一隅

手握三尺青锋,平尽天下不平事

Powershell-RAT and Python-Rootkit

0x01 前言

两款基于Python的可绕过安全检测的RAT,简单分析下代码

Powershell-RAT Python based backdoor that uses Gmail to exfiltrate data as an e-mail attachment

Python-Rootkit Python Remote Administration Tool (RAT) to gain meterpreter session

共同点差不多就是:功能单一、相对隐蔽

Use your social engineer skills to make him open the file这句话逗笑了,精髓啊

ICMP隧道穿透

0x01 什么是ICMP
ICMP:Internet控制报文协议。由于IP协议并不是一个可靠的协议,它不保证数据被成功送达,那么,如何才能保证数据的可靠送达呢? 这里就需要使用到一个重要的协议模块ICMP(网络控制报文)协议。它传递差错报文以及其他需要注意的信息,经常供IP层或更高层协议(TCP或UDP)使用。所以它经常被认为是IP层的一个组成部分

ADVANCED PERSISTENT THREATS (APTS)

原文地址 https://azeria-labs.com/

The cyber espionage “investigations” has become popular within the information security industry and resulted in easy marketing opportunities of research reports about Advanced Persistent Threats along with headlines of “nation-state attack”. Apart from the purpose of APT research report marketing, the term “APT” itself got generalized for the sake of convenience. However, this was done at the expense of accuracy and greater

网络防御系统--网闸

网闸的工作原理是什么?

网闸的基本原理是:切断网络之间的通用协议连接;将数据包进行分解或重组为静态数据;对静态数据进行安全审查,包括网络协议检查和代码扫描等;确认后的安全数据流入内部单元;内部用户通过严格的身份认证机制获取所需数据。

Pentest Tips and Tricks

Nmap Full Web Vulnerable Scan

cd /usr/share/nmap/scripts/
wget http://www.computec.ch/projekte/vulscan/download/nmap_nse_vulscan-2.0.tar.gz && tar xzf nmap_nse_vulscan-2.0.tar.gz
nmap -sS -sV --script=vulscan/vulscan.nse target
nmap -sS -sV --script=vulscan/vulscan.nse –script-args vulscandb=scipvuldb.csv target
nmap -sS -sV --script=vulscan/vulscan.nse –script-args vulscandb=scipvuldb.csv -p80 target
nmap -PN -sS -sV --script=vulscan –script-args vulscancorrelation=1 -p80 target
nmap -sV --script=vuln target
nmap -PN -sS -sV --script=all –script-args vulscancorrelation=1 target