SecurAID securely connects aid organizations directly with individuals in dangerous situations to allow them to discreetly and effectively get the assistance they need.

Overview

SecurAID

Overview

SecurAID securely connects aid organizations directly with individuals in dangerous situations to allow them to discreetly and effectively get the assistance they need.

Trusted users, such as members of aid organizations or people working directly on the ground in a humanitarian crisis, have the ability to create secure logins for people they know in dangerous situations. Using these credentials, at-risk people are able to enter into a secure one-on-one internet chat with members from organizations that can best serve their needs.

Through our secure network of trusted organizations and users, SecurAID greatly minimizes the risk of at-risk individuals communicating with non-trustworthy or malicious sources, and also lowers the risk of them being identified by dangerous people or groups. SecurAID solves three key problems at once: eliminating duplicate information, identity verification, and streamlined resource allocation.

Background

Currently there are many disjointed groups of people helping Afghans that they know who are stuck in a dangerous condition. The efforts to help those in need come with many difficulties. Here's a real-world example to explain the problems encountered:

I've deployed to Afghanistan several times and became friends with my interpreters who had my back in combat. I'm now part of a slack group and a Signal chat group that both provide a place to share critical information and to try to allocate resources to our friends overseas. My ultimate goal is to get my interpreter's family out of Afghanistan, but in the meantime their daughter is suffering from kidney issues and the family is low on money. I've filled out numerous forms for visa paperwork, medical assistance, manifesting the family on future flights, and financial aid, but I have no idea what happens to that information once it's submitted, and very few ways to check the status of the requests. In addition, I've submitted forms only to find out another soldier who previously worked with my interpreter also filled out the same forms for his family. This causes extra work for aid workers to sift through duplicte entries. My Afghan family, along with many others, sometimes receive emails saying that they should go to a certain location at a certain time in order to receive help from American aid, however, many of those emails are traps sent by the Taliban to try to find American sympathizers. These families need a way to make sure that the messages they receive are actually coming from the correct sources.

   

How SecurAID works

SecurAID uses a centralized database to store and eliminate duplicate entries, saving valuable time and making it easy to ensure that a family receives the exact assistance they need. The database contains information about assistance type, allowing effective resource allocation by directing aid requests to the appropriate aid organizations. For instance, if a family needs insulin, their category in the database will be set to "medical needs," which will notify medical aid organizations who can access our database, and will ensure that only one organization is filling the request for aid.

To solve the issue of identity verification, the only people who will be able to add an Afghan family to the database will be someone invited into groups similar to the Slack and Signal chats discussed above. In order for a person to be invited to these chat groups, a person needs to be verified and vouched for by someone already in that group. This creates groups of trusted sources who personally know the Afghans they're trying to help. Once the Afghan account is created by the trusted member, that information is added to the database and the appropriate organization is notified of a person to assist overseas. A person at that organization gets assigned to the Afghan in need, allowing them to update the at-risk individual's database entry as more information about their situation comes in. (Individual entries will be read-only for all others who can access the database and are not actively assisting that individual.) From there, the assigned organization contact will send a link to the Afghan family with a link to a secure one-on-one chat room through SecurAID. Whenever important information is sent, it will be sent through the chat room, which means any other forms of communication received through email, text, etc. can be assumed to be nefarious and can be ignored. No one will have access to the unique chatroom except the organization contact and the person receiving assistance. If an overseas ally needs more than one thing (e.g. legal help for passports and heart medication), they will receive multiple links, one from a different contact at each relevant aid organization (e.g. link fomr a legal office, and one from a medical office). At the same time, the trusted source who created the account can see the status of the request and can inform his/her friend of any updates.

Owner
Ty K
Ty K
A terminal based web shell controller

shell-hack Tribute to Chinese ant sword; A Powerful terminal based webshell controller; Usage : Usage : python3 shell-hack.py --url [URL] --w

s1mple 10 Dec 28, 2021
Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary.

Midas ELF64 Injector Description Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary. All you n

midas 20 Dec 24, 2022
Uncover the full name of a target on Linkedin.

Revealin Uncover the full name of a target on Linkedin. It's just a little PoC exploiting a design flaw. Useful for OSINT. Screenshot Usage $ git clon

mxrch 129 Dec 21, 2022
Python Toolkit containing different Cyber Attacks Tools

Helikopter Python Toolkit containing different Cyber Attacks Tools. Tools in Helikopter Toolkit 1. FattyNigger (PYTHON WORM) 2. Taxes (PYTHON PASS EXT

Saqlain Naqvi 22 Dec 04, 2022
解密哥斯拉webshell管理工具流量

kingkong 解密哥斯拉Godzilla-V2.96 webshell管理工具流量 目前只支持jsp类型的webshell流量解密 Usage 获取攻击者上传到服务器的webshell样本 获取wireshark之类的流量包,一般甲方有科来之类的全流量镜像设备,联系运维人员获取,这里以test.

h4ck for fun 46 Dec 21, 2022
Time Discretization-Invariant Safe Action Repetition for Policy Gradient Methods

Time Discretization-Invariant Safe Action Repetition for Policy Gradient Methods This repository is the official implementation of Seohong Park, Jaeky

Seohong Park 6 Aug 02, 2022
GitLab CE/EE Preauth RCE using ExifTool

CVE-2021-22205 GitLab CE/EE Preauth RCE using ExifTool This project is for learning only, if someone's rights have been violated, please contact me to

3ND 164 Dec 10, 2022
Denial Attacks by Various Methods

Denial Service Attack Denial Attacks by Various Methods IIIIIIIIIIIIIIIIIIII PPPPPPPPPPPPPPPPP VVVVVVVV VVVVVVVV I::

Baris Dincer 9 Nov 26, 2022
A secure way of storing your passwords.

StrongBox 🔐 A secure way of storing your passwords. 🔑 Why to use StrongBox? StrongBox makes it possible to have a random generated strong password i

Dylan Tintenfich 5 Dec 25, 2021
CVE-2021-43936 is a critical vulnerability (CVSS3 10.0) leading to Remote Code Execution (RCE) in WebHMI Firmware.

CVE-2021-43936 CVE-2021-43936 is a critical vulnerability (CVSS3 10.0) leading to Remote Code Execution (RCE) in WebHMI Firmware. This vulnerability w

Jeremiasz Pluta 8 Jul 05, 2022
An advanced multi-threaded, multi-client python reverse shell for hacking linux systems

PwnLnX An advanced multi-threaded, multi-client python reverse shell for hacking linux systems. There's still more work to do so feel free to help out

0xTRAW 212 Dec 24, 2022
A python script to brute-force guess the passwords to Instagram accounts

Instagram-Brute-Force The purpose of this script is to brute-force guess the passwords to Instagram accounts. Specifics: Comes with 2 separate modes i

Moondog 2 Nov 16, 2021
Fuzz introspector is a tool to help fuzzer developers to get an understanding of their fuzzer’s performance and identify any potential blockers.

Fuzz introspector Fuzz introspector is a tool to help fuzzer developers to get an understanding of their fuzzer’s performance and identify any potenti

Open Source Security Foundation (OpenSSF) 221 Jan 01, 2023
Script hecho en python para sacar la informacion del numero de telefono, Hecha con el API de numverify

Script hecho en python para sacar la informacion del numero de telefono, Hecha con el API de numverify

DW Dariel 5 Dec 03, 2022
A Python script that can be used to check if a SAP system is affected by CVE-2022-22536

Vulnerability assessment for CVE-2022-22536 This repository contains a Python script that can be used to check if a SAP system is affected by CVE-2022

Onapsis Inc. 42 Dec 01, 2022
SonicWall SMA-100 Unauth RCE Exploit (CVE-2021-20038)

Bad Blood Bad Blood is an exploit for CVE-2021-20038, a stack-based buffer overflow in the httpd binary of SMA-100 series systems using firmware versi

Jake Baines 80 Dec 29, 2022
A simple linux keylogger project.

The project This project is a simple linux keylogger. When activated, it registers all the actions made with the keyboard. The log files are registere

1 Oct 24, 2021
Script Crack Facebook Premium 🚶‍♂

prem Script Crack Facebook Premium 🚶‍♂ Install Script $ pkg update && pkg update $ termux-setup-storage $ pkg install git $ pkg install python $ pip

Yumasaa 1 Dec 03, 2021
Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, downloads, history, and more.

ChromePE [Linux/Windows] Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, download

Finn Lancaster 3 Oct 05, 2022
PasswordManager is a command-line program that helps you manage your secret files like passwords

PasswordManager is a command-line program that helps you manage your secret files like passwords. It's very minimalistic and easy to use.

Michael 3 Dec 30, 2021