BLACKLIGHT
BlackLight 可以快速分析電腦儲存區和移動設備。它揭示了用戶的行為,現在甚至包括對內存圖像的分析。BlackLight允許輕鬆搜索,過濾和篩選大型數據集。它可以在邏輯上獲得Android和iPhone / iPad設備,在Windows和Mac OS X上運行,並且可以在一個界面內分析來自所有四個主要平台的數據。它只是智能,全面分析的最佳選擇。
特色
ACTIONABLE INTEL
EASILY UNCOVER USER ACTIONS
BlackLight’s Actionable Intel view allows examiners to view various data points that can be attributed to a user's actions. Traces of potentially important user activity from many disparate locations are organized for practical, efficient examination. Elements include:
Windows Registry artifacts - recently executed files and programs, link files, jumplists, Prefetch and Superfetch data
Device connection data for all devices previously connected to the system, including USB device connection dates/times and the associated user account
iOS device backups
Recent file downloads
Trash (for Mac OS X volumes) and Recycle Bin (for Windows volumes)
Current and deleted user account info
MEMORY
ANALYZE WINDOWS MEMORY FILES
Analyzes several types of memory files, including raw dumps, Hibernation files (Windows Vista to Windows 10), pagefile.sys, and crash dumps (full, from Windows Vista or 7)
Performs file carving and bulk extraction content searches (for numerous items such as URLs, addresses, phone numbers, etc.)
Features a Memory subview for analyzing processes, libraries, sockets, handles, and drivers
Processes memory files many times faster than traditional open-source forensic tools
FILE FILTER VIEW
EFFICIENTLY SIFT THROUGH LARGE DATA SETS
BlackLight's signature File Filter view includes examiner-defined filter options to quickly pinpoint relevant data within large data sets. Filter criteria include:
File name, kind, size, or extension
Date created, modified, or accessed
Picture metadata attributes, including GPS coordinates and camera (iPhone/iPad device) type
Positive and negative hash set filtering
Examiners may apply any number of filters or inverse filters to quickly isolate important data from system files or base application files. BlackLight comes with several pre-set file filters, including those that filter by file type, file attribute, geolocation coordinates, and source device type.
MEDIA
FIND THE PICTURE AND VIDEO EVIDENCE YOU NEED
BlackLight's Media view has built-in support for all commonly used picture and video file types, and it includes several helpful and examiner-oriented analysis features, such as:
Built-in GPS Mapping:
All media files containing GPS data will be identified with a placemark badge
Examiners can view media geolocation data on a Mercator map (offline) or using Google Maps (online) directly from the built-in GPS view
Proprietary Skin Tone Analysis Algorithm:
Sort picture and video files by the skin tone percentag...
Cloudflare 企業方案的優點與功能
Web 現況
在現今世界中,您的網站就是您的業務命脈。然而,網站維護與運作比以往更為複雜。Web 的高度開放性也是其弱點:攻擊者可以找到多個網路通訊層與各種通訊協定的弱點。犧牲效能來封鎖每個可能的受攻擊面並不是一個好主意。因此,您需要一個簡單、經濟且可跨電腦、行動裝置與網路運作的解決方案。
Cloudflare 讓您只需要簡單地變更 DNS,就能保護您的網站,並提高其執行速度與可用性。Cloudflare已重新思考網路、硬體與軟體層的整個技術堆疊,並在高可用性全球網路上建置反向 Proxy 服務。透過以雲端服務方式提供此功能,Cloudflare可協助您節省時間、金錢與精力。Cloudflare不斷創新,帶來的全新 Web 體驗,都將持續嘉惠於您,讓您的網站訪客在使用時更安全愉快。
功能一覽
超過 25 億個唯一 IP
550 萬個網站且持續增加中
每天處理數十億次網頁瀏覽要求的全球網路
廣泛的客戶群뼷包括主要消費者網站뼵政府機構與企業
Flat Bandwidth Pricing
With Cloudflare’s content delivery network, you’ll never be charged for bandwidth. This means predictable monthly bills, regardless of the amount of traffic served from our edge.
SAML for ASP.NET 安全斷言標記語言(SAML)控件是一款工具包。它為SAML 2.0版本單點登陸到ASP.NET應用程式添加了支持。它同樣為SAML斷言的自定義運用而在網絡服務應用程式中使用了SAML斷言安全代符。
Example Projects
Example ASP.NET projects written in C#, with full source code, are included. The examples demonstrate:
Acting as the SAML service provider (SP)
Acting as the SAML identity provider (IdP)
Service provider initiated SSO
Identity provider initiated SSO
Setting and retrieving SAML attributes
Logout
SAML metadata creation and consumption
OWIN ASP.NET Identity integration
High-Level API
A high-level, configuration-driven API provides a very simple to use interface that hides the mechanics of SAML SSO. This makes it easy to add SSO functionality to your web application with just a few lines of code. Configuration changes, including adding support for additional partner identity providers or service providers, may be made with zero code changes.
Initiating SAML SSO from the SP
Initiating SAML SSO from the IdP
Receiving the SAML Response at the SP
Low-Level API
A low-level API provides complete control and flexibility. The API provides accesses to the SAML profiles, protocols, bindings, assertions and metadata. The high-level API is implemented using the low-level API. For most scenarios, the high-level API provides all the control you need in a simpler interface. For those situations where this isn’t enough, the low-level API is available.
SAML v2.0 SPECIFICATION COMPLIANCE
SAML Profiles
All SAML v2.0 profiles are fully supported, acting as either the identity provider or service provider.
Web browser single sign-on (identity provider and service provider initiated)
Single logout
Artifact resolution
Identity provider discovery
Authentication, attribute and assertion query
Name identifier management and mapping
SAML Assertions
SAML v2.0 assertions are fully supported.
Create, modify and access SAML assertions
Serialize SAML assertions to and from XML
Generate and verify XML signatures (SHA-1 and SHA-256) on SAML assertions
Encrypt and decrypt SAML assertions, attributes and identifiers
SAML Protocols
All SAML v2.0 protocols are fully supported.
Create, modify and access SAML protocol messages
Serialize SAML messages to and from XML
Generate and verify XML signatures (SHA-1 and SHA-256) on SAML messages
SAML Assertions
SAML v2.0 assertions are fully supported.
Create, modify and access SAML assertions
Serialize SAML assertions to and from XML
Generate and verify XML signatures (SHA-1 and SHA-256) on SAML assertions
Encrypt and decrypt SAML assertions, attributes and identifiers
...
EnCase 是數位鑑識領域中,非常有名的一套軟體,為Guidance Software公司生產, 該公司成立於1997年,開發團隊的成員多半是具有數位鑑識人員(專家)背景. EnCase支援各種作業系統及檔案系統,為國際間普遍被採用的專業電腦鑑識軟體。
功能介紹
Forensics report (產生鑑識報告)
Image gallery (圖片檔案快速瀏覽)
View Registry (檢視登錄檔)
CDFS support (支援CDFS格式)
Password recovery (密碼破解,為PLSP選購模組)
Keyword search (關鍵字搜尋)
E-mail search (電子郵件搜尋)
NTFS support (支援NTFS格式)
FAT 16/32 support (支援FAT16/32格式)
EXT2/3 support (支援EXT2/3格式)
File Recovery (刪除檔案復原)
Validate Image (映像檔驗證)
Duplicate (建立數位證物映像檔)
Wipe Disk (清理磁碟紀錄)
Web History/Cookie/Cache/URLtyped (網路瀏覽紀錄檢視)
Text indexing (檔案建立索引)
Encase 64-Bit support
DBX/PST/EDB/NSF (電子郵件檢視及搜尋功能)
支援繁/簡體中文及各國多語系的文件搜尋
更新介紹
OpenText™ EnCase™ Forensic is a powerful, court-proven,market leading solution built for digital forensic investigations.
It enables examiners to triage, collect and decrypt evidence from a wide variety of devices in a forensically sound manner.The built-in, enhanced indexing engine comes with powerful processing speed, advanced index searching and optimized performance. The process is quick, efficient, repeatable and defensible, with the ability to create intuitive reports.
EnCase Forensic 8.11 introduces OpenText Media Analyzer, an optional add-on module. Its AI computer vision technology scans images to identify visual content, significantly improving the efficiency and productivity of investigators.
Key new features of EnCase Forensic 8.11 Image analysis with OpenText Media Analyzer Media Analyzer quickly identifies case relevant images, assigning a confidence level scores between 0.00 to 100.00 in 12 pre-defined threat categories relevant to law
enforcement and corporate compliance.
The categories and confidence levels are thenadded to the attributes of individual image files during processing. The media analysis data can be filtered, displayed in tabular format or viewed individually by file.
Media Analyzer dramatically improves productivity and saves valuable time by reducing the amount of content investigators need to review to find actionable intelligence by up to 99 percent.
Supported image formats include BMP, JPG/JPEG, TIF/TIFF, PNG, GIF, TGA and PCX.
.NET Reactor 是一個强大的.NET程式碼保護系統,可以完全停止任何反編譯。開發人員能够以安全和簡單的方式保護他們的軟體,而不必每天擔心要如何保護自己的知識產權。
Why you need to protect your intellectual property.
When you compile a program written for the Microsoft .NET framework, the program you provide to your users is not compiled into a native executable program, but instead is translated into something called the Common Intermediate Language instructions (CIL). CIL is half way between source code and native code, and is interpreted by the .NET framework when your program is run, rather than executed directly as machine code. Because of this, the source code of your application or library can be easily reproduced. Tools such as .NET Reflector (www.red-gate.com/products/reflector/) can reproduce source code from a compiled .NET assemblies in seconds, and in the .NET language of your choice! Clearly, commercial software distributed to end users without some form of protection is wide open to piracy and intellectual property theft.
The traditional solution to intellectual property protection in .NET is to use 'obfuscation', indeed Microsoft make an obfuscation utility available to Visual Studio users.
So why is obsfucation not enough?
Obfuscation is the process of making your source code more difficult (but not impossible) for humans to understand. Obfuscation works by replacing the meaningful names you assign to classes, methods, properties and variables with meaningless ones. For example, it may replace a variable name of "counter" with "A4DF3CV89G" - to humans these obfuscated names are confusing and difficult to remember, but have no effect on the NET Framework interpreter. Note that obfuscation does nothing to the source code within your methods, so it is not protected at all by obfuscation. .NET Reactor does everything an obfuscator does, but then wraps your intellectual property in several more layers of protection, denying access to your source code to even those who are determined to steal your hard work. .NET Reactor's protection has never been cracked, something which cannot be said about obfuscators.
Industry Leading .NET Reactor Source Protection
.NET Reactor prevents decompilation by a variety of methods which convert your .NET assemblies into processes which no existing tool can decompile ( and which are also very likely to prevent decompilation by any future tool). .NET Reactor builds a native code wall between potential hackers and your .NET assemblies by producing a file which cannot be understood directly as CIL. Because the CIL in your assembly is emitted intact only at run time or design time (in a form in which the source is completely inaccessible), no tool is capable of decompiling .NET Reactor protected assemblies.
The native code wall created by .NET Reactor between the hacker and your source includes industry leading NecroBit technology, which is exclusive to ....
Hack The Box 是一個在線平台,可讓您測試滲透測試技能並與具有類似興趣的其他成員交換想法和方法。它包含一些不斷更新的挑戰。其中一些模擬現實世界的場景,而另一些則更傾向於CTF的挑戰風格。作為個人,您可以完成一個簡單的挑戰來證明自己的技能,然後創建一個帳戶,使您可以連接到我們的專用網絡(HTB Net),其中有幾台機器等待您入侵它們。通過黑客機器,您可以獲得積分,可以幫助您提高排名。
ICS CUBE 是互聯網網關和UTM,旨在控制流量,監控互聯網連接並保護企業網絡免受內部和外部威脅。ICS CUBE是針對典型SME的整個網絡相關需求的單一解決方案
統一威脅管理解決方案。ICS CUBE 通過使用下一代防火牆,防病毒,郵件和垃圾郵件過濾器,入侵檢測,內容過濾和訪問權限實施,提供小型企業網絡安全性。由於精心設計的流量統計,廣泛的報告和警報,郵件和即時消息分析,數據丟失保護模塊,ICS CUBE使網絡可見。ICS CUBE取代所有網絡服務器,包括文件,郵件,即時消息,活動目錄,VoIP和一整套技術服務器,如路由,DNS,DHCP。
ICS CUBE是一款小型企業防火牆路由器,可保護您的企業網絡,生成詳細的流量報告並管理Internet連接,解決與業務實踐中的Internet使用相關的所有問題。
Internet gateway
ICS CUBE supports many types of internet access technology, cooperates with different terminals, manages and encrypts traffic in tunnels, balances traffic between multiple Internet service providers.
Centralized management
Access and control of all your ICS CUBEs via one of them.
Network security
Protected connections between corporate offices ensuring information integrity and safety. Corporate network is secured against viral and advanced persistent threats.
Access control
Controlling employee access to Internet resources for groups and individually.
Proxy server
HTTP traffic optimization combined with elaborate accounting and precise access control for every user and resource type or exact address.
Mail and jabber server
Instant messaging and unlimited number of mailboxes on board. Mail antivirus to ward e-mail viruses, phishing attacks and unwanted SPAM. Flexible mail processing rules.
File and web server
Safe file exchange for corporate users. Intranet or protected virtual internet web server for clients.
Voice over IP
Full featured voice over IP corporate gateway. Incoming and outgoing call redirection, filtering, IVR.
Clustering
Configuration is synchronized among several ICS CUBEs. This mode is used for increased resilience and/or load balancing.