7MS #575: Annoying Attackers with ADHD - Part 2
7 Minute Security9 Kesä 2023

7MS #575: Annoying Attackers with ADHD - Part 2

Hey friends! Today we're taking a second look at ADHD - Active Defense Harbinger Distribution - a cool VM full of tools designed to annoy/attribute/attack pesky attackers! The tools covered today include:

PHP-HTTP-TARPIT

A tool to confuse and waste bot/scanner/hacker time. Grab it here and check out our setup instructions:

sudo git clone https://github.com/msigley/PHP-HTTP-Tarpit.git /opt/tarpit cd /opt/tarpit sudo mv la_brea.php /var/www/html/index.php cd /var/www/html/ # Delete the default HTMLM files that are there sudo rm DEFAULT .HTML FILES # Start/restart apache2 sudo service apache2 stop sudo service apache2 start # It's easier to see PHP-HTTP-TARPIT in action from command line: curl -i http://IP.RUNNING.THE.TARPIT Spidertrap

This tool tangles Web visitors in a never-ending maze of pages with links!

sudo git clone https://github.com/adhdproject/spidertrap.git /opt/spidertrap cd /opt/spidertrap # Open spidertrap.py and change listening port from 8080 to 80 sudo nano spidertrap.py # Run the trap sudo python3 spidertrap.py Weblabyrinth

This tool presents visitors with a blurb of text from Alice in Wonderland. That text has links that takes them to...you guessed it...more Alice in Wonderland excerpts! I especially like that if you visit ANY folder or link inside Weblabyrinth, content is served (return code 200 for anything and everything).

I had problems getting this running on a fresh Kali box so it's probably better to run right off the ADHD distro using their instructions.

Jaksot(720)

7MS #712: How to Secure Your Community - Part 2

7MS #712: How to Secure Your Community - Part 2

Hello friends.  Today's episode piggybacks off of last week's discussion of Operation Metro Surge and how it has affected the state of Minnesota.  I also highly encourage you to read this Rolling Ston...

6 Maalis 37min

7MS #711: How to Secure Your Community

7MS #711: How to Secure Your Community

Hello friends, it's good to be back with you.  I took a podcast hiatus in January to focus on helping communities affected by Operation Metro Surge.  Today I share how my family and community has been...

27 Helmi 51min

7MS #710: I'm Taking a Break

7MS #710: I'm Taking a Break

Hi friends, I'm going to be taking a break from producing podcast episodes, as well as content over at 7MinSec.club.  It's a temporary break, so please don't unsubscribe, unfollow, etc.  I need some e...

17 Tammi 4min

7MS #709: Second Impressions of Twingate

7MS #709: Second Impressions of Twingate

Hey friends, in episode #649 I gave you my first impressions of Twingate.  It's been a minute, so I thought I'd revisit Twingate (specifically this awesome Twingate LXC) and talk about how we're using...

10 Tammi 20min

7MS #708: Tales of Pentest Fail – Part 6

7MS #708: Tales of Pentest Fail – Part 6

After sharing a recent story about how a phishing campaign went south, I heard feedback from a lot of you.  You either commiserated with my story, told me I wussed out, and/or had a difficult story of...

2 Tammi 25min

7MS #707: Our New Pentest Course Has Launched!

7MS #707: Our New Pentest Course Has Launched!

Today we're thrilled to announce the launch of LPLITE:GOAD (Light Pentest Live Interactive Training Experience: Game of Active Directory). The first class is coming up Tuesday, January 27 – Thursday, ...

26 Joulu 202514min

7MS #706: Tales of Pentest Pwnage – Part 80

7MS #706: Tales of Pentest Pwnage – Part 80

I'm so excited to share today's tale of pentest pwnage, because it brings back to life a coercion technique I thought wouldn't work against Windows 11! Spoiler alert: check out rpc2efs, as well as the...

19 Joulu 202529min

7MS #705: A Phishing Campaign Fail Tale

7MS #705: A Phishing Campaign Fail Tale

This might be obvious, but security is not all domain admin dancing and maximum pwnage. Sometimes, despite my best efforts, a security project does a faceplant. Today's episode focuses on a phishing c...

12 Joulu 202521min

Suosittua kategoriassa Politiikka ja uutiset

uutiscast
aikalisa
politiikan-puskaradio
rss-ootsa-kuullut-tasta
ootsa-kuullut-tasta-2
rss-podme-livebox
tervo-halme
rss-pinnalla
aihe
et-sa-noin-voi-sanoo-esittaa
rss-vaalirankkurit-podcast
the-ulkopolitist
rss-kaikki-uusiksi
rss-ulkopoditiikkaa
otetaan-yhdet
viisupodi
rss-uusi-juttu-mediastartupin-tarina
rss-asiastudio
rss-girls-finish-f1rst
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset