@LSELabs profile picture
Linux Security Labs @LSELabs

Stay up-to-date in the field of Linux security. Know your Linux security tools and practice with them in online labs.

Joined June 2017
  • Tweets 35,334
  • Following 2
  • Followers 3,082
2 Photos and videos
Tool review: radare2 (reverse engineering tool and binary analysis) by @trufae @radareorg #dfir #ReverseEngineering linuxsecurity.expert/tools/r…

Radare2 review (reverse engineering tool and binary analysis)

Radare2 is a tool to perform reverse engineering on files of all types. It can be used to analyze malware, firmware, or any other type of binary files. Read how it works in this review.

linuxsecurity.expert
1
402
Tool review: Tulpar (web vulnerability scanner) by @anilbaranyelken #analysis #xss linuxsecurity.expert/tools/t…

Tulpar review (web vulnerability scanner)

Tulpar is a security tool to scan web targets for possible vulnerabilities. It checks a wide range of items and attack types for this particular purpose.

linuxsecurity.expert
320
Tool review: Cloud Security Suite (cloud security toolkit) by @jayeshsch @CS_Suite #pentesting #infosec #tools linuxsecurity.expert/tools/c…

Cloud Security Suite review (cloud security toolkit)

CS Suite is a security toolkit that allows scanning Amazon, Google, and Azure cloud platforms. Read how it works in this review.

linuxsecurity.expert
252
Tool review: rastrea2r (threat hunting for IOCs) by @aboutsecurity #dfir #detection #malware linuxsecurity.expert/tools/r…

Rastrea2r review (threat hunting for IOCs)

Rastrea2r is a threat hunting utility for indicators of compromise (IOC) and can be used by SOC analysts and incident responders. Learn how it works in this review.

linuxsecurity.expert
227
Tool review: Clair (container vulnerability scanner and analyzer) by @coreos #container #infosec #tools linuxsecurity.expert/tools/c…

Clair review (container vulnerability scanner and analyzer)

Clair is an open source container analyzer. It performs static analysis of container images and correlates their contents with public vulnerability databases.

linuxsecurity.expert
169
Tool review: known_hosts_bruteforcer (brute force SSH known_hosts file) by @xme #dfir #pentesting linuxsecurity.expert/tools/k…

Known_hosts_bruteforcer review (brute force SSH known_hosts file)

The known_hosts_bruteforce is a script to discover hostnames from the known_hosts file. This can be useful during penetration testing or incident response.

linuxsecurity.expert
169
Tool review: WarBerryPi (hardware implant for pentesting or red teaming) by @sec_groundzero #pentesting #wifi linuxsecurity.expert/tools/w…

WarBerryPi review (hardware implant for pentesting or red teaming)

WarBerryPi is a toolkit to provide a hardware implant during penetration testing or red teaming. Read how it works in this review.

linuxsecurity.expert
127
Tool review: Portspoof (defense tool against port scans) by @drk1wi #cloaking #defense linuxsecurity.expert/tools/p…

Portspoof review (defense tool against port scans)

Portspoof is a small utility with the goal to make port scanning by other much harder by showing all TCP ports as 'open' and emulating actual services.

linuxsecurity.expert
175
Tool review: XSSER (Cross-site scripting scanner) #pentesting #analysis linuxsecurity.expert/tools/x…

XSSER review (Cross-site scripting scanner)

XXSER leverages the execution of arbitrary code on the web server when an administrative user inadvertently triggers a hidden XSS payload.

linuxsecurity.expert
84
Tool review: pass-rotate (tool and library for bulk password rotation) #password #infosec #tools linuxsecurity.expert/tools/p…

Pass-rotate review (tool and library for bulk password rotation)

pass-rotate is a library and command-line tool to rotate password on various web services. It allows for bulk changing your passwords.

linuxsecurity.expert
101
Tool review: Bash Scanner (vulnerable package detection for Linux) #infosec #tools linuxsecurity.expert/tools/b…

Bash Scanner review (vulnerable package detection for Linux)

Bash Scanner is a security tool that does a quick scan to see if there are vulnerable packages. It uses an external service to validate.

linuxsecurity.expert
103
Tool review: SubOver (subdomain takeover tool) by @ice3man543 #domain #subdomain linuxsecurity.expert/tools/s…

SubOver review (subdomain takeover tool)

SubOver is a security tool to with the goal to take over subdomains. This can be used as part of security assessment or obtaining bug bounties.

linuxsecurity.expert
204
Tool review: Patator (multi-purpose brute-force tool) by @lanjelot #pentesting #infosec #tools linuxsecurity.expert/tools/p…

Patator review (multi-purpose brute-force tool)

Patator is a security tool to perform enumeration or brute-force attempts to discover authentication details. It can be used during penetration testing.

linuxsecurity.expert
1
117
Tool review: Karn (create AppArmor and seccomp profiles) by @grantseltzer #apparmor #seccomp linuxsecurity.expert/tools/k…

Karn review (create AppArmor and seccomp profiles)

Karn is a tool to create AppArmor and seccomp profiles. This can be useful to restrict what applications can do for increased security.

linuxsecurity.expert
87
Tool review: Metasploit Framework (penetration toolkit) by @hdmoore #pentesting #exploitation linuxsecurity.expert/tools/m…

Metasploit Framework review (penetration toolkit)

Metasploit is a framework that consists of tools to perform security assignments. It focuses on the offensive side of security and leverages exploit modules.

linuxsecurity.expert
103
Tool review: DirSearch (Go) (directory fuzzer for web applications) by @evilsocket #pentesting #dirbuster linuxsecurity.expert/tools/d…

DirSearch (Go) review (directory fuzzer for web applications)

DirSearch is a scanning tool to find directories and files on web applications. It is a remake of the dirsearch tool that was created by Mauro Soria.

linuxsecurity.expert
124
Tool review: Manticore (dynamic binary analysis tool) by @trailofbits #analysis #malware #ReverseEngineering linuxsecurity.expert/tools/m…

Manticore review (dynamic binary analysis tool)

Manticore is a binary analysis tool. It uses dynamic analysis, meaning parts of the binary will be executed and tested.

linuxsecurity.expert
1
98
Tool review: vuLnDAP (vulnerable web application based on LDAP) by @digininja #pentesting #vulnerability linuxsecurity.expert/tools/v…

VuLnDAP review (vulnerable web application based on LDAP)

VuLnDAP is a deliberately vulnerable web application. It shows how to exploit flaws in a website based on LDAP. Learn more about the tool and how it works.

linuxsecurity.expert
95
Tool review: Parsero (analyzer for robots.txt file) #discovery #web linuxsecurity.expert/tools/p…

Parsero review (analyzer for robots.txt file)

Parsero is a Python script to analyze robots.txt on web servers. It specifically looks for the Disallow entries and checks which entries might be accessible.

linuxsecurity.expert
88
New release: THC Hydra 9.5 (password discovery) by @hackerschoice #pentesting #password linuxsecurity.expert/tools/h…

THC Hydra review (password discovery)

THC Hydra is a brute-force cracking tool for remote authentication services. It supports many protocols, including telnet, FTP, LDAP, SSH, SNMP, and others.

linuxsecurity.expert
81
Load more