SecurAID securely connects aid organizations directly with individuals in dangerous situations to allow them to discreetly and effectively get the assistance they need.

Overview

SecurAID

Overview

SecurAID securely connects aid organizations directly with individuals in dangerous situations to allow them to discreetly and effectively get the assistance they need.

Trusted users, such as members of aid organizations or people working directly on the ground in a humanitarian crisis, have the ability to create secure logins for people they know in dangerous situations. Using these credentials, at-risk people are able to enter into a secure one-on-one internet chat with members from organizations that can best serve their needs.

Through our secure network of trusted organizations and users, SecurAID greatly minimizes the risk of at-risk individuals communicating with non-trustworthy or malicious sources, and also lowers the risk of them being identified by dangerous people or groups. SecurAID solves three key problems at once: eliminating duplicate information, identity verification, and streamlined resource allocation.

Background

Currently there are many disjointed groups of people helping Afghans that they know who are stuck in a dangerous condition. The efforts to help those in need come with many difficulties. Here's a real-world example to explain the problems encountered:

I've deployed to Afghanistan several times and became friends with my interpreters who had my back in combat. I'm now part of a slack group and a Signal chat group that both provide a place to share critical information and to try to allocate resources to our friends overseas. My ultimate goal is to get my interpreter's family out of Afghanistan, but in the meantime their daughter is suffering from kidney issues and the family is low on money. I've filled out numerous forms for visa paperwork, medical assistance, manifesting the family on future flights, and financial aid, but I have no idea what happens to that information once it's submitted, and very few ways to check the status of the requests. In addition, I've submitted forms only to find out another soldier who previously worked with my interpreter also filled out the same forms for his family. This causes extra work for aid workers to sift through duplicte entries. My Afghan family, along with many others, sometimes receive emails saying that they should go to a certain location at a certain time in order to receive help from American aid, however, many of those emails are traps sent by the Taliban to try to find American sympathizers. These families need a way to make sure that the messages they receive are actually coming from the correct sources.

   

How SecurAID works

SecurAID uses a centralized database to store and eliminate duplicate entries, saving valuable time and making it easy to ensure that a family receives the exact assistance they need. The database contains information about assistance type, allowing effective resource allocation by directing aid requests to the appropriate aid organizations. For instance, if a family needs insulin, their category in the database will be set to "medical needs," which will notify medical aid organizations who can access our database, and will ensure that only one organization is filling the request for aid.

To solve the issue of identity verification, the only people who will be able to add an Afghan family to the database will be someone invited into groups similar to the Slack and Signal chats discussed above. In order for a person to be invited to these chat groups, a person needs to be verified and vouched for by someone already in that group. This creates groups of trusted sources who personally know the Afghans they're trying to help. Once the Afghan account is created by the trusted member, that information is added to the database and the appropriate organization is notified of a person to assist overseas. A person at that organization gets assigned to the Afghan in need, allowing them to update the at-risk individual's database entry as more information about their situation comes in. (Individual entries will be read-only for all others who can access the database and are not actively assisting that individual.) From there, the assigned organization contact will send a link to the Afghan family with a link to a secure one-on-one chat room through SecurAID. Whenever important information is sent, it will be sent through the chat room, which means any other forms of communication received through email, text, etc. can be assumed to be nefarious and can be ignored. No one will have access to the unique chatroom except the organization contact and the person receiving assistance. If an overseas ally needs more than one thing (e.g. legal help for passports and heart medication), they will receive multiple links, one from a different contact at each relevant aid organization (e.g. link fomr a legal office, and one from a medical office). At the same time, the trusted source who created the account can see the status of the request and can inform his/her friend of any updates.

Owner
Ty K
Ty K
Experimental musig2 python code, not for production use!

musig2-py Experimental musig2 python code, not for production use! This is just for testing things out. All public keys are encoded as 32 bytes, assum

Samuel Dobson 14 Jul 08, 2022
Let's you scan the entire internet in a couple of hours and identify all Minecraft servers on IPV4

Minecraft-Server-Scanner Let's you scan the entire internet in a couple of hours and identify all Minecraft servers on IPV4 Installation and running i

116 Jan 08, 2023
An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.

Log4JHunt An automated, reliable scanner for the Log4Shell CVE-2021-44228 vulnerability. Video demo: Usage Here the help usage: $ python3 log4jhunt.py

RedHunt Labs 39 Nov 21, 2022
A Python application to predict what is cooking

ez-cuisine-classifier A Python application to predict what is cooking Environment Python 3.9 Windows 10 Install python -m venv venv .\venv\Scripts\act

Zeheng Li 1 Jun 21, 2022
A passive-recon tool that parses through found assets and interacts with the Hackerone API

Hackerone Passive Recon Tool A passive-recon tool that parses through found assets and interacts with the Hackerone API. Setup Simply run setup.sh to

elbee 4 Jan 13, 2022
Proof-of-concept obfuscation toolkit for C# post-exploitation tools

InvisibilityCloak Proof-of-concept obfuscation toolkit for C# post-exploitation tools. This will perform the below actions for a C# visual studio proj

259 Dec 19, 2022
Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary.

Midas ELF64 Injector Description Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary. All you n

midas 20 Dec 24, 2022
Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT.

Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT. This repository includes tools and documentation for the Cryptick device.

1 Dec 31, 2021
This project is for finding a solution to use Security Onion Elastic data with Jupyter Notebooks.

This project is for finding a solution to use Security Onion Elastic data with Jupyter Notebooks. The goal is to successfully use this notebook project below with Security Onion for beacon detection

4 Jun 08, 2022
This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired

This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired

26 Dec 26, 2022
Exploiting CVE-2021-44228 in vCenter for remote code execution and more

Log4jCenter Exploiting CVE-2021-44228 in vCenter for remote code execution and more. Blog post detailing exploitation linked below: COMING SOON Why? P

81 Dec 20, 2022
Python-based proof-of-concept tool for generating payloads that utilize unsafe Java object deserialization.

Python-based proof-of-concept tool for generating payloads that utilize unsafe Java object deserialization.

Astro 9 Sep 27, 2022
Moodle community-based vulnerability scanner

badmoodle Moodle community-based vulnerability scanner Description badmoodle is an unofficial community-based vulnerability scanner for moodle that sc

Michele Di Bonaventura 11 Dec 22, 2022
This is python script that will extract the functions call in all used DLL in an executable and then provide a mapping of those functions to the attack classes defined and curated malapi.io.

F2Amapper This is python script that will extract the functions call in all used DLL in an executable and then provide a mapping of those functions to

Ajit Kumar 3 Sep 03, 2022
Industry ready custom API payload with an easy format for building Python APIs (Django/Django Rest Framework)

Industry ready custom API payload with an easy format for building Python APIs (Django/Django Rest Framework) Yosh! If you are a django backend develo

Abram (^o^) 7 Sep 30, 2022
Make files with as many random bytes as you want

Lots o' Bytes 🔣 Make files with as many random bytes as you want! Use case Can be used to package malware that is normally small by making the downlo

Addi 1 Jan 13, 2022
python script for hack gmail account using brute force attack

#Creator: johnry #coded by john ry GBrute python script for hack gmail account using brute force attack Commands apt update && apt upgrade git clone h

6 Dec 09, 2022
The Web Application Firewall Paranoia Level Test Tool.

Quick WAF "paranoid" Doctor Evaluation WAFPARAN01D3 The Web Application Firewall Paranoia Level Test Tool. — From alt3kx.github.io Introduction to Par

22 Jul 25, 2022
Auerswald COMpact 8.0B Backdoors exploit

CVE-2021-40859 Auerswald COMpact 8.0B Backdoors exploit About Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow a

6 Sep 22, 2022