Malware - Clean MX - realtime Subscribe to the VirusWatch Mailing list, updated hourly This database consists of Virus URI, collected and verified since Feb 2006TweetRecently we pushed out notifications with "unrated site" these are totally clean sites, we apologize this! If you detect URI'S concerning your netblock, already closed... you have made a good job, otherwise please close them as soon as possible. to look at some nice charts, there are complete statistics for this databaseAttention: all URI'S are manually verified, but not cross-checked for real viruses function in this moment you make this query. if you have questions, criticism, wishes or ... do not hesitate to contact us at firstname.lastname@example.org may reach us by cell phone +49 171 4802507 ...Query as xml: Same query as xml output Click here for other vital incidents
NoThink! Binaries samples collect with honeypots are available for download by any responsible whitehat researcher. By downloading the samples, anyone waives all rights to claim punitive, incidental and consequential damages resulting from mishandling or self-infection. If you do not know what you are doing here, it is recommended you leave right away. This page has no commercial purpose. Notes about the collection of binaries Malware list: (#246 Clamscan engine version 0.98.5) malware_list.txtFile types list: file_types.txtHoneypot software: amun, dionaeaHoneypot ISP: AS3269 Interbusiness (Telecom Italia) Other sources where to get malicious files Clean MX, Cybercrime-tracker, Malc0de, Malekal, Malshare, MalwareBlacklist, Malware Domain Blocklist, Malware Domain List, Mwis, NovCon Minotaur, Open Malware, Palevo Tracker, SacOur, SafeGroup, Secubox Labs, SpyEye Tracker, VirusShare, VX Vault, ZeuS Tracker Script to retrieves malwares
Exploit.IN SOLDIERX.COM | Nobody Can Stop Information Insemination Index page Internet Storm Center - Internet Security | DShield Open Threat Exchange (OTX) Pulses provide you with a summary of the threat, a view into the software targeted, and the related indicators of compromise (IoC) that can be used to detect the threats. IoCs include: File Hashes: MD5, SHA1, SHA256, PEHASH, IMPHASHCIDR RulesFile PathsMUTEX nameCVE number IP addressesDomainsHostnames (subdomains)EmailURLURI Pulses make it easy for you to answers questions like: Is my environment exposed to this threat? Drag & drop any blog post or threat report from any source to create new pulses Create a pulse or add additional IoCs into an existing pulse when observing suspicious or malicious behavior Automatically instrument the USM platform's built-in IDS with latest actionable threat dataLearn more ›
Security-Onion-Solutions/security-onion GrayHat Hacking Security Exploits : How To Use MetaGooFil This is a excellent simple information gathering tool made by the people at Edge Security Research. MetaGooFil is a metadata extraction tool that is written by the folks who brought us The Harvester in my last blog posting. Think of metadata as getting data from data. This metadata can be usefully for an attacker and may give some unique insights into the target organisation including usernames, system names, directory paths, file shares and other information. MetaGoolFil comes with Backtrack built-in and can be find under Applications | Backtrack | Vulnerability Assessments | Web Application Assessments or you can open a terminal windows and enter the following command: cd /pentest/enumeration/google/metagoofil It is a good idea to create a "files" folder to hold all the target files that will be downloaded, and keep the original directory clean. mkdir targetfiles With this directory setup, you can run MetaGooFil by issuing the following command: . The command: .
Adventures of an apprentice | Diving into infosec Rogue WiFi Access Point Attack: WiFi-Pumpkin CyberPunk » Wireless Attacks Framework for Rogue WiFi Access Point Attack WiFi-Pumpkin is security tool that provide the Rogue access point to Man-In-The-Middle and network attacks. purporting to provide wireless Internet services, but snooping on the traffic. can be used to capture of credentials of unsuspecting users by either snooping the communication by phishing. Features Rouge WiFi Access PointDeauth Clients APProbe Request MonitorDHCP Starvation AttackCrendentials MonitorWindows Update AttackTemplates phishingPartial bypass HSTS Dump credentials phishingSupport airodump scanSupport mkd3 deauthbeef hook supportReport Logs htmlMac ChangerARP PosionDNS Spoof WiFi-Pumpkin v0.7.5 Released ! WiFi-Pumpkin installation Dependencies: hostapdisc-dhcp-serverphp5-cliLinux require soft: rfkill , iptables , nmcli To Install Pyqt4 Install the dependencies: pip install -r requirements.txt Install git clone cd WiFi-Pumpkin chmod +x installer.sh . Plugins 23 ratings
Open Source GPS Tracking System: Traccar Traccar is an open source GPS tracking system for various GPS tracking devices. This Maven Project is written in Java and works on most platforms with installed Java Runtime Environment. System supports more than 80 different communication protocols from popular vendors. It includes web interface to manage tracking devices online… Traccar is the best free and open source GPS tracking system software offers self hosting real time online vehicle fleet management and personal tracking… Traccar supports more than 80 GPS communication protocols and more than 600 models of GPS tracking devices. To start using Traccar Server follow instructions below: Download and install TraccarReboot system, Traccar will start automaticallyOpen web interface ( in as administrator (user – admin, password – admin) or register a new userAdd new device with unique identifier (see section below)Configure your device to use appropriate address and port (see section below) Address and Port
Black-Box CAN Network Analysis Framework: CANToolz Yet Another Car Hacking Tool CANToolz is a framework forCANbus network and device analysis. This tool consist of various different modules which can be piped together and used by security researchers and automotive/OEM security testers for black-box analysis of any CANbus system. You can use this software for ECU discovery, MITM testing, fuzzing, bruteforcing, scanning and etc This platform is a try to unify all tricks/tools and other things that you can do with CAN bus in one place. Using a Hardware CANToolz can work with CAN network by using next hardware: Fast start sudo python cantoolz.py -g w -c examples/can_sniff.py Modules P.S. Dependencies pip install pyserial Usage Examples See more use-cases inside examples folder: And many other options possible. Black-Box CAN Network Analysis Framework Source && Download
MITMf - Man-In-The-Middle Attack Framework MITMf is a Framework for Man-In-The-Middle attacks MITMf aims to provide a one-stop-shop for Man-In-The-Middle and network attacks while updating and improving existing attacks and techniques. Originally built to address the significant shortcomings of other tools (e.g Ettercap, Mallory), it’s been almost completely re-written from scratch to provide a modular and easily extendible framework that anyone can use to implement their own MITM attack. MITMf v0.9.8 has been released Features Active packet filtering/modification You can now modify any packet/protocol that gets intercepted by MITMf using Scapy! For example, here’s a stupid little filter that just changes the destination IP address of ICMP packets: if packet.haslayer(ICMP): log.info('Got an ICMP packet!') Use the packet variable to access the packet in a Scapy compatible formatUse the data variable to access the raw packet data Now to use the filter all we need to do is: python mitmf.py -F ~/filter.py Installation On Arch Linux: Examples