Microsoft on Thursday disclosed that it found a new version of the BlackCat ransomware (aka ALPHV and Noberus) that embeds tools like Impacket and RemCom to facilitate lateral movement and remote code execution. “The Impacket tool has credential dumping and remote service execution modules that could be used for broad deployment of the BlackCat ransomware […]
Control Web Panel, which was formerly known as CentOS Web Panel and comes in both free and paid versions, is a web hosting control panel that is both open source and free to use. It was developed to allow for the quick and easy management of servers (both dedicated and virtual private servers) without the […]
In the past few weeks, an organization in Eastern Europe has been the victim of the biggest DDoS attack that the continent has ever experienced. During the past month, several DDoS attacks have been launched against the target, a customer of Akamai, as part of an ongoing assault. Attackers are increasingly using DDoS attacks to […]
In order to conceal malicious processes, a new Linux rootkit malware dubbed, ‘Syslogk’ has been hacking computers by using specially crafted “magic packets” and specially crafted exploits to wake up a hidden backdoor that is hidden on the machine. The new malware was discovered by researchers at the antivirus firm Avast. Based on an open-source […]
A new covert Linux kernel rootkit named Syslogk has been spotted under development in the wild and cloaking a malicious payload that can be remotely commandeered by an adversary using a magic network traffic packet. “The Syslogk rootkit is heavily based on Adore-Ng but incorporates new functionalities making the user-mode application and the kernel rootkit […]
ZMap is a fast single packet network scanner designed for Internet-wide network surveys. On a typical desktop computer with a gigabit Ethernet connection, ZMap is capable scanning the entire public IPv4 address space in under 45 minutes. With a 10gigE connection and PF_RING, ZMap can scan the IPv4 address space in under 5 minutes. […]
We are living in the era of the digital economy where companies are collecting and storing tons of valuable customer data on a daily basis. As it has turned out, data is an important input in the competitiveness, growth, and revenue generation for any company across industries. But every valuable resource has its vulnerabilities, and […]
Also known as DPI, deep packet inspection is a kind of packet filtering that evaluates the data and header of a packet that is transmitted through an inspection unit to weed out any control that is non-compliant; any viruses, spam, or intrusions; and any other defined criteria in order to block that packet from passing […]
There are many tools used in by network administrator to scan network. Continuous network scanning is done to check if any malicious activity is going or not. Probably, Wireshark is most used tool in ethical hacking courses offered by International Institute of Cyber Security to check running activity on the network. According to ethical hacking […]
We are surrounded by Bluetooth radio signals and most of the devices that we see around — smartphones, wireless computer networks, and wireless earbuds — use Bluetooth transmitters for transmitting signals. However, contemporary transmitters have two problems: heavy power consumption which is why Bluetooth earbuds usually have a talk time of just 4 to 5 hours, […]
Justniffer is a network protocol analyzer that captures network traffic and produces logs in a customized way, can emulate Apache web server log files, track response times and extract all “intercepted” files from the HTTP traffic. It lets you interactively trace tcp traffic from a live network or from a previously saved capture file. Justniffer’s […]
fwknop implements an authorization scheme known as Single Packet Authorization (SPA) for strong service concealment. SPA requires only a single packet which is encrypted, non-replayable, and authenticated via an HMAC in order to communicate desired access to a service that is hidden behind a firewall in a default-drop filtering stance. The main application of SPA […]
DDoS attacks are launched aiming to exhaust the resources of network, application or service so that the legitimate users unable to access the resource. Imperva mitigated a high-intensity DDoS attack for one of their customers which crossed 500 million packets per second (Mpps) mark which 4 times higher than the DDo attack on Github happened last […]
Interactive sip toolkit for packet manipulations, sniffing, man in the middle attacks, fuzzing, simulating of dos attacks. Video Setup git clone https://github.com/halitalptekin/isip.git cd isip pip install -r requirements.txt Usage Packet manipulation tools are in packet cmd loop. First start, you are in the main cmd loop. isip:main> packet isip:packet> Create a new sip packet with […]
PacketWhisper – Stealthily Transfer Data & Defeat Attribution Using DNS Queries & Text-Based Steganography, without the need for attacker-controlled Name Servers or domains Evade DLP/MLS Devices; Defeat Data- & DNS Name Server Whitelisting Controls. Convert any file type (e.g. executables, Office, Zip, images) into a list of Fully Qualified Domain Names (FQDNs), use DNS queries […]
Tcpflow is a TCP/IP Demultiplexer. Tcpflow is used to record traffic mainly between 2 hosts although it can be used to monitor thousands of connections. Tcpflow differs from other tools by actually capturing the real data and dumping it to a file we specify. It can be then further used for other analysis purposes. One […]
Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and for some protocols (e.g. SMB1-3 and MSRPC) the protocol implementation itself. Packets can be constructed from scratch, as well as parsed from raw data, and the object oriented API makes it […]
A team of researchers from Vrije University in Amsterdam and the University of Cyprus found a way to launch Rowhammer attacks through network packets and network cards. This, according to information security experts, makes Rowhammer attacks be launched in a more facile and comfortable way, since the malicious actor only needs to bombard the victim’s […]
Polymoprh is a framework written in the Python3 programming language that allows the modification of network packets in real time, providing maximum control to the user over the contents of the packet. This framework is intended to provide an effective solution for real-time modification of network packets that implement practically any existing protocol, including private […]
CyberScan is an open source penetration testing tool that can analyse packets , decoding , scanning ports, pinging and geolocation of an IP including (latitude, longitude , region , country …) Operating Systems Supported Windows XP/7/8/8.1/10 GNU/Linux MacOSX Installation You can download CyberScan by cloning the Git repository: git clone https://github.com/medbenali/CyberScan.git cd CyberScan/ python CyberScan.py […]
Wimonitor is a wonderful product from Hacker Arsenal that saves pentesters the hassle of having to configure VMs, carry compatible wireless cards that support monitor mode etc. and comes with a web interface to do the configurations. It gives you the flexibility to plug in the device into the Ethernet port and start Wi-Fi monitoring on […]