Search Results for "linux malware detect"

Interactsh is an open-source tool for detecting out-of-band interactions. It is a tool designed to detect vulnerabilities that cause external interactions. Interactsh Cli client requires go1.17+ to install successfully. interactsh-client with -sf, -session-file flag can be used store/read the current session information from user defined file which is useful to resume the same session to poll the interactions even after the client gets stopped or closed. Running the interactsh-client in...

Automatically mock your HTTP interactions to simplify and speed up testing. VCR.py simplifies and speeds up tests that make HTTP requests. The first time you run code that is inside a VCR.py context manager or decorated function, VCR.py records all HTTP interactions that take place through the libraries it supports and serializes and writes them to a flat file (in yaml format by default). This flat file is called a cassette. When the relevant piece of code is executed again, VCR.py will read...

A proof-of-concept HTTP Botnet designed to replicate a full weaponized commercial botnet. This project should be used for authorized testing or educational purposes only. The main objective behind creating this offensive project was to aid security researchers and to enhance the understanding of commercial HTTP loader-style botnets. We hope this project helps to contribute to the malware research community and that people can develop efficient countermeasures. Written in C++ with no...

Apache Mobile Filter is the easiest and fastest way to detect mobile devices. AMF is a suite of tools that allow access to a Device Repository (such as WURFL, DetectRight, 51Degrees.mobi or the free AMF service) directly from Apache: now you can detect devices no matter what language your website uses.

HTTP proxy written in Go. COW can automatically identify blocked sites and use parent proxies to access. COW's design goal is automation. Ideally, users don't need to care about which websites are inaccessible, and they can directly connect to the website without slowing down the access speed due to the use of secondary agents. As an HTTP proxy, it can be provided to mobile devices; if deployed on a domestic server, it can be used as an APN proxy. Support HTTP, SOCKS5, shadowsocks and cow...

Free-SA is logs processor and report generating tool. It can be used to control traffic usage, to evaluate conformance to the Internet access security policies, to investigate security incidents, to evaluate web server efficiency and to detect troubles with server configuration.

An Apache module that can be used to automatically block infected web pages from being served. Click "Sign Up" at the Dasient web site at www.dasient.com/partners to create a "Webmaster / Developer" account to get trial malware monitoring to test it

mod_dnsblacklist is a Lighttpd module that use DNSBL in order to block spam relay via web forms, preventing URL injection, block http DDoS attacks from bots and generally protecting your web service denying access to a known bad IP address.

mod_cidr_lookup is Apache module enable to lookup CIDRs and set name to HTTP request header and environmental variable. mod_cidr is useful to detect some CIDR groups. example: my company's CIDR block, Google bot's CIDR and others