Twitter sec memories #5 [23.02.16] (PSMSF/MODBUS/Pin/pentestly/foolav)

Python and Powershell internal penetration testing framework

https://github.com/praetorian-inc/pentestly

PSMSF 

create powershell shell code used in cmd console with Metasploit Framework

Twitter sec memories #4 [16.02.16] (Shellsploit/HackSpy/CVE-2016-0051/REMnux)

Shellsploit

Позволяет генерировать кастомные шеллкоды, бэкдоры и инжекторы для различных операционных систем, с возможностью обфускации через энкодеры.

https://github.com/b3mb4m/shellsploit-framework

Зависимости:

pip install capstone
pip install readline

Пуск:
python setup.py --s/ --setup install

chmod +x shellsploit

./shellsploit

Удаление:

setup.py --s/--setup uninstall

HackSpy-Trojan-Exploit

Тулза для генерации трояна, нацеленного на пробитие windows тачки.

https://github.com/ratty3697/HackSpy-Trojan-Exploit

• Кейлоггер
• Скрины рабочего стола
• Контроль бота через cmd

http://hackingsimplified.com/en/hackspy/

CVE-2016-0051 (Proof-of-concept BSoD (Blue Screen of Death) and Elevation of Privilege (to SYSTEM))

https://github.com/koczkatamas/CVE-2016-0051

REMnux Linux Distro for Malware Analysis

Version 6 Release

OVA

http://downloads.sourceforge.net/project/remnux/version6/remnux-6.0-ova-public.ova?r=&ts=1455610960&use_mirror=heanet

https://zeltser.com/remnux-v6-release-for-malware-analysis/

REMNUX V6 FOR MALWARE ANALYSIS (PART 1-2)

http://malwology.com/2015/06/25/remnux-v6-for-malware-analysis-part-1-voldiff/

Twitter sec memories #3 [15.02.15] (Sublist3r/GoAT/GoBot/DLLRunner)

Sublist3r

Утилита написана на python, для поиска собдоменов, с использованием поисковых движков-Google, Yahoo, Bing, Baidu, и Ask

(Fast subdomains enumeration tool for penetration testers)

https://github.com/aboul3la/Sublist3r

git clone https://github.com/aboul3la/Sublist3r.git
GoAT 

Троян написанный на языке Go, который использует твиттер в качестве командного центра для управления ботами. Имеет руткит подуль, написанный на C для самозащиты и хайда себя в системе.

https://github.com/petercunha/GoAT

Старшим братом которого является:

GoBot

https://github.com/SaturnsVoid/GoBot

DLLRunner

Скрипт на python для анализа dll`лок в песочнице.

                                               https://github.com/neo23x0/dllrunner

Twitter sec memories #2 [04.02.15] (HTTP botnet / Android app analysis vm / Router Hunter / MITM vm )

Моя подборка тулз и заметок по ИБ в одном посте #2
(наиболее интересное что накопилось за пару дней)

Терминальный дашборд:

https://github.com/gizak/termui

Сетап:

master mirrors v2 branch, to install:

go get -u github.com/gizak/termui
For the compatible reason, you can choose to install the legacy version of termui:

go get gopkg.in/gizak/termui.v1

HTTP BOTNET Betabot 1.8.0.0.1(Private Version)

https://userscloud.com/xm8wih87ypca

https://mega.nz/#!hV0RQTQS!T82bIE1X2ZkjeGerkQvU8WgAniMM1ZIqtqs6lIjd4e4

(делать все только на виртуалке)

AndroL4b -виртуалка для реверса приложений для видроида. (A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis)

Download

The tools directory contains tools and frameworks. Labs are in Lab directory.

username : andro
password : androlab

https://github.com/sh4hin/Androl4b

RouterhunterBR 2.0 - тестирование роутеров на уязвимости (automated Tool for Testing in Vulnerable Routers)

Random ips:

python routerhunter.py --dns1 8.8.8.8 --dns2 8.8.4.8 --randomip --limitip 10 --threads 10 

python routerhunter.py --dns1 8.8.8.8 --dns2 8.8.4.8 -rip -lmtip 10 --threads 10

Scanner in range ip: 

python routerhunter.py --dns1 8.8.8.8 --dns2 8.8.4.8 --range 192.168.25.0-255 --threads 10
IP range customized with wildcard / Ex: --startip 201.*.*.* - --endip 201.*.*.* 

python routerhunter.py --dns1 8.8.8.8 --dns2 8.8.4.8 --startip 192.168.*.* --endip 192.168.*.* --threads 10

Brute force with users and passwords on routers that requires authentication, forcing alteration of dns - DSLink 260E. 

python routerhunter.py --dns1 8.8.8.8 --dns2 8.8.4.4 --range 177.106.19.65-70 --bruteforce --threads 10

https://github.com/jh00nbr/Routerhunter-2.0

MITM Virtual Machine

git clone https://github.com/praetorian-inc/mitm-vm.git 

cd mitm-vm 

vagrant up

Twitter sec memories #1 [01.02.15]

Моя подборка тулз и заметок по ИБ в одном посте #1

(наиболее интересное что накопилось за пару дней)

• ICS Security. [Tools, tips, tricks]

Репозиторий посвященный безопасности ICS.

https://github.com/ITI/ICS-Security-Tools#ics-security-tools-tips-and-trade

• Threat Killer

NoVirusThanks Threat Killer is a fully-scriptable malware remover that is able to remove persistent files, kernel drivers installed by rootkits, registry keys and values, terminate processes (even if critical), delete an entire folder (also using recursive) and much more by executing custom scripts.

• FastIR Collector - Windows Incident Response Tool

This tool collects different artefacts on live Windows and records the results in csv files. With the analyses of this artefacts, an early compromission can be detected.

https://github.com/SekoiaLab/Fastir_Collector

• BURPSUITE YARA PLUGIN

http://blog.politoinc.com/2016/01/burpsuite-yara-plugin/

• MassBleed SSL Vulnerability Scanner

sh massbleed.sh [CIDR|IP] [single|port|subnet] [port] [proxy]

https://github.com/1N3/MassBleed

• SELKS (ELK) [iso/vm](Suricata Elasticsearch Logstash Kibana)

SELKS is both Live and installable Network Security Management ISO based on Debian implementing and focusing on a complete and ready to use Suricata IDS/IPS ecosystem with its own graphic rule manager. From start to analysis of IDS/IPS and NSM events in 30 sec.

https://www.stamus-networks.com/open-source/

Via torrent: SELKS-2.1-desktop.iso.torrent
Via HTTP: SELKS-2.1-desktop.iso.