reasons you should always have redundant backups running using a service like Jungle Disk and another form of backup such as an external hard drive or network attached storage device.

Side Channel Attacks: What They Are and How to Prevent Them In modern times as data becomes more secure with encryption, there are certain attacks that you may not be aware of. One specific type of attack is called a side-channel attack. What is a side-channel attack? Side-channel attacks rely on measuring tendencies and frequencies of your computer to establish patterns that can extract private information from your machine. Side-channel attacks or SCA, monitor your power use and electromagnetic emissions during cryptographic operations. Due to the low cost and simplicity of these attacks, multiple side-channel techniques can be used. Here is a list of the different techniques: Cache Attack — Monitor your cache accesses in a shared physical system. Commonly found in virtualized environment or a type of cloud service. Timing Attack — Monitor the time of computations and establishing patterns. Power-Monitoring Attack — Monitor the power consumption by the hardware during computation. Electromagnetic Attack — Based on leaked electromagnetic radiation, which can directly provide plain texts and other information. Such measurements can be used to infer cryptographic keys using techniques equivalent to those in power analysis or can be used in non-cryptographic attacks. Acoustic Cryptanalysis — Exploits sound produced during a computation (rather like power analysis). Differential Fault Analysis — Secrets are discovered by introducing faults in a computation. Data Remanence — Sensitive data are read after supposedly having been deleted. Software-Initiated Fault Attacks — Currently a rare class of side-channels, row hammer is an example in which off-limits memory can be changed by accessing adjacent memory too often (causing state retention loss). Optical - Secrets and sensitive data can be read by visual recording using a high resolution camera, or other devices that have such capabilities (see examples below). Countermeasures Different ways to help prevent these attacks have been introduced but not widely implemented. A few ways to try to prevent these attacks are: Eliminating the release of private information or making sure this information is unrelated to your private data. Power line conditioning and filtering to deter power-monitoring attacks as well as emitting a channel with noise. Blinding technique that serves to alter the algorithm’s input into some unpredictable state rendering some or all of the leakage of useful information. Once your keys are established, hackers could gain access to your data and could increase your chances of corruption or removal. Side-channel and other types of cyberattacks are one of the key reasons you should always have redundant backups running using a service like Jungle Disk and another form of backup such as an external hard drive or network attached storage device.

CAINE 11 - GNU/Linux Live Distribution For Digital Forensics Project, Windows Side Forensics And Incident Response CAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a Digital Forensics project. Currently, the project manager is Nanni Bassetti (Bari - Italy). CAINE offers a complete forensic environment that is organized to integrate existing software tools as software modules and to provide a friendly graphical interface. The main design objectives that CAINE aims to guarantee are the following: an interoperable environment that supports the digital investigator during the four phases of the digital investigation a user-friendly graphical interface user-friendly tools CAINE represents fully the spirit of the Open Source philosophy because the project is completely open, everyone could take on the legacy of the previous developer or project manager. The distro is open source, the Windows side is freeware and, the last but not least, the distro is installable, thus giving the opportunity to rebuild it in a new brand version, so giving a long life to this project... The important news is CAINE 11.0 blocks all the block devices (e.g. /dev/sda), in Read-Only mode. You can use a tool with a GUI named BlockON/OFF present on CAINE's Desktop. This new write-blocking method assures all disks are really preserved from accidentally writing operations, because they are locked in Read-Only mode. If you need to write a disk, you can unlock it with BlockOn/Off or using "Mounter" changing the policy in writable mode. CAINE is always more fast during the boot. CAINE 11.0 can boot to RAM (toram). IMPORTANT CHANGES: All devices are blocked in Read-Only mode, by default. New tools, new OSINT, Autopsy 4.13 onboard, APFS ready,BTRFS forensic tool, NVME SSD drivers ready! SSH server disabled by default (see Manual page for enabling it). SCRCPY - screen your android device Autopsy 4.13 + additional plugins by McKinnon. X11VNC Server - to control CAINE remotely. hashcat NEW SCRIPTS (Forensics Tools - Analysis menu) AutoMacTc - a forensics tool for Mac. Bitlocker - volatility plugin Autotimeliner - Automagically extract forensic timeline from volatile memory dumps. Firmwalker - firmware analyzer. CDQR - Cold Disk Quick Response tool many others fixing and software updating. [HIDE][Hidden Content]]

Hawtio versions 2.5.0 and below suffer from a server side request forgery vulnerability. View the full article

TheHive Project Cortex versions 2.1.3 and below suffer from a server-side request forgery vulnerability. View the full article