Electron is a pretty recent framework for building desktop applications and there are not many tools that deal with the security part either. There is a electronjs security checklist, providing guidelines for building secure applications, but there is no tool per-se - atleast none I know of! Electronegativity changes this. This post describes the open source tool that was Read more about Electronegativity: An Open Source Electron Security Auditor
Archives for June 2019
UPDATE: Ostinato 0.9!
This tool came to my rescue yet again today! If you remember, I had blogged about this tool in my older post titled - Ostinato: The Network Traffic Generator and Analyzer! As always, before using any tool I tried to update it and there it was - Ostinato 0.9. This update was released long ago, but I missed it and hence this post. Infact, this open source tool was also Read more about UPDATE: Ostinato 0.9!
UPDATE: Cuckoo Sandbox 2.0.7
It has been some time that I posted about the Cuckoo Sandbox. Good news is that the guys at the Cuckoo Foundation are not silent and have released the Cuckoo Sandbox 2.0.7, with lots of improvements, code cleanup, support for VirtualBox 6 and the well deserved support for the MITRE ATT&CK TTP detection. Read more about UPDATE: Cuckoo Sandbox 2.0.7
Unprotect Project: Classify Malwares Based on Known Evasion Techniques
One of the first steps in learning about a malware is to see if it is evasive in any sense and then proceed accordingly. The Unprotect Project helps you do this easily. It is an open source project in Python that proposes a malware classification techniques based on their evasive capabilities to help understand and analyze them. This project caters Windows PE malwares only. Read more about Unprotect Project: Classify Malwares Based on Known Evasion Techniques
UPDATE: Sysdig Falco v0.15.1
Three days ago, an updated version – Sysdig Falco v0.15.1 – was released. It has been some time since I last blogged about this open source behavorial activity monitor which has container support. This release remediates integration issues with Anchore by updating urllib3 and requests Python library versions in addition to others. Read more about UPDATE: Sysdig Falco v0.15.1