🔒 Security Cyber

@[email protected]
4 Followers
3 Following
84 Posts

Visibility beats Perfection

https://www.facebook.com/securitycyber
https://www.linkedin.com/in/charlie-collins-cc-757345381
https://securitycyber.uk/contact
Student-Founded SOC-Focused Ethically Operated. Cyber Defence Built Honestly. Automated cybersecurity intelligence feed. https://securitycyber.uk

🔒 Security Cyber3h ago

CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog

**Critical Alert:** A severe vulnerability (CVE-2026-45247) has been identified and requires immediate attention from security teams worldwide.

## The Details

https://securitycyber.uk

Resources: https://securitycyber.uk | https://www.hackthebox.com

Security Cyber — Offensive Security

Web app pentesting, red team fundamentals, OSINT & vulnerability research by Charlie Collins.

🔒 Security Cyber13h ago
You shouldnt if you can afford your own token usage and have your self a half decent ai sub it would probably be safer to spend 2 days perfecting your own fixing the loops and broken call backs, endless api issues ect before any meaningful use can be had out of it.
i created this tool to help me mange threats and and triage risk and believe it good enough to share
Show thread🔒 Security Cyber13h ago
https://www.facebook.com/securitycyber
SecurityCyber UK | Alexandria

SecurityCyber UK, Alexandria. 18 talking about this. Student-Founded · SOC-Focused · Ethically Operated Cyber Defence Built Honestly. Blue-team focused cyber security: SOC alert triage, threat...

Show thread🔒 Security Cyber13h ago
https://www.facebook.com/securitycyber
SecurityCyber UK | Alexandria

SecurityCyber UK, Alexandria. 18 talking about this. Student-Founded · SOC-Focused · Ethically Operated Cyber Defence Built Honestly. Blue-team focused cyber security: SOC alert triage, threat...

Show thread🔒 Security Cyber13h ago
https://www.facebook.com/securitycyber
SecurityCyber UK | Alexandria

SecurityCyber UK, Alexandria. 18 talking about this. Student-Founded · SOC-Focused · Ethically Operated Cyber Defence Built Honestly. Blue-team focused cyber security: SOC alert triage, threat...

Show thread🔒 Security Cyber13h ago
https://www.facebook.com/securitycyber
Facebook

🔒 Security Cyber14h ago

Releasing a self-hosted threat intelligence engine for the security community.

The price is ethics.

GODSEYE is a fully contained, single-file Python platform combining dark-web OSINT collection, automated crawling, and credential exposure monitoring into an autonomous loop.

Single .py file No SaaS, no subscription, no tracking, no pipeline bloat. Your data stays entirely on your own infrastructure.

What it does out of the box:
• 13-Provider Dark Web Discovery: Built-in parsers for Ahmia, Torch, Haystak, DarkSearch, OnionFind, DuckDuckGo HTML, GitHub, urlscan.io, Wayback CDX, and Common Crawl.
• Tor Native Routing: Built-in SOCKS5h proxy integration for safe onion-space collection.
• Regular Expression Threat Engine: Automatically targets and extracts exposed private keys, cloud secrets (AKIA*, sk-*, ghp_*, xox*), JWTs, credential pairs, UK NINs, IBANs, and SSRF canary trails.
• Operational Compliance: Built-in deduplication, automated provider health checks, and a mechanism to filter out network noise.
• Native Intelligence Map: Active endpoint route tracing (traceroute) with public-hop coordinate mapping via Leaflet.

Integrations & Triage Workflow:
• Live internal 199-alert triage queue with bulk management capabilities and remediation case logging.
• Structured intelligence exports supporting STIX 2.1 bundles, MISP Event JSON, and streaming CSVs.
• State serialization to a private Git repository for automated, auditable backup trails.
• Outbound webhooks for SIEM/SOAR ingestion.

CONTRIBUTORS WANTED
My time and tokens are finite. The codebase is standard FastAPI + SQLite3 + BeautifulSoup4. If you write clean, parameterised Python and want to help build decentralized OSINT tools, let’s talk Ai coding allowed if human audited before commit.

Access is free but vetted. sparce/new social account dont bother asking.
To protect against malicious deployment, operators must sign an Acceptable Use Agreement, being manually added to the private repository. Unauthorized redistribution will be treated as proprietary theft.

If you understand SOCKS5h routing and MITRE ATT&CK maps, this tool was built for you. tool come with firewall Harding Ui tool

DM me or visit securitycyber.uk to review the access terms.

#ThreatIntelligence #OSINT #DarkWeb #RedTeam #BlueTeam #CyberSecurity #SecurityResearch #MITRE

🔒 Security Cyber14h ago
HARDENING UI — Localhost Linux Endpoint Security Control Panel
Running as a single, lightweight .py file (no heavy SaaS, no npm/pip sprawling dependencies), Hardening UI bridges the gap between low-level kernel security and operational firewalld management.
Why it’s more than just a firewall utility:
• SYN Flood & DoS Mitigation: One-click injection of hardened sysctl profiles—enabling net.ipv4.tcp_syncookies and tuning network queues directly in the kernel.
• Spoofing & Route Protection: Automatically drops ICMP and secure redirects, and forces net.ipv4.conf.all.log_martians=1 to flag impossible or spoofed source routing.
• Real-Time Socket Triage: Leverages elevated socket diagnostics (ss) to pull absolute ground-truth network state. It maps listening sockets and established connections, explicitly flagging what is unblocked vs. dropped.
• Hypervisor Profiling: Built-in VMware orchestration profiles. Instantly locks down or exposes ports 902, 903, and 912 based on the hypervisor modules (vmnet, vmmon) detected on your host machine.
• Privacy Service Toggles: Direct systemctl state control for core privacy tunnels and remote shells (SSH, Tor, Tailscale, NordVPN, AnyDesk, Cloudflared).
THE SYNERGY: How it links with GODSEYE
When you are using GODSEYE to crawl the deep web, route traceroutes, or probe exposed targets, your intelligence platform is staring outward. Hardening UI acts as the shield facing inward.
By running both on your collection host:
1. Hardening UI sets your firewalld profile to a strict target=DROP policy and disables default public-facing vectors.
2. The sysctl layer protects your machine from retaliatory SYN floods, network mapping amplifier tricks, or spoofed boundary traps.
3. Your host is locked down while GODSEYE safely pipes threat telemetry over Tor SOCKS5h routing behind the perimeter.
Access is free but rigorously vetted via a signed Acceptable Use Agreement. Vetted operators will be manually added to the private repository. Unauthorized redistribution is treated as software theft.
DM me or head to securitycyber.uk to request access.
#LinuxHardening #CyberSecurity #Firewalld #Sysctl #SecOps #ThreatIntelligence #Infosec #DevSecOps
🔒 Security Cyber23h ago

Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore

**Critical Alert:** A major security incident has been identified and requires immediate defensive action.

## The Details

https://securitycyber.uk

Resources: https://securitycyber.uk | https://www.hackthebox.com

Security Cyber — Offensive Security

Web app pentesting, red team fundamentals, OSINT & vulnerability research by Charlie Collins.

🔒 Security Cyber1d ago

Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts

This is one of those stories that deserves more than a headline skim. The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S.

https://securitycyber.uk

Resources: https://securitycyber.uk | https://www.hackthebox.com

Security Cyber — Offensive Security

Web app pentesting, red team fundamentals, OSINT & vulnerability research by Charlie Collins.