Latest Security News

Microsoft Security Compliance Manager TOOL

 Free GPO complience tool  with excellent security Base Lines, you can import GPO backup from your AD and compere it to any relevant baseline .
 Get the latest version HERE

About This Solution Accelerator

Microsoft Security Compliance Manager (SCM) is a free tool from the Microsoft Solution Accelerators team that enables you to quickly configure and manage your computers, traditional datacenter, and private cloud using Group Policy and Microsoft® System Center Configuration Manager.
SCM 2 provides ready to deploy policies and DCM configuration packs that are tested and fully supported. These baselines are based on Microsoft Security Guide recommendations and industry best practices, allowing you to manage configuration drift, address compliance requirements, and reduce security threats.
Easily configure the latest Windows® operating systems, Microsoft Office applications, and Internet Explorer with industry leading knowledge and fully supported tools.
Take advantage of SCM 2 to import the configuration of a “golden master” reference machine or existing Group Policy. Compare your standards to industry best practices, customize them using rich knowledge, and seamlessly create new policies and DCM configuration packs in the user-friendly UI designed to work with Microsoft System Center Configuration Manager 2007 R2.
Key Features Include:
  • Integration with the System Center 2012 Process Pack for IT GRC: Product configurations are integrated into the Process Pack for IT GRC to provide oversight and reporting of your compliance activities.
  • Gold master support: Import and take advantage of your existing Group Policy or create a snapshot of a reference machine to kick-start your project!
  • Configure stand-alone machines: Deploy your configurations to non-domain joined computers using the new GPO Pack feature!
  • Updated security guides: Take advantage of the deep security expertise and best practices in the updated security guides, and the attack surface reference workbooks to help reduce the security risks that you consider to be the most important!
  • Compare against industry best practices: Analyze your configurations against prebuilt baselines for the latest Windows client and server operating systems!



Another cool dDOS tool -in python


HULK is a web server denial of service tool written for research purposes. It is designed to generate volumes of unique and obfuscated traffic at a webserver, bypassing caching engines and therefore hitting the server's direct resource pool.
Published  on packet storm - 
Download it from HERE

defeting hulk with thor (mod ssl) -sig =

 SecRule REQUEST_HEADERS_NAMES ".*" "id:'11',chain,phase:1,t:none,log,drop,msg:'Request Header Ordering Alert: Potential Attack Tool - HULK DoS.',setvar:'tx.header_order=%{tx.header_order}, %{matched_var}'"
        SecRule TX:HEADER_ORDER "@streq , Accept-Encoding, Host, Keep-Alive, User-Agent, Accept-Charset, Connection, Referer, Cache-Control""