Nemesis: Open-source offensive data enrichment and analytic pipeline

Nemesis is a centralized data processing platform that ingests, enriches, and performs analytics on offensive security assessment data.
Nemesis was created by Lee Chagolla-Christensen and Will Schroeder, both security researchers at SpecterOps.
Knowledge about offensive tradecraft is difficult to scale due to the rapid pace at which new techniques are released, the vast array of technologies companies use, and the time requirements to learn about new tradecraft.
Offensive data is not unified: it's siloed inside specific tools and machines rather than being modeled and analyzed holistically.
File and tool output triaging is inconsistent due to differing levels of experience, training, knowledge, tedium, and time constraints.
Chagolla-Christensen told us that Nemesis aggregates data from several C2 platforms to a central location, where it then analyzes, enriches and provides collaborative UI interfaces for the data.
Document processing: Converts all documents to a PDF accessible in a browser, extracts text from the documents and makes them searchable, scans all the text in all documents/files for credentials, and attempts to crack password-protected documents.
Software vulnerability analysis: Extracts and stores common features from executable files, decompiles.
NET executables for potential vulnerabilities, and indexes source code so easily searchable/viewable.
Automatic decryption of sensitive data: Scans all files for data encrypted using Window's data protection API, tracks and cracks cryptographic keys used to protect this data, and automatically decrypts the data to reveal the sensitive data.


This Cyber News was published on www.helpnetsecurity.com. Publication date: Tue, 12 Dec 2023 05:58:11 +0000


Cyber News related to Nemesis: Open-source offensive data enrichment and analytic pipeline

Nemesis: Open-source offensive data enrichment and analytic pipeline - Nemesis is a centralized data processing platform that ingests, enriches, and performs analytics on offensive security assessment data. Nemesis was created by Lee Chagolla-Christensen and Will Schroeder, both security researchers at SpecterOps. ...
11 months ago Helpnetsecurity.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 month ago Aws.amazon.com
Embracing offensive cybersecurity tactics for defense against dynamic threats - In this Help Net Security, Alexander Hagenah, Head of Cyber Controls at SIX, discusses the critical steps in creating effective offensive security operations and their impact on organizational security strategies. The first line of defense is often ...
10 months ago Helpnetsecurity.com
New infosec products of the week: December 15, 2023 - Here's a look at the most interesting products from the past week, featuring releases from Censys, Confirm, Drata, Safe Security, and SpecterOps. Nemesis: Open-source offensive data enrichment and analytic pipeline. Nemesis is a centralized data ...
11 months ago Helpnetsecurity.com
CVE-2021-2244 - Vulnerability in the Hyperion Analytic Provider Services product of Oracle Hyperion (component: JAPI) and Essbase Analytic Provider Services product of Oracle Essbase (component: JAPI). Supported versions that are affected are Hyperion Analytic ...
2 years ago
Open Source Password Managers: Overview, Pros & Cons - There are many proprietary password managers on the market for those who want an out-of-the box solution, and then there are open source password managers for those wanting a more customizable option. In this article, we explain how open source ...
8 months ago Techrepublic.com
Week in review: Apache Struts vulnerability exploit attempt, EOL Sophos firewalls get hotfix - SCS 9001 2.0 reveals enhanced controls for global supply chainsIn this Help Net Security interview, Mike Regan, VP of Business Performance at TIA, discusses SCS 9001 Release 2.0, a certifiable standard crafted to assist organizations in ...
11 months ago Helpnetsecurity.com
Are the Fears about the EU Cyber Resilience Act Justified? - "The draft cyber resilience act approved by the Industry, Research and Energy Committee aims to ensure that products with digital features, e.g. phones or toys, are secure to use, resilient against cyber threats and provide enough information about ...
11 months ago Securityboulevard.com
CI/CD Pipeline Security: Best Practices Beyond Build and Deploy - These pipelines represent an incredible security risk to organizations, and the consequences can be severe. A seemingly harmless code change that makes its way through a compromised pipeline could lead to security breaches, system compromise, and ...
9 months ago Securityboulevard.com
Are the Fears About the EU Cyber Resilience Act Justified? - On Wednesday, July 19, the European Parliament voted in favor of a major new legal framework regarding cybersecurity: the Cyber Resilience Act. The act enters murky waters when it comes to open-source software. It typically accounts for 70% to 90% of ...
10 months ago Feeds.dzone.com
What is offensive security? - Offensive security is the practice of actively seeking out vulnerabilities in an organization's cybersecurity. In the past, offensive security referred to methods to actively slow down or to find information about attackers. This is no longer widely ...
11 months ago Techtarget.com
CVE-2020-14768 - Vulnerability in the Hyperion Analytic Provider Services product of Oracle Hyperion (component: Smart View Provider). The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows low privileged attacker with access to ...
4 years ago
Launching Your First Open Source Project - I've been deeply immersed in the world of developer products for the past decade, and let me tell you, I've been quite an open-source enthusiast. Over the years, I've had the pleasure of shepherding open-source projects of all shapes and sizes. ...
10 months ago Feeds.dzone.com
Wazuh: Building robust cybersecurity architecture with open source tools - Building a cybersecurity architecture requires organizations to leverage several security tools to provide multi-layer security in an ever-changing threat landscape. Leveraging open source tools and solutions to build a cybersecurity architecture ...
10 months ago Bleepingcomputer.com
Wazuh: Building robust cybersecurity architecture with open source tools - Building a cybersecurity architecture requires organizations to leverage several security tools to provide multi-layer security in an ever-changing threat landscape. Leveraging open source tools and solutions to build a cybersecurity architecture ...
10 months ago Bleepingcomputer.com
How to Enrich Data for Fraud Reduction, Risk Management and Mitigation in BFSI - To stay ahead of these challenges, organizations are increasingly relying on data products to enrich their data and enhance their fraud reduction and risk management strategies. The Data Revolution in BFSI. Data is the lifeblood of the BFSI sector. ...
9 months ago Securityboulevard.com
How Servicenow Detects Open Source Security Vulnerabilities - Servicenow, a digital workflow company, recently announced their integration with Synk, an open source security platform, to detect security vulnerabilities in open source software. This integration will enable Servicenow customers to detect and ...
1 year ago Csoonline.com
CVE Prioritizer: Open-source tool to prioritize vulnerability patching - CVE Prioritizer is an open-source tool designed to assist in prioritizing the patching of vulnerabilities. It integrates data from CVSS, EPSS, and CISA's KEV catalog to offer insights into the probability of exploitation and the potential effects of ...
9 months ago Helpnetsecurity.com
CVE-2021-2435 - Vulnerability in the Essbase Analytic Provider Services product of Oracle Essbase (component: JAPI). The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to ...
3 years ago
Cobalt's New Report Uncovers a Big Shift in Cybersecurity Strategy - PRESS RELEASE. SAN FRANCISCO, Feb. 14, 2024 /PRNewswire-PRWeb/ - Cobalt, the pioneers of Pentest as a Service, empowering businesses to operate fearlessly and innovate securely, has today announced the release of the inaugural OffSec Shift Report. ...
9 months ago Darkreading.com
Iranian Hackers Use New C2 Tool 'DarkBeatC2' in Recent Operation - MuddyWater, an Iranian threat actor, has used a novel command-and-control infrastructure known as DarkBeatC2 in its the most recent attack. This tool joins a list of previously used systems, including SimpleHarm, MuddyC3, PhonyC2, and MuddyC2Go. In a ...
7 months ago Cysecurity.news
NIST NVD Disruption Sees CVE Enrichment on Hold - Since February 12, 2024, NIST has almost completely stopped enriching software vulnerabilities listed in its National Vulnerability Database, the world's most widely used software vulnerability database. Tom Pace, CEO of firmware security provider ...
8 months ago Infosecurity-magazine.com
SiCat: Open-source exploit finder - SiCat is an open-source tool for exploit research designed to source and compile information about exploits from open channels and internal databases. Its primary aim is to assist in cybersecurity, enabling users to search the internet for potential ...
9 months ago Helpnetsecurity.com
Aim for a modern data security approach - Risk, compliance, governance, and security professionals are finally realizing the importance of subjecting sensitive workloads to robust data governance and protection the moment the data begins traversing the data pipeline. Why current data ...
11 months ago Helpnetsecurity.com
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
8 months ago Cisa.gov

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)