Showing posts with label security logs. Show all posts
Showing posts with label security logs. Show all posts

Friday, August 21, 2020

Open Sources Tool - Stringlifier & Tripod

 Stringlifier:

                             a python based tool/module help to analyzing security and application logs, or when attempting to discover credentials that might have been accidentally exposed. 


Typical usage scenarios include:

  • Sanitizing application or security logs
  • Detecting accidentally exposed credentials (complex passwords or api keys)


It detects code/text that resembles a randomly generated string in any plain text. It uses machine learning to distinguish between normal and random character sequences. It can also be adapted for more fine-grained classifications (password, API key, hash, etc.). 


“1e32jnd9312”, “32189321-DEF3123-9898312”, “ADEFi382819312.” Do these strings seem familiar? They could be hashes, random generated passwords, API keys, or many other types of strings. You can usually spot them in logs, command lines, configuration files, and source code. Whether you are analyzing security and application logs or you are hunting for accidentally exposed credentials, they can, unfortunately, make your life a lot harder. This is because building a search pattern for something random is a particularly hard task.


Download Link : 

https://github.com/adobe/stringlifier


Tripod:

 is a tool/ML model for computing latent representations for large sequences. It has been used on source code and text and it has applications such as:

  • Malicious code detection
  • Sentiment analysis
  • Information/code indexing and retrieval
  • Anomaly Detection/ Unsupervised Learning