recon-ng is a tool for open source reconnaissance. Reconnaissance is the first phase in a penetration test and it is the act of gathering preliminary data or intelligence on your target.
Recon-ng has a look and feel similar to the Metasploit Framework and provides an easy to use interface to gather open source intelligence.
This is a post on doing open source intel with recon-ng. The post is split in two parts :
the … Read more.
I had a guest-posting published at IBM Security Intelligence : Comparing Different Tools for Threat Sharing.
The TLP or Traffic Light Protocol is a set of designations designed to help sharing of sensitive information. It has been widely adopted in the CSIRT and security community.
The originator of the information labels the information with one of four colours. These colours indicate what further dissemination, if any, can be undertaken by the recipient. Note that the colours only mark the level of dissemination, not the sensitivity level (although they often align).
The … Read more.
In the two previous posts on MISP
Getting started with MISP – part 1 – Configuration Getting started with MISP – part 2 – Usage
I covered the basic installation, configuration and usage of MISP, Malware Information Sharing Platform & Threat Sharing.
Visit the page from CIRCL.lu to get a good overview of the possibilities of MISP and a description of a practical use case.
If you need (commercial) support you should visit http://www.misp-project.org/.
… Read more.
I had a post published on IBM Security Intelligence : How STIX, TAXII and CybOX Can Help With Standardizing Threat Information.
My first post on MISP described how to get MISP installed and get it up and running. This post describes how you can use MISP to your benefit to share threat information with your community.
The basic features of MISP are described in detail in the documentation at INSTALL/documentation.pdf. I’ll describe the steps needed to create an event and add some useful data.
You can add an event under Event actions, Add event. You’ll have … Read more.
MISP or Malware Information Sharing Platform & Threat Sharing is an open source tool for sharing malware and threat information with the security community. It is available on Github and is used by a large number of CERTs and security teams.
This first post describes how to get MISP installed and get it up and running. The next post describes how you can use MISP to your benefit to share threat information with your … Read more.
Graphs made with cudeso posts stats
By continuing to use the site, you agree to the use of cookies. more information
An HTTP cookie, is a small piece of text sent from a website and stored in your web browser. Cookies are a reliable mechanism for websites to remember your preferences and improve your browsing experience.
If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.