AuditD on Android
Our goal is to port a minimal set of userland tools from the GNU/Linux userland to the bionic/Linux userland of Android. We've stripped out most the functionality inherent in the Linux software including audisp, ausearch, and auparse. The audit stream is not sent directly to an AF_Unix socket (/dev/audit) by auditd. While not as elegant or robust as the Linux code, our goal is to provide access to the audit stream for Android applications with minimal overhead. Our choice for stripping down Audit is partly due to the fact bionic is horribly GNU incompatible, but also the smartphone platform should be treated than the traditional server/desktop due to resource and runtime constraints. Requirements: A rooted Android system. Running the 2.6.29 or higher x86 kernel with CONFIG_AUDITSYSCALL=y. For the ARM platform, the kernel must be patched (See section 'Custom Kernel'). We needed to copy over the audit.h kernel header because Google uses clean headers. Their utilities to clean headers are unusable by those not blessed with the power of Google (i.e., the documentation is minimal and the ixd is horrible). More details in the directory structure section.
FEATURES
ALTERNATIVES
Bmaptool is a project no longer maintained by Intel, users are advised to create their own fork for ongoing use.
Online cybersecurity conference with speakers' talks and interactive Q&A sessions.
Steampipe is a zero-ETL solution for getting data directly from APIs and services.
A collection of setup scripts for various security research tools with installers for tools like afl, angr, barf, and more.
A controller addon that provides additional security defenses for onion services ahead of official Tor-core release.
Python package for fanging and defanging indicators of compromise in text.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.