Showing posts with label open. Show all posts
Showing posts with label open. Show all posts

Sunday, September 15, 2019

Threat Hunting Tool - Bro (Zeek) Network Security Monitor

Bro (Zeek) - Threat Hunting Tool:

A powerful framework for network traffic analysis and security monitoring.Bro is a passive, open-source network traffic analyzer. It is primarily a security monitor that inspects all traffic on a link in depth for signs of suspicious activity. More generally, however, Bro supports a wide range of traffic analysis tasks even outside of the security domain, including performance measurements and helping with trouble-shooting.



Note that "Zeek" is the new name of what used to be known as the "Bro" network security monitoring system.


Key Features

  • In-depth Analysis Zeek ships with analyzers for many protocols, enabling high-level semantic analysis at the application layer.
  • Adaptable and Flexible Zeek's domain-specific scripting language enables site-specific monitoring policies and means that it is not restricted to any particular detection approach.
  • Efficient Zeek targets high-performance networks and is used operationally at a variety of large sites.
  • Highly Stateful Zeek keeps extensive application-layer state about the network it monitors and provides a high-level archive of a network's activity.
 Download Link :

https://www.zeek.org/download/index.html

Tuesday, August 20, 2019

Malicious Software Removal Tool / Safety Scanner - Microsoft


Malicious Software Removal Tool (MSRT) :

                                                                 helps keep Windows computers free from prevalent malware. MSRT finds and removes threats and reverses the changes made by these threats. MSRT is generally released monthly as part of Windows Update or as a standalone tool available here for download.



Use this tool:
  • If you have automatic updates for Windows turned off. Windows Update automatically downloads and runs MSRT in the background.
  • If you suspect an infection from prevalent malware families
  • To complement your antimalware product.

MSRT targets prevalent malware families only.

Download Link :

https://www.microsoft.com/en-us/download/details.aspx?id=16

Microsoft Safety Scanner:


is a scan tool designed to find and remove malware from Windows computers. Simply download it and run a scan to find malware and try to reverse changes made by identified threats.


Safety Scanner only scans when manually triggered and is available for use 10 days after being downloaded. We recommend that you always download the latest version of this tool before each scan.

Download 

Wednesday, March 11, 2015

Best / Open Risk Assessment / Analysis Tool

CORAS:

               is a method for conducting security risk analysis. Platform for risk analysis of security critical IT systems using UML, based on the CORAS model-based risk assessment methodology. Contains an XML and UML repository, facilitating management and reuse of analysis results.





               CORAS provides a customised language for threat and risk modelling, and comes with detailed guidelines explaining how the language should be used to capture and model relevant information during the various stages of the security analysis. In this respect CORAS is model-based. The Unified Modelling Language (UML) is typically used to model the target of the analysis. For documenting intermediate results, and for presenting the overall conclusions we use special CORAS diagrams which are inspired by UML. The CORAS method provides a computerised tool designed to support documenting, maintaining and reporting analysis results through risk modelling.

Download Link :

http://coras.sourceforge.net/downloads.html

or

http://sourceforge.net/projects/coras/files/latest/download?source=navbar 

Microsoft Security Assessment Tool 4.0:


                                                           is the revised version of the original Microsoft Security Risk Self-Assessment Tool (MSRSAT), released in 2004 and the Microsoft Security Assessment Tool 2.0 released in 2006. Security issues have evolved since 2004 so additional questions and answers were needed to ensure you had a comprehensive toolset to become more aware of the evolving security threat landscape that could impact your organization.




There are two assessments that define the Microsoft Security Assessment Tool:


  • Business Risk Profile Assessment
  • Defense in Depth Assessment (UPDATED)
Download Link : http://www.microsoft.com/en-in/download/details.aspx?id=12273

PTA (Practical Threat Analysis):

                                     is a risk assessment methodology and a suite of software tools that enable users to find the most beneficial and cost-effective way to secure systems and applications according to their specific functionality and environment. 






Download link : http://www.software.co.il/ptadownload/pta1215.exe


ISO 17799 RAT ( Risk Analysis Toolkit ) :

                           to perform risk analysis based on the ISO 17799 on public or private companies.

This analysis was conducted by questionnaire, from which reports on security policies will be generated to perform in the organization to address the risks identified.



Confidentiality, integrity, availability, authenticity and traceability (accountability): the risks are analyzed in several dimensions. The impact of risk is also analyzed
To address the risks and impact are proposed:

    Safeguards (or countermeasures)
    Safety Standards
    Safety procedures
    Elements backup (back up)
    Disaster Recovery Plans

The motivation for choosing this project has been the lack of free software tools that enable risk management in organizations, especially SMEs can not afford the cost of existing commercial tools on the market.

 Download Link : http://ratiso17799.sourceforge.net/descargas.html

Security Officers Management and Analysis Project (SOMAP):

                              is all about defining security management work methods and supplying Security Officers with tools to do their job more efficient and following standards easily.





Features

  • Information Security Risk Management Methodologies and Tools
  • Open Risk Model Repository
  • Risk Assessment
  • Risk Management
Download Link : http://sourceforge.net/projects/somap/files/latest/download?source=navbar