β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Most Popular Top DDoS Attack Tools In 2020
T.me/UndercodeTesting
π¦ππΌπ'π πππΈβπ :
1) HULK It generates unique and obscure traffic It may fail in hiding the identity. Traffic coming through HULK can be blocked.
https://github.com/grafov/hulk
2) Torβs Hammer Apache & IIS server Running the tool through the Tor network will have an added advantage as it hides your identity.
https://sourceforge.net/projects/torshammer/
3) Slowloris Send authorized HTTP traffic to the server As it makes the attack at a slow rate, traffic can be easily detected as abnormal and can be blocked.
https://github.com/gkbrk/slowloris
4) LOIC UDP, TCP, and HTTP requests to the server HIVEMIND mode will allow you to control remote LOIC systems. With the help of this, you can control other computers in Zombie network.
https://sourceforge.net/projects/loic/
5) XOIC DoS attack with TCP or HTTP or UDP or ICMP message Attack made using XOIC can be easily detected and blocked
https://sourceforge.net/directory/?q=xoic
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Most Popular Top DDoS Attack Tools In 2020
T.me/UndercodeTesting
π¦ππΌπ'π πππΈβπ :
1) HULK It generates unique and obscure traffic It may fail in hiding the identity. Traffic coming through HULK can be blocked.
https://github.com/grafov/hulk
2) Torβs Hammer Apache & IIS server Running the tool through the Tor network will have an added advantage as it hides your identity.
https://sourceforge.net/projects/torshammer/
3) Slowloris Send authorized HTTP traffic to the server As it makes the attack at a slow rate, traffic can be easily detected as abnormal and can be blocked.
https://github.com/gkbrk/slowloris
4) LOIC UDP, TCP, and HTTP requests to the server HIVEMIND mode will allow you to control remote LOIC systems. With the help of this, you can control other computers in Zombie network.
https://sourceforge.net/projects/loic/
5) XOIC DoS attack with TCP or HTTP or UDP or ICMP message Attack made using XOIC can be easily detected and blocked
https://sourceforge.net/directory/?q=xoic
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦POPULAR 2020 SOLUTION FOR PREVENT DDOS
T.me/UndercodeTesting
> SolarWinds provides a Security Event Manager that is effective mitigation and prevention software to stop the DDoS Attack.
> It will monitor the event logs from a wide range of sources for detecting and preventing DDoS activities.
π¦ download :
> https://www.solarwinds.com/security-event-manager/use-cases/ddos-attack?CMP=BIZ-RVW-SWTH-DDoSAttackTools-SEM-UC-Q120
π¦FEATURES :
> Centralized log collection and normalization
> Automated threat detection and response
> Integrated compliance reporting tools
> Intuitive dashboard and user interface
> Built-in file integrity monitoring
> Simple and affordable licensing
π¦Their is much more plugins free can use as another tools ...
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦POPULAR 2020 SOLUTION FOR PREVENT DDOS
T.me/UndercodeTesting
> SolarWinds provides a Security Event Manager that is effective mitigation and prevention software to stop the DDoS Attack.
> It will monitor the event logs from a wide range of sources for detecting and preventing DDoS activities.
π¦ download :
> https://www.solarwinds.com/security-event-manager/use-cases/ddos-attack?CMP=BIZ-RVW-SWTH-DDoSAttackTools-SEM-UC-Q120
π¦FEATURES :
> Centralized log collection and normalization
> Automated threat detection and response
> Integrated compliance reporting tools
> Intuitive dashboard and user interface
> Built-in file integrity monitoring
> Simple and affordable licensing
π¦Their is much more plugins free can use as another tools ...
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ HOW TO SETUP YOUR WINDOWS 7> 10 AS a hacking one ?
fb.com/UndercodeTesting
π¦ REQUIREMENTS :
1) DOWNLOAD :
https://sourceforge.net/projects/pentestbox/files/PentestBox-with-Metasploit-v2.2.exe/download
2) Installed here is C: / PentestBox / by default
> Files to download
> ruby (2.3.3) [32-bit]: https://dl.bintray.com/oneclick/rubyinstaller/ruby-2.3.3-i386-mingw32.7z
> msf: git clone https://github.com/rapid7/metasploit-framework.git
> ruby_devkit: http://dl.bintray.com/oneclick/rubyinstaller/DevKit-mingw64-32-4.7.2-20130224-1151-sfx.exe
> WpdPack: http://www.winpcap.org/install/bin/WpdPack_4_1_2.zip
> Replace ruby, delete the original C: \ PentestBox \ base \ ruby file and replace the file
3) ruby_devkit delete the original file
Open DevKit-mingw64-32-4.7.2-20130224-1151-sfx.exe and extract it to C: \ PentestBox \ base \ ruby_devkit
Replace msf
π¦ πβπππΈπππππΈπππβ & βπβ :
1) [Common path:
ruby:% Pentestbox% \ base \ ruby
ruby_devkit:% Pentestbox% \ base \ ruby_devkit
msf:% Pentestbox% \ bin \ metasploit-framework
ruby 2.2.6p396 (2016-11-15 revision 56800) [i386-mingw32]
]
2) hen execute ruby -v and you will see:
ruby 2.3.3p222 (2016-11-21 revision 56859) [i386-mingw32]
3) Then we update the gem and change the domestic source
Run gem update --system
> [If ssl is wrong, execute gem sources --add https://gems.ruby-china.org/ --remove https://rubygems.org/
If it still doesn't work, replace https with http
gem sources --add http://gems.ruby-china.org/ --remove https://rubygems.org/
γ
> gem sources -l ### Checking the current source is enough.
> gem sources --u update source cache
4) Install the bundle ...
gem install bundler
gem install bundle
> bundle config mirror.https: //rubygems.org https://gems.ruby-china.org #Execute this and replace the source of bunlde ... If you encounter ssl, the same solution as above
Update of msf ...
5) First of all, go to the directory of msf .... First, go to the directory of msf .... execute
bundle update
bundle install
[If the error is reported, proceed to the next step. Skip without error]
6) NOW you need to unzip WpdPack to the c drive directory
7) Then modify the extconf.rb file located in% Pentestbox% \ base \ ruby \ lib \ ruby \ gems \ 2.3.0 \ gems \ pcaprub-0.12.4 \ ext \ pcaprub_c, and add two lines of code between pcap_libdir and have_library:
$ CFLAGS = "-I # {pcap_includedir}"
$ LDFLAGS = "-L # {pcap_libdir}"
8) Then execute gem install pcaprub -v '0.12.4' and there will be no problem
9) Since WpdPack is on the C drive by default, it is inconvenient as a penetration test box.
10) The WpdPack path here can be modified. Copy the WpdPack folder unzipped to the C drive to the PentestBox directory.
11) Open extconf.rb under C: \ PentestBox \ base \ ruby \ lib \ ruby \ gems \ 2.3.0 \ gems \ pcaprub-0.12.4 \ ext \ pcaprub_c directory
12) Continue to execute bundle install Continue to execute bundle install [Time is a little long, process ,,,, wait slowly] After the
installation is complete, running msfconsole will cause bcrypt errors. We also need to execute the command:
gem uninstall bcrypt
gem uninstall bcrypt-ruby
13) Execute again
gem install bcrypt --platform = ruby
14) You're done. Win7 64-bit runs perfectly and supports win10 64-bit.
> [In addition: when opening msfconsole, a few lines of error may be reported as shown below]
15) At this time, we only need to modify the C: / PentestBox / base / ruby b / ruby / gems / 2.3.0 / gems / rbnacl-4.0.2 b / rbnacl / sodium ersion.rb file on the error prompt . Just comment out the number of lines reported with errors.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ HOW TO SETUP YOUR WINDOWS 7> 10 AS a hacking one ?
fb.com/UndercodeTesting
π¦ REQUIREMENTS :
1) DOWNLOAD :
https://sourceforge.net/projects/pentestbox/files/PentestBox-with-Metasploit-v2.2.exe/download
2) Installed here is C: / PentestBox / by default
> Files to download
> ruby (2.3.3) [32-bit]: https://dl.bintray.com/oneclick/rubyinstaller/ruby-2.3.3-i386-mingw32.7z
> msf: git clone https://github.com/rapid7/metasploit-framework.git
> ruby_devkit: http://dl.bintray.com/oneclick/rubyinstaller/DevKit-mingw64-32-4.7.2-20130224-1151-sfx.exe
> WpdPack: http://www.winpcap.org/install/bin/WpdPack_4_1_2.zip
> Replace ruby, delete the original C: \ PentestBox \ base \ ruby file and replace the file
3) ruby_devkit delete the original file
Open DevKit-mingw64-32-4.7.2-20130224-1151-sfx.exe and extract it to C: \ PentestBox \ base \ ruby_devkit
Replace msf
π¦ πβπππΈπππππΈπππβ & βπβ :
1) [Common path:
ruby:% Pentestbox% \ base \ ruby
ruby_devkit:% Pentestbox% \ base \ ruby_devkit
msf:% Pentestbox% \ bin \ metasploit-framework
ruby 2.2.6p396 (2016-11-15 revision 56800) [i386-mingw32]
]
2) hen execute ruby -v and you will see:
ruby 2.3.3p222 (2016-11-21 revision 56859) [i386-mingw32]
3) Then we update the gem and change the domestic source
Run gem update --system
> [If ssl is wrong, execute gem sources --add https://gems.ruby-china.org/ --remove https://rubygems.org/
If it still doesn't work, replace https with http
gem sources --add http://gems.ruby-china.org/ --remove https://rubygems.org/
γ
> gem sources -l ### Checking the current source is enough.
> gem sources --u update source cache
4) Install the bundle ...
gem install bundler
gem install bundle
> bundle config mirror.https: //rubygems.org https://gems.ruby-china.org #Execute this and replace the source of bunlde ... If you encounter ssl, the same solution as above
Update of msf ...
5) First of all, go to the directory of msf .... First, go to the directory of msf .... execute
bundle update
bundle install
[If the error is reported, proceed to the next step. Skip without error]
6) NOW you need to unzip WpdPack to the c drive directory
7) Then modify the extconf.rb file located in% Pentestbox% \ base \ ruby \ lib \ ruby \ gems \ 2.3.0 \ gems \ pcaprub-0.12.4 \ ext \ pcaprub_c, and add two lines of code between pcap_libdir and have_library:
$ CFLAGS = "-I # {pcap_includedir}"
$ LDFLAGS = "-L # {pcap_libdir}"
8) Then execute gem install pcaprub -v '0.12.4' and there will be no problem
9) Since WpdPack is on the C drive by default, it is inconvenient as a penetration test box.
10) The WpdPack path here can be modified. Copy the WpdPack folder unzipped to the C drive to the PentestBox directory.
11) Open extconf.rb under C: \ PentestBox \ base \ ruby \ lib \ ruby \ gems \ 2.3.0 \ gems \ pcaprub-0.12.4 \ ext \ pcaprub_c directory
12) Continue to execute bundle install Continue to execute bundle install [Time is a little long, process ,,,, wait slowly] After the
installation is complete, running msfconsole will cause bcrypt errors. We also need to execute the command:
gem uninstall bcrypt
gem uninstall bcrypt-ruby
13) Execute again
gem install bcrypt --platform = ruby
14) You're done. Win7 64-bit runs perfectly and supports win10 64-bit.
> [In addition: when opening msfconsole, a few lines of error may be reported as shown below]
15) At this time, we only need to modify the C: / PentestBox / base / ruby b / ruby / gems / 2.3.0 / gems / rbnacl-4.0.2 b / rbnacl / sodium ersion.rb file on the error prompt . Just comment out the number of lines reported with errors.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Facebook
Log in or sign up to view
See posts, photos and more on Facebook.
π¦ Note:
> If you are a win10 system, the error message "Not an internal or external command" may appear after typing the command. At this time, you need to modify the properties of cmd.
> Use the old console
> and restart the software.
> Pro-test PentestBox operating platform: win7 X64 / win10 X64
> If you are a win10 system, the error message "Not an internal or external command" may appear after typing the command. At this time, you need to modify the properties of cmd.
> Use the old console
> and restart the software.
> Pro-test PentestBox operating platform: win7 X64 / win10 X64
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ALL YOU NEED TO KNOW ABOUT AMPLIFICATION IN DDOS :
t.me/UndercodeTesting
π¦ Vulnerability details
> About DDoS amplification :
1) As an attacker, you need to forge IP. Send a request for sea, quantity, and forged sources. The computer room (firewallrules and uRPF) without BCP38.
2) As a reflection service , two conditions need to be met. First, the udp protocol, which is easy to enlarge, is running on it. That is, using udp or improperly designed udp services can meet certain conditions, and the response packet is much larger than the request packet. Second, the agreement or service has certain use on the Internet, such as dns, ntp and other basic services.
3) Victims, due to the intention of ddos, the victims are generally ι, games, politics and other goals, or for the purpose of destruction, dazzling skills and so on.
π¦About Memcrashed :
1) Since Memcache monitors both TCP and UDP, it naturally meets the reflective DDoS conditions.
2) Memcache is established as an enterprise application, and its business characteristics ensure a high upload bandwidth.
3) Memcache can interact without authentication.
Many users monitor service errors during compilation and installation 0.0.0.0, and do not configure iptables rules or cloud security tenant configuration.
π¦Attack process :
Scan all network port services.
Perform fingerprint identification to obtain unauthenticated Memcache.
Filter all reflective UDP Memcache.
Insert the data state for reflection.
π¦ Attack effect : As previously stated by the 360 ββInformation Security Department 0kee Team in the community, the highest single transmission can be achieved 816200, and the lowest382099
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ALL YOU NEED TO KNOW ABOUT AMPLIFICATION IN DDOS :
t.me/UndercodeTesting
π¦ Vulnerability details
> About DDoS amplification :
1) As an attacker, you need to forge IP. Send a request for sea, quantity, and forged sources. The computer room (firewallrules and uRPF) without BCP38.
2) As a reflection service , two conditions need to be met. First, the udp protocol, which is easy to enlarge, is running on it. That is, using udp or improperly designed udp services can meet certain conditions, and the response packet is much larger than the request packet. Second, the agreement or service has certain use on the Internet, such as dns, ntp and other basic services.
3) Victims, due to the intention of ddos, the victims are generally ι, games, politics and other goals, or for the purpose of destruction, dazzling skills and so on.
π¦About Memcrashed :
1) Since Memcache monitors both TCP and UDP, it naturally meets the reflective DDoS conditions.
2) Memcache is established as an enterprise application, and its business characteristics ensure a high upload bandwidth.
3) Memcache can interact without authentication.
Many users monitor service errors during compilation and installation 0.0.0.0, and do not configure iptables rules or cloud security tenant configuration.
π¦Attack process :
Scan all network port services.
Perform fingerprint identification to obtain unauthenticated Memcache.
Filter all reflective UDP Memcache.
Insert the data state for reflection.
π¦ Attack effect : As previously stated by the 360 ββInformation Security Department 0kee Team in the community, the highest single transmission can be achieved 816200, and the lowest382099
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦RSA ATTACKs :
twitter.com/UndercodeNews
A ) It enables you to test the RSA public key to understand the described vulnerability.
> currently supports the following main formats:
X509 certificate, DER encoding, one * .der, * .crt per file
X509 certificate, PEM encoding, more per file, * .pem
RSA PEM encode private key, public key, more per file, * .pem (must have correct title ----- BEGIN RSA ...)
SSH public key, * .pub, starting with "ssh-rsa", one per line
ASC encoded PGP keys, * .pgp, * .asc. Each file is more and must have the correct title ---- BEGIN PGP ...
APK android application, * .apk
One module * .txt for each line of text file, the module can be a) base64 coded number, b) hex coded number, c) decimal coded
JSON file with modulus, one record per line, supporting certificate with key "cert" with key "certificate" / key "mod" with certificate array (int, base64, hex, dec encoding support), base64 Encode DER.
LDIFF file-LDAP database dump. Any field ending in "; binary" will try to decode to X509 certificate
Java Key Store file (JKS). Try to use an empty password and some common ones, use --jks-pass-file to specify more passwords
PKCS7 signature and user certificate
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦RSA ATTACKs :
twitter.com/UndercodeNews
A ) It enables you to test the RSA public key to understand the described vulnerability.
> currently supports the following main formats:
X509 certificate, DER encoding, one * .der, * .crt per file
X509 certificate, PEM encoding, more per file, * .pem
RSA PEM encode private key, public key, more per file, * .pem (must have correct title ----- BEGIN RSA ...)
SSH public key, * .pub, starting with "ssh-rsa", one per line
ASC encoded PGP keys, * .pgp, * .asc. Each file is more and must have the correct title ---- BEGIN PGP ...
APK android application, * .apk
One module * .txt for each line of text file, the module can be a) base64 coded number, b) hex coded number, c) decimal coded
JSON file with modulus, one record per line, supporting certificate with key "cert" with key "certificate" / key "mod" with certificate array (int, base64, hex, dec encoding support), base64 Encode DER.
LDIFF file-LDAP database dump. Any field ending in "; binary" will try to decode to X509 certificate
Java Key Store file (JKS). Try to use an empty password and some common ones, use --jks-pass-file to specify more passwords
PKCS7 signature and user certificate
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
X (formerly Twitter)
UNDERCODE NEWS (@UndercodeNews) on X
π¦ Latest in Cyber & Tech News with AI-Powered Analysis and Fact Checking.
γjoin us: https://t.co/YVv330UsjQ
More: @DailyCve @UndercodeUpdate
γjoin us: https://t.co/YVv330UsjQ
More: @DailyCve @UndercodeUpdate
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦RSA key security vulnerability detection tool
> kali-parrot-ubuntu...
t.me/UndercodeTesting
π¦ INSTALLISATION & RUN :
> Clone https://github.com/crocs-muni/roca
1) Pip installation
> Install with pip (install all dependencies)
2) pip install roca-detect
Local installation
3) Execute in the root folder of the package:
pip install --upgrade --find-links=. .
rely
4) You may need to install other dependencies, so pip you can install encryption packages, for example.
π¦ CentOS / RHELοΌ
> sudo yum install python-devel python-pip gcc gcc-c++ make automake
> autoreconf libtool openssl-devel libffi-devel dialog
π¦ UbuntuηοΌ
sudo apt-get install python-pip python-dev build-essential libssl-dev libffi-dev swig
usage
π¦ Basic usage of printing:
1) If installed with pip / manually
roca-detect --help
2) Without installation (can miss dependencies)
python fingerprint/detect.py
3) The test tool accepts multiple file names / directories as input parameters. It returns a report showing how many files have been fingerprinted (and which files).
π¦ Example:
Run recursively on all SSH keys and known_hosts:
$> roca-detect ~/.ssh
2017-10-16 13:39:21 [51272] INFO ### SUMMARY ####################
2020 13:39:21 [51272] INFO Records tested: 92
2020 13:39:21 [51272] INFO .. PEM certs :. . . 0
202013:39:21 [51272] INFO .. DER certs :. . . 0
2020 13:39:21 [51272] INFO .. RSA key files: . 16
...
π¦ PGP key
1) To test your PGP key, you can export it from your email client or download it from the PGP key server, for example https://pgp.mit.edu/
2) You can also use the gpg command line utility to export your public key:
gpg --armor --export your@email.com > mykey.asc
π¦ ADVANCED CASES
1) The detection tool extracts displayable keyword information:
> roca-detect.py --dump --flatten --indent ~/.ssh/
Advanced installation method
2) Virtual environment
It is generally recommended to create a new python virtual environment for the project:
virtualenv ~/pyenv
source ~/pyenv/bin/activate
pip install --upgrade pip
pip install --upgrade --find-links=. .
Separate Python 2.7.13
3) It will not work with lower Python versions. Use to pyenv install a new Python version. It downloads the Python source internally and installs it ~/.pyenv.
git clone https://github.com/pyenv/pyenv.git ~/.pyenv
echo 'export PYENV_ROOT="$HOME/.pyenv"' >> ~/.bashrc
echo 'export PATH="$PYENV_ROOT/bin:$PATH"' >> ~/.bashrc
echo 'eval "$(pyenv init -)"' >> ~/.bashrc
exec $SHELL
pyenv install ..v
pyenv local ..v
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦RSA key security vulnerability detection tool
> kali-parrot-ubuntu...
t.me/UndercodeTesting
π¦ INSTALLISATION & RUN :
> Clone https://github.com/crocs-muni/roca
1) Pip installation
> Install with pip (install all dependencies)
2) pip install roca-detect
Local installation
3) Execute in the root folder of the package:
pip install --upgrade --find-links=. .
rely
4) You may need to install other dependencies, so pip you can install encryption packages, for example.
π¦ CentOS / RHELοΌ
> sudo yum install python-devel python-pip gcc gcc-c++ make automake
> autoreconf libtool openssl-devel libffi-devel dialog
π¦ UbuntuηοΌ
sudo apt-get install python-pip python-dev build-essential libssl-dev libffi-dev swig
usage
π¦ Basic usage of printing:
1) If installed with pip / manually
roca-detect --help
2) Without installation (can miss dependencies)
python fingerprint/detect.py
3) The test tool accepts multiple file names / directories as input parameters. It returns a report showing how many files have been fingerprinted (and which files).
π¦ Example:
Run recursively on all SSH keys and known_hosts:
$> roca-detect ~/.ssh
2017-10-16 13:39:21 [51272] INFO ### SUMMARY ####################
2020 13:39:21 [51272] INFO Records tested: 92
2020 13:39:21 [51272] INFO .. PEM certs :. . . 0
202013:39:21 [51272] INFO .. DER certs :. . . 0
2020 13:39:21 [51272] INFO .. RSA key files: . 16
...
π¦ PGP key
1) To test your PGP key, you can export it from your email client or download it from the PGP key server, for example https://pgp.mit.edu/
2) You can also use the gpg command line utility to export your public key:
gpg --armor --export your@email.com > mykey.asc
π¦ ADVANCED CASES
1) The detection tool extracts displayable keyword information:
> roca-detect.py --dump --flatten --indent ~/.ssh/
Advanced installation method
2) Virtual environment
It is generally recommended to create a new python virtual environment for the project:
virtualenv ~/pyenv
source ~/pyenv/bin/activate
pip install --upgrade pip
pip install --upgrade --find-links=. .
Separate Python 2.7.13
3) It will not work with lower Python versions. Use to pyenv install a new Python version. It downloads the Python source internally and installs it ~/.pyenv.
git clone https://github.com/pyenv/pyenv.git ~/.pyenv
echo 'export PYENV_ROOT="$HOME/.pyenv"' >> ~/.bashrc
echo 'export PATH="$PYENV_ROOT/bin:$PATH"' >> ~/.bashrc
echo 'eval "$(pyenv init -)"' >> ~/.bashrc
exec $SHELL
pyenv install ..v
pyenv local ..v
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β