Forwarded from UNDERCODE TESTING
Honeypot_full_+images.pdf
2.4 MB
Forwarded from UNDERCODE TESTING
π¦ Honeypot Integration with Elastic Stack - A Practical Guide π‘
In this project , i have integrated Honeypot (trap for hackers) with the ELK Stack to monitor the real-time alerts and advanced threat hunting. π΅οΈββοΈ
π§ Key Steps:
1οΈβ£ Honeypot Setup: Deployed multiple honeypot services to capture malicious activity. (Requires a public IP π)
2οΈβ£ ELK Stack Installation: The Elastic Stack plays a pivotal role in collecting, storing, and visualizing the data from the T-Pot honeypot. π
3οΈβ£ Data Filtration & Visualization: Filtered and visualized attack data in Kibana for actionable insights. ππ
Note : This project can be extended to capture the IOCβs like users can add their own threat intelligence databases and can use python scripts to train the machine learning models for future use .πFor instance , a MISP instance can be setup to store the IOC's from this honeypot.
Ref: HAMZA JAMEEL
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
In this project , i have integrated Honeypot (trap for hackers) with the ELK Stack to monitor the real-time alerts and advanced threat hunting. π΅οΈββοΈ
π§ Key Steps:
1οΈβ£ Honeypot Setup: Deployed multiple honeypot services to capture malicious activity. (Requires a public IP π)
2οΈβ£ ELK Stack Installation: The Elastic Stack plays a pivotal role in collecting, storing, and visualizing the data from the T-Pot honeypot. π
3οΈβ£ Data Filtration & Visualization: Filtered and visualized attack data in Kibana for actionable insights. ππ
Note : This project can be extended to capture the IOCβs like users can add their own threat intelligence databases and can use python scripts to train the machine learning models for future use .πFor instance , a MISP instance can be setup to store the IOC's from this honeypot.
Ref: HAMZA JAMEEL
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
β‘οΈ ModernBERT: A Powerful and Efficient #Update to Encoder-Only Models
https://undercodenews.com/modernbert-a-powerful-and-efficient-update-to-encoder-only-models/
@Undercode_News
https://undercodenews.com/modernbert-a-powerful-and-efficient-update-to-encoder-only-models/
@Undercode_News
UNDERCODE NEWS
ModernBERT: A Powerful and Efficient Update to Encoder-Only Models - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
β‘οΈ Sandisk Unveils New Branding, Poised for Solo Flight as a Flash Memory Leader
https://undercodenews.com/sandisk-unveils-new-branding-poised-for-solo-flight-as-a-flash-memory-leader/
@Undercode_News
https://undercodenews.com/sandisk-unveils-new-branding-poised-for-solo-flight-as-a-flash-memory-leader/
@Undercode_News
UNDERCODE NEWS
Sandisk Unveils New Branding, Poised for Solo Flight as a Flash Memory Leader - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from Exploiting Crew (Pr1vAt3)
π¦ ShellSweep: Detecting Web Shells Made Easy for Defenders π
π What is ShellSweep?
ShellSweep is a suite of open-source tools designed to detect web shells using entropy analysis, static code checks, and heuristic methods. From incident response to threat hunting, ShellSweep helps defenders identify suspicious files quickly and efficiently.
π Why Defenders Need ShellSweep
β Test Your Coverage: Validate analytic detection for file mods, process executions, and suspicious behavior from web shells.
β Tuning & Training: Scan web servers, analyze entropy baselines, and tune detection to YOUR environment.
β Lightweight & Customizable: Works locally, supports PowerShell, Python, and Lua. Full control with zero dependency on external services.
π ShellSweep: The foundation.
- Detects web shells using entropy-based analysis.
- Scans key extensions (.asp, .aspx, .php, .jsp) for high-entropy anomalies.
- Outputs file paths, entropy values, and hashes.
ππ ShellSweepPlus: Enhanced detection.
- Dynamic entropy thresholds.
- Multi-layered detection: Entropy, StdDev, Mixed Mode, and Heuristics.
- Static code analysis to spot malicious patterns.
- JSON outputs for structured results & further analysis.
πππ ShellSweepX: Next-level, centralized detection.
- Combines entropy analysis, machine learning, and YARA rule matching.
- Cross-platform (PowerShell, Python, Bash).
- API integration for automated scans and result management.
- Web interface for visualizing and managing detections.
β¨ Perfect for Incident Responders & Threat Hunters
π‘ Deploy ShellSweep tools in test or production environments.
π Load up your preferred web shells, simulate uploads, and refine detection rules.
π Detect new or obfuscated threats. Identify gaps. Tune your defenses.
π§° ShellSweep: ShellSweeping the Evil!
Ref: Michael H.Michael H.
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π What is ShellSweep?
ShellSweep is a suite of open-source tools designed to detect web shells using entropy analysis, static code checks, and heuristic methods. From incident response to threat hunting, ShellSweep helps defenders identify suspicious files quickly and efficiently.
π Why Defenders Need ShellSweep
β Test Your Coverage: Validate analytic detection for file mods, process executions, and suspicious behavior from web shells.
β Tuning & Training: Scan web servers, analyze entropy baselines, and tune detection to YOUR environment.
β Lightweight & Customizable: Works locally, supports PowerShell, Python, and Lua. Full control with zero dependency on external services.
π ShellSweep: The foundation.
- Detects web shells using entropy-based analysis.
- Scans key extensions (.asp, .aspx, .php, .jsp) for high-entropy anomalies.
- Outputs file paths, entropy values, and hashes.
ππ ShellSweepPlus: Enhanced detection.
- Dynamic entropy thresholds.
- Multi-layered detection: Entropy, StdDev, Mixed Mode, and Heuristics.
- Static code analysis to spot malicious patterns.
- JSON outputs for structured results & further analysis.
πππ ShellSweepX: Next-level, centralized detection.
- Combines entropy analysis, machine learning, and YARA rule matching.
- Cross-platform (PowerShell, Python, Bash).
- API integration for automated scans and result management.
- Web interface for visualizing and managing detections.
β¨ Perfect for Incident Responders & Threat Hunters
π‘ Deploy ShellSweep tools in test or production environments.
π Load up your preferred web shells, simulate uploads, and refine detection rules.
π Detect new or obfuscated threats. Identify gaps. Tune your defenses.
π§° ShellSweep: ShellSweeping the Evil!
Ref: Michael H.Michael H.
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - splunk/ShellSweep: ShellSweeping the evil.
ShellSweeping the evil. Contribute to splunk/ShellSweep development by creating an account on GitHub.
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
China Accuses US of Cyberespionage
https://undercodenews.com/china-accuses-us-of-cyberespionage/
@Undercode_News
https://undercodenews.com/china-accuses-us-of-cyberespionage/
@Undercode_News
UNDERCODE NEWS
China Accuses US of Cyberespionage - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π Zomato's Packaging Charges Spark Debate, Footballer Steps In
https://undercodenews.com/zomatos-packaging-charges-spark-debate-footballer-steps-in/
@Undercode_News
https://undercodenews.com/zomatos-packaging-charges-spark-debate-footballer-steps-in/
@Undercode_News
UNDERCODE NEWS
Zomato's Packaging Charges Spark Debate, Footballer Steps In - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
Agents: The Next Frontier of #AI
https://undercodenews.com/agents-the-next-frontier-of-ai/
@Undercode_News
https://undercodenews.com/agents-the-next-frontier-of-ai/
@Undercode_News
UNDERCODE NEWS
Agents: The Next Frontier of AI - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
Nothing #OS 30: A Fresh Take on #Android 15
https://undercodenews.com/nothing-os-30-a-fresh-take-on-android-15/
@Undercode_News
https://undercodenews.com/nothing-os-30-a-fresh-take-on-android-15/
@Undercode_News
UNDERCODE NEWS
Nothing OS 30: A Fresh Take on Android 15 - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
πΎ Level Up Your Rig with Artistic Flair: COLORFUL Unveils iGame Shadow DDR5 Memory
https://undercodenews.com/level-up-your-rig-with-artistic-flair-colorful-unveils-igame-shadow-ddr5-memory/
@Undercode_News
https://undercodenews.com/level-up-your-rig-with-artistic-flair-colorful-unveils-igame-shadow-ddr5-memory/
@Undercode_News
UNDERCODE NEWS
Level Up Your Rig with Artistic Flair: COLORFUL Unveils iGame Shadow DDR5 Memory - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π§ Combating #Digital Scams with Artificial Intelligence: Introducing MINERVA
https://undercodenews.com/combating-digital-scams-with-artificial-intelligence-introducing-minerva/
@Undercode_News
https://undercodenews.com/combating-digital-scams-with-artificial-intelligence-introducing-minerva/
@Undercode_News
UNDERCODE NEWS
Combating Digital Scams with Artificial Intelligence: Introducing MINERVA - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
Aligning with CISA's Zero Trust Maturity Model: #Microsoft's Guidance for Government Agencies
https://undercodenews.com/aligning-with-cisas-zero-trust-maturity-model-microsofts-guidance-for-government-agencies/
@Undercode_News
https://undercodenews.com/aligning-with-cisas-zero-trust-maturity-model-microsofts-guidance-for-government-agencies/
@Undercode_News
UNDERCODE NEWS
Aligning with CISA's Zero Trust Maturity Model: Microsoft's Guidance for Government Agencies - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π Power Up Your Play: A Beginner's Guide to Conquering Xbox
https://undercodenews.com/power-up-your-play-a-beginners-guide-to-conquering-xbox/
@Undercode_News
https://undercodenews.com/power-up-your-play-a-beginners-guide-to-conquering-xbox/
@Undercode_News
UNDERCODE NEWS
Power Up Your Play: A Beginner's Guide to Conquering Xbox - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
β‘οΈ #Microsoft's New Zero Trust Guidance: A Step Towards Enhanced Security
https://undercodenews.com/microsofts-new-zero-trust-guidance-a-step-towards-enhanced-security/
@Undercode_News
https://undercodenews.com/microsofts-new-zero-trust-guidance-a-step-towards-enhanced-security/
@Undercode_News
UNDERCODE NEWS
Microsoft's New Zero Trust Guidance: A Step Towards Enhanced Security - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from Exploiting Crew (Pr1vAt3)
π¦Encryption vs Hashing - What's the difference?
Imagine you have a secret recipe for a cake, and you want to share it with a friend.
π€΅Encryption:
You lock the recipe in a box with a key and give the box to your friend.
Your friend can unlock the box (with the key you gave them) and read the recipe.
If someone else finds the box without the key, they can't read it.
Key Point: It can be reversed if you have the key (decrypt it).
π§Hashing:
You put the recipe in a blender and blend it into a unique smoothie.
Now itβs impossible to get the original recipe back from the smoothie.
But if someone else blends the exact same recipe, theyβll get the exact same smoothie.
Key Point: One-way process. You canβt go back to the recipe, but you can check if two smoothies match.
In short:
Encryption is like locking something upβcan be unlocked.
Hashing is like turning it into mushβyou canβt un-mush it!
As both methods involve turning data into a scrambled form, one might consider these two the same. However, there is a distinction you must know about:
Data is encrypted twice while itβs only hashed once.
One can encrypt/decrypt a piece of data, meaning that the original text can be retrieved back. However, retrieval of plain text isnβt possible if data is hashed once.
Ref: Santosh Nandakumar
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Imagine you have a secret recipe for a cake, and you want to share it with a friend.
π€΅Encryption:
You lock the recipe in a box with a key and give the box to your friend.
Your friend can unlock the box (with the key you gave them) and read the recipe.
If someone else finds the box without the key, they can't read it.
Key Point: It can be reversed if you have the key (decrypt it).
π§Hashing:
You put the recipe in a blender and blend it into a unique smoothie.
Now itβs impossible to get the original recipe back from the smoothie.
But if someone else blends the exact same recipe, theyβll get the exact same smoothie.
Key Point: One-way process. You canβt go back to the recipe, but you can check if two smoothies match.
In short:
Encryption is like locking something upβcan be unlocked.
Hashing is like turning it into mushβyou canβt un-mush it!
As both methods involve turning data into a scrambled form, one might consider these two the same. However, there is a distinction you must know about:
Data is encrypted twice while itβs only hashed once.
One can encrypt/decrypt a piece of data, meaning that the original text can be retrieved back. However, retrieval of plain text isnβt possible if data is hashed once.
Ref: Santosh Nandakumar
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π‘οΈ Paragon's 00M Sale in Limbo: Defense Ministry Intervenes
https://undercodenews.com/paragons-00m-sale-in-limbo-defense-ministry-intervenes/
@Undercode_News
https://undercodenews.com/paragons-00m-sale-in-limbo-defense-ministry-intervenes/
@Undercode_News
UNDERCODE NEWS
Paragon's 00M Sale in Limbo: Defense Ministry Intervenes - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π¨ Cyberattacks on Critical Infrastructure: The Growing Threat from IRGC-Affiliated Groups
https://undercodenews.com/cyberattacks-on-critical-infrastructure-the-growing-threat-from-irgc-affiliated-groups/
@Undercode_News
https://undercodenews.com/cyberattacks-on-critical-infrastructure-the-growing-threat-from-irgc-affiliated-groups/
@Undercode_News
UNDERCODE NEWS
Cyberattacks on Critical Infrastructure: The Growing Threat from IRGC-Affiliated Groups - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π‘οΈ Why Your PC Needs a TPM: A Deep Dive into #Windows 11 Security
https://undercodenews.com/why-your-pc-needs-a-tpm-a-deep-dive-into-windows-11-security/
@Undercode_News
https://undercodenews.com/why-your-pc-needs-a-tpm-a-deep-dive-into-windows-11-security/
@Undercode_News
UNDERCODE NEWS
Why Your PC Needs a TPM: A Deep Dive into Windows 11 Security - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦