Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to

existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile

and so much more. This message will be removed once you have signed in.

Active Hackers

The best community of active hackers. This community has been working in hacking for more than 10 years.

 

Hacker Forum

Hacker from all countries join this community to share their knowledge and their hacking tools

    Hacking Tools

    You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.

      PRIV8

      Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.

      Read Rules

      In this community we follow and respect rules, and they are the same for everyone, regardless of the user's rank. Read the rules well not to be prohibited.

      Sign in to follow this  
      itsMe

      Security Onion 2.2 RC3 - Linux distro for intrusion detection

      Recommended Posts

      Staff

      Hidden Content

        Give reaction to this post to see the hidden content.

      Security Onion

      Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, OSSEC, Sguil, Squert, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!

      Below are several diagrams to represent the current architecture and deployment scenarios for Security Onion on the Elastic Stack.

      Core Components

      Logstash – Parse and format logs.
      Elasticsearch – Ingest and index logs.
      Kibana – Visualize ingested log data.


      Auxiliary Components

      Curator – Manage indices through scheduled maintenance.
      ElastAlert – Query Elasticsearch and alert on user-defined anomalous behavior or other interesting bits of information.
      FreqServer -Detect DGAs and find random file names, script names, process names, service names, workstation names, TLS certificate subjects and issuer subjects, etc.
      DomainStats – Get additional info about a domain by providing additional context, such as creation time, age, reputation, etc.

      Changelog v2.2 RC3

          First, we have a new so-analyst script that will optionally install a GNOME desktop environment, Chromium web browser, NetworkMiner, Wireshark, and many other analyst tools.

          Next, we’ve collapsed Hunt filter icons and action links into a new quick action bar that will appear when you click a field value. Actions include:

           

              Filtering the hunt query
              Pivot to PCAP
              Create an alert in TheHive
              Google search for the value
              Analyze the value on VirusTotal.com

          Finally, we’ve greatly improved support for airgap deployments. There is more work to be done in the next release, but we’re getting closer!

      Hidden Content

        Give reaction to this post to see the hidden content.

       

      Share this post


      Link to post
      Share on other sites

      Join the conversation

      You can post now and register later. If you have an account, sign in now to post with your account.
      Note: Your post will require moderator approval before it will be visible.

      Guest
      Reply to this topic...

      ×   Pasted as rich text.   Paste as plain text instead

      ×   Your link has been automatically embedded.   Display as a link instead

      Sign in to follow this  

      • Similar Content

        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. As the name explains, this plugin makes it fast and easy to capture subscribers right from your WordPress site by simply providing them a freebies to download through email after successful subscription. If you don’t have any freebies to offer then you can even use our plugin just as a subscription plugin too. Choice is simply yours!!
          Hidden Content
          Give reaction to this post to see the hidden content.

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. This tool allows you to scrape keywords from URL's.
          Just load your URL's into "Urls.txt" and start the software.
          You can scrape unlimited keywords.

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. Linux Kodachi operating system is based on Debian 9.5 Xbuntu 18.04 LTS, that it will provide you with a secure, anti-forensic, an anonymous operating system considering all features that a person who is concerned about privacy would need to have in order to be secure.
          Kodachi is very easy to use all you have to do is boot it up on your PC via USB drive then you should have a fully running operating system with an established VPN connection + Tor Connection established + DNScrypt service running. No setup or Linux knowledge is required from your side we do it all for you. The entire OS is functional from your temporary memory RAM so once you shut it down no trace is left behind all your activities are wiped out.
          Kodachi is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity and helps you to:
           
              Use the Internet anonymously.     All connections to the Internet are forced to go through the VPN then Tor network with DNS encryption.     Leave no trace on the computer you are using unless you ask it explicitly.     Use state-of-the-art cryptographic and privacy tools to encrypt your files, emails and instant messaging. Kodachi is based on the solid Linux Debian with customized XFCE this makes Kodachi stable, secure, and unique.
          Changelog v7.4
              Based on: Xbuntu 18.04.5 LTS
              Kernel: 5.9.1
              System: 64bit
              Release date: 23.10.2020
              Tag: Security is the chief enemy of mortals.! | Tag line by William Shakespeare
              Code name: Stable
              + Kernel upgrade from 5.8.0-23 to 5.9.1 some hardware were not compatible with 5.8.0-23
              + Firefox + Signal + Tor browser update
              + Added new information on panic room system information

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. EmbedOS
          EmbedOS – Embedded security testing operating system preloaded with firmware security testing tools. The virtual machine can be downloaded and imported as an OVF file into VirtualBox or VMWare.
          Tools (~/tools)
              Firmware Analysis Toolkit
              Firmware Analysis Comparison Toolkit (FACT) : Not fully installed. More disk space required.
              fwanalyzer
              ByteSweep
              Firmwalker
              Checksec.sh
              Binwalk
              QEMU
              Firmadyne
              Firmware Modification Kit
              OpenOCD
              Flashrom
              minicom
              ubi_reader
              uboot write
              elfutils
              pax-utils
              prelink
              lddtree
          plus more…
          Some of the above tools will install additional dependencies not listed here such as radare2, cwe-checker, and others.
          Vulnerable Firmware (~/firmware)
              Mirai affected firmware (DVR based)
              Damn Vulnerable Router Project
              IoTGoat
          Methodology (~/Desktop/Firmware-Security-Testing-Methodology.pdf)
              Firmware Security Testing Methodology – See the following repository for further details https://github.com/scriptingxss/owasp-fstm/
          Changelog v2020.2
              Update: 10/2020 New theme, and updated tools.


          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. You care about what you build.
          Protect your websites with the best WordPress security available.
          Wordfence includes an endpoint firewall and malware scanner that were built from the ground up to protect WordPress. Our Threat Defense Feed arms Wordfence with the newest firewall rules, malware signatures and malicious IP addresses it needs to keep your website safe. Rounded out by a suite of additional features, Wordfence is the most comprehensive security option available.
          Hidden Content
          Give reaction to this post to see the hidden content.

          Hidden Content
          Give reaction to this post to see the hidden content.