SignatureMiner : Anti-Virus Signature Intelligence Tool

SignatureMiner, a semisupervised security framework for Anti-Virus signatures featuring normalization, customization, clustering and knowledge discovery. SignatureMiner is based on MinHash and regular expressions and can be used both for malware label classification and signature-based analytics.(SignatureMiner: A Fast Anti-Virus Signature Intelligence Tool - IEEE Conference Publication, 2020)
SignatureMiner is a python tool to mine information from cryptic Antivirus software signatures. It was designed to extract consensus about malware types from the outputs of Multi-scanner tools, but can be leveraged to extract (or mine) useful insights from the signatures themselves. SignatureMiner leverages the well-known minhashing approach to cluster together tokens extracted from clean AV signatures. Those clusters have to be supervised by the user to write some regular expression rules (in python) that SignatureMiner can convert into classification directives. To do this, SignatureMiner has tw…

Virtualbox - Install guest additions on RHEL 8 or CentOS 8

1. First install the following packages required for compilation of guest addition modules

# dnf install tar bzip2 kernel-devel-$(uname -r) kernel-headers perl gcc make elfutils-libelf-devel 2. Install Guest Addition  by running the installation script after mounting guest addition iso

# ./

3. Check if the guest addition modules has been installed

# lsmod | grep vbox

Types of web hosting - Shared, VPS and Dedicated

OPENSSH - List supported Ciphers and Algorithms

We need this list because sometimes our Vulnerabiliy Scanning software
points out that some old ciphers are WEAK.

From the man pages of SSH:

 -Q cipher | cipher-auth | mac | kex | key
             Queries ssh for the algorithms supported for the specified version 2.  The available features are: cipher (supported sym‐
             metric ciphers), cipher-auth (supported symmetric ciphers that support authenticated encryption), mac (supported message
             integrity codes), kex (key exchange algorithms), key (key types).

Supported cipher suites

[vicky@vicky-centos-7 ~]$  ssh -Q cipher

Supported message integrity codes

[vicky@vicky-centos-7 ~]$ ssh -Q mac

Security as a Service (SECaaS)

What is Security as a Service (SECaaS)? Security as a Service (SECaaS) can most easily be described as a cloud delivered model for outsourcing cybersecurity services. Much like Software as a Service, SECaaS provides security services on a subscription basis hosted by cloud providers. Security as a Service solutions have become increasingly popular for corporate infrastructures as a way to ease the in-house security team’s responsibilities, scale security needs as the business grows, and avoid the costs and maintenance of on-premise alternatives. Benefits of Security as a Service Cost Savings One of the biggest benefits of a Security as a Service model is that it saves a business money. A cloud delivered service is often available in subscription tiers with several upgrade options so a business only pays for what they need, when they need. It also eliminates the need for expertise. The Latest Security Tools and Updates When you implement SECaaS, you get to work with the latest securit…

WTF is The Blockchain?

The ultimate 3500-word guide in plain English to understand Blockchain. Author : Mohit Mamoria

MySQL FLUSH Commands

Flush privileges mysql> FLUSH PRIVILEGES; when we grant some privileges for a user, running the command flush privileges will reloads the grant tables in the mysql database enabling the changes to take effect without reloading or restarting mysql service. Flush TABLES mysql> FLUSH TABLES; The command closes all tables which are currently open or in use. And clears cache which intern make better utilization on available memory. Flush HOSTS mysql> FLUSH HOSTS; The command uses host cache tables, if maximum number of connections has been reached for a particular host, mysql server will not able to make new connections. flushing host tables resets the process and again allows the connections for particular HOST. Flush LOGS mysql> FLUSH LOGS; The command closes and reopens all log files, if log files are to big and taking more time to load then you can run the command which will create an empty log file.