Experts at runZero have uncovered numerous vulnerabilities related to poorly secured or improperly implemented SSH services, an unexpected discovery during their investigation of a backdoor in the XZ Utils data...
Security analysts at Sucuri have uncovered a novel attack technique targeting e-commerce websites, where cybercriminals abuse swap files to maintain persistent credit card skimmers. The incident involved a Magento site...
Zscaler’s ThreatLabz research team detected a formidable adversary: DreamBus. A Linux-based malware family, DreamBus has been quietly evolving, honing its capabilities to exploit vulnerabilities in business applications. DreamBus, initially identified...
SSH-Snake: Automated SSH-Based Network Traversal SSH-Snake is a powerful tool designed to perform automatic network traversal using SSH private keys discovered on systems, to create a comprehensive map of a...
OpenSSH, a critical component in secure networking, has recently faced a formidable challenge. A now-patched security vulnerability, with a CVSS score of 9.8, threatened the very core of its secure...
The digital realm is no stranger to ingenious exploits, and the latest breakthrough in cybersecurity research is no exception. Researchers have unveiled “Mayhem,” a formidable attack technique that targets the...
Forensics / Network PenTest / Password Attacks / Reverse Engineering / Sniffing & Spoofing
by do son · Published July 2, 2018
pythem – Penetration Testing Framework pythem is a multi-purpose pentest framework written in Python. It has been developed to be used by security researchers and security professionals. Usage Examples ARP...
Visual Basic GUI (VBG for short) uses an X11 forwarded SSH session to remotely execute commands on the client. Motivation On its usual mode of operation SSH requires the client...
pr0cks python script to transparently forward all TCP and DNS traffic through socks (like ssh -D option) or HTTPS (CONNECT) proxy using iptables -j REDIRECT target. Only works on Linux...
As early as 2015, Microsoft announced that Windows will natively support SSH. Secure Shell (SSH) is a cryptographicnetwork protocol for operating network services securely over an unsecured network on Linux. SSH provides a secure channel over an...
Google Authenticator OpenSource The Google Authenticator project includes implementations of one-time passcode generators for several mobile platforms. One-time passcodes are generated using open standards developed by the Initiative for Open Authentication...
Wetland Wetland is a high interaction SSH honeypot,designed to log brute force attacks.What’s more, wetland will log shell、scp、sftp、exec-command、direct-forward、reverse-forward interation performded by the attacker. Wetland is based on python ssh module paramiko....
Three main source versions of the control system Git, Subversion (svn), CVS, Mercurial, today released an update patch that fixes a client code execution vulnerability. The vulnerability was discovered and...
SSH Short for Secure Shell, SSH (developed by SSH Communications Security Ltd.) is a secure protocol for remote logins. Using an SSH client, a user can connect to a server...
Exploitation / Metasploit / Network PenTest
by do son · Published July 21, 2017 · Last modified August 5, 2017
Tool Name: MeterSSH Written by: David Kennedy Company: TrustedSec Website: https://www.trustedsec.com Twitter: @TrustedSec, @HackingDave MeterSSH is a way to take shellcode, inject it into memory then tunnel whatever port you want to...
Support Securityonline.info site. Thanks!
