Zscaler’s ThreatLabz research team detected a formidable adversary: DreamBus. A Linux-based malware family, DreamBus has been quietly evolving, honing its capabilities to exploit vulnerabilities in business applications. DreamBus, initially identified in early 2019, has...
SSH-Snake: Automated SSH-Based Network Traversal SSH-Snake is a powerful tool designed to perform automatic network traversal using SSH private keys discovered on systems, to create a comprehensive map of a network and its dependencies,...
OpenSSH, a critical component in secure networking, has recently faced a formidable challenge. A now-patched security vulnerability, with a CVSS score of 9.8, threatened the very core of its secure channel operations. Identified as...
The digital realm is no stranger to ingenious exploits, and the latest breakthrough in cybersecurity research is no exception. Researchers have unveiled “Mayhem,” a formidable attack technique that targets the very heart of computing...
The Bastion Bastions are a cluster of machines used as the unique entry point by operational teams (such as sysadmins, developers, database admins, …) to securely connect to devices (servers, virtual machines, cloud instances,...
Forensics / Network PenTest / Password Attacks / Reverse Engineering / Sniffing & Spoofing
by do son · Published July 2, 2018
pythem – Penetration Testing Framework pythem is a multi-purpose pentest framework written in Python. It has been developed to be used by security researchers and security professionals. Usage Examples ARP spoofing – Man-in-the-middle. ARP+DNS...
Visual Basic GUI (VBG for short) uses an X11 forwarded SSH session to remotely execute commands on the client. Motivation On its usual mode of operation SSH requires the client to be trusted by...
pr0cks python script to transparently forward all TCP and DNS traffic through socks (like ssh -D option) or HTTPS (CONNECT) proxy using iptables -j REDIRECT target. Only works on Linux for now. Features: set...
As early as 2015, Microsoft announced that Windows will natively support SSH. Secure Shell (SSH) is a cryptographicnetwork protocol for operating network services securely over an unsecured network on Linux. SSH provides a secure channel over an unsecured network in a client-server architecture,...
Google Authenticator OpenSource The Google Authenticator project includes implementations of one-time passcode generators for several mobile platforms. One-time passcodes are generated using open standards developed by the Initiative for Open Authentication (OATH) (which is unrelated to OAuth)....
Wetland Wetland is a high interaction SSH honeypot,designed to log brute force attacks.What’s more, wetland will log shell、scp、sftp、exec-command、direct-forward、reverse-forward interation performded by the attacker. Wetland is based on python ssh module paramiko. And wetland runs as...
Three main source versions of the control system Git, Subversion (svn), CVS, Mercurial, today released an update patch that fixes a client code execution vulnerability. The vulnerability was discovered and reported by Brian Neel...
SSH Short for Secure Shell, SSH (developed by SSH Communications Security Ltd.) is a secure protocol for remote logins. Using an SSH client, a user can connect to a server to transfer information in...
Exploitation / Metasploit / Network PenTest
by do son · Published July 21, 2017 · Last modified August 5, 2017
Tool Name: MeterSSH Written by: David Kennedy Company: TrustedSec Website: https://www.trustedsec.com Twitter: @TrustedSec, @HackingDave MeterSSH is a way to take shellcode, inject it into memory then tunnel whatever port you want to over SSH to mask...
Fail2Ban is an intrusion prevention software framework that protects computer servers from brute-force attacks. Written in the Python programming language, it is able to run on POSIX systems that have an interface to a...
Secure Your Connection
