Cyber Security

Cross-site scripting

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass…

Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated. CSRF attacks specifically target state-changing requests, not theft of data, since the attacker has no…

NIST SPECIAL PUBLICATIONS

NIST uses three NIST Special Publication subseries to publish computer/cyber/information security and guidelines, recommendations and reference materials: SP 800, Computer Security (December 1990-present):NIST's primary mode of publishing computer/cyber/information security guidelines, recommendations and reference materials(SP 800s are also searchable in the …

NIST 80-300

The purpose of Special Publication 800-30 is to provide guidance for conducting risk assessments of federal information systems and organizations, amplifying the guidance provided in Special Publication 800-39. This document provides guidance for carrying out each of the three steps…

Nemesis

Nemesis is a command-line network packet crafting and injection utility for UNIX-like and Windows systems. Nemesis, is well suited for testing Network Intrusion Detection Systems, firewalls, IP stacks and a variety of other tasks. As a command-line driven utility, Nemesis…

Wireshark Intrusion Analysis / SQL Database Support

INTRUSION ANALYSIS / SQL DATABASE SUPPORT C5 SIGMA from Command Five Pty Ltd automates TShark (Wireshark) to load large quantities of packet capture data into a SQL database using an automatically generated schema. C5 SIGMA flattens the Wireshark protocol tree…

Wireshark USB capture

USB CAPTURE Raw USB traffic can be captured with Wireshark currently only under Linux, see CaptureSetup/USB. If it's an Ethernet (or any other network related) USB adapter, Wireshark can capture e.g. Ethernet traffic from that USB device if the platform…

Wireshark Collections

A list of tools Web page of links to various networking tools dsniff is a collection of tools for network auditing and penetration testing (BSD style?, BSD/Linux/Solaris/...) Network Security Toolkit (NST 24-7977) Fedora-based (F24) bootable Linux distribution with best-of-breed open…

WireShark Capture file conversion and repair

These tools convert between different capture file formats. PcapNG.com Free online service that converts Pcap-NG files to plain libpcap (PCAP) format. ProConvert convert capture files between different formats - some that Wireshark currently doesn't support (closed source freeware, unsupported and…

Wireshark Capture file anonymization

THESE TOOLS CAN BE USED TO "ANONYMIZE" CAPTURE FILES, REPLACING FIELDS SUCH AS IP ADDRESSES WITH RANDOMIZED VALUES. AnonTool from the CRAWDAD archive of wireless traffic. The bittwiste tool from Bit-Twist. The Crypto-PAn tool. The Network Expect tool, which can…