7MS #575: Annoying Attackers with ADHD - Part 2
7 Minute Security9 Kesä 2023

7MS #575: Annoying Attackers with ADHD - Part 2

Hey friends! Today we're taking a second look at ADHD - Active Defense Harbinger Distribution - a cool VM full of tools designed to annoy/attribute/attack pesky attackers! The tools covered today include:

PHP-HTTP-TARPIT

A tool to confuse and waste bot/scanner/hacker time. Grab it here and check out our setup instructions:

sudo git clone https://github.com/msigley/PHP-HTTP-Tarpit.git /opt/tarpit cd /opt/tarpit sudo mv la_brea.php /var/www/html/index.php cd /var/www/html/ # Delete the default HTMLM files that are there sudo rm DEFAULT .HTML FILES # Start/restart apache2 sudo service apache2 stop sudo service apache2 start # It's easier to see PHP-HTTP-TARPIT in action from command line: curl -i http://IP.RUNNING.THE.TARPIT Spidertrap

This tool tangles Web visitors in a never-ending maze of pages with links!

sudo git clone https://github.com/adhdproject/spidertrap.git /opt/spidertrap cd /opt/spidertrap # Open spidertrap.py and change listening port from 8080 to 80 sudo nano spidertrap.py # Run the trap sudo python3 spidertrap.py Weblabyrinth

This tool presents visitors with a blurb of text from Alice in Wonderland. That text has links that takes them to...you guessed it...more Alice in Wonderland excerpts! I especially like that if you visit ANY folder or link inside Weblabyrinth, content is served (return code 200 for anything and everything).

I had problems getting this running on a fresh Kali box so it's probably better to run right off the ADHD distro using their instructions.

Jaksot(681)

7MS #25: Writing Better Pentest Reports (audio)

7MS #25: Writing Better Pentest Reports (audio)

This episode talks about some pointers, tools and tips towards writing better pentest reports. Download: 7MS #25: Writing Better Pentest Reports (audio)

23 Elo 20148min

7MS #24: Why Wireless Scares Me (audio)

7MS #24: Why Wireless Scares Me (audio)

This episode is all about why you should (probably not) use wireless hotspots, and keeping yourself safe in general when surfing the Web. Download: 7MS #24: Why Wireless Scares Me (audio)

16 Elo 20147min

7MS #23: OSCP – part 2 (audio)

7MS #23: OSCP – part 2 (audio)

In this episode I talk more about my adventures with OSCP and Offensive Security! . Download: 7MS #23: OSCP – part 2 (audio) Show notes: I recommend documenting ALL the exercises in the PDF. My understanding is that extra effort could be rewarded if you don’t do so hot on your final exam. Buffer overflows make…

9 Elo 20147min

7MS #22: Phishing with Black Squirrel (audio)

7MS #22: Phishing with Black Squirrel (audio)

In this episode I talk about using Black Squirrel to launch phishing campaigns! Download: 7MS #22: Phishing with Black Squirrel (audio) Show notes: Security Weekly is an excellent podcast/resource. Devour it regularly. Black Squirrel is the main tool discussed in this podcast. I’ve been using it for phishing campaigns and it’s been excellent in that capacity.

27 Heinä 20147min

7MS #21: OSCP – part 1 (audio)

7MS #21: OSCP – part 1 (audio)

In this episode I talk about my venture into Offensive Security! . Download: 7MS #21: OSCP – part 1 (audio) Show notes: It’s official – I have a death wish and have started the OSCP training. This episode is the first of what I hope will be a multi-part, spoiler-free series about my experience with OSCP. With…

20 Heinä 20147min

7MS #20: Moving from GoDaddy to DNSimple (audio)

7MS #20: Moving from GoDaddy to DNSimple (audio)

In this episode I talk about why I’m pulling my domains from GoDaddy, and making DNSimple their new home. Download: 7MS #20: Moving from GoDaddy to DNSimple (audio) Show notes: The service I’m talking about in this podcast is DNSimple. Troy Hunt‘s humorous/awesome article pushed me over the edge and convinced me to give DNSimple a…

15 Heinä 20147min

7MS #19: Kioptrix! (audio)

7MS #19: Kioptrix! (audio)

In this episode I talk about a deliciously vulnerable series of VMs called Kioptrix, and how you can use them to sharpen your pentesting skills. Download: 7MS #19: Kioptrix! (audio) Show notes: The Kioptrix series of VMs is here: http://www.kioptrix.com/blog/test-page/ and here: http://vulnhub.com/?q=kioptrix&sort=date-des&type=vm. Got approved for my OSCP training and I start it in a few…

5 Heinä 20147min

7MS #18: Wireless Security 101 (audio)

7MS #18: Wireless Security 101 (audio)

In this episode I talk about some wireless security basics that we’re not seeing when out on assessments. Download: 7MS #18: Wireless Security 101 (audio) Show notes: WEP encryption is very, very bad. It’s easy to crack. Don’t use it. Wifite will demonstrate how easy it is to crack WEP. Stronger encryption such as WPA/WPA2…

22 Kesä 20147min

Suosittua kategoriassa Politiikka ja uutiset

rss-podme-livebox
ootsa-kuullut-tasta-2
aikalisa
politiikan-puskaradio
otetaan-yhdet
et-sa-noin-voi-sanoo-esittaa
rss-vaalirankkurit-podcast
rikosmyytit
aihe
rss-mina-ukkola
rss-raha-talous-ja-politiikka
rss-hyvaa-huomenta-bryssel
rss-kyselytunti
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset
politbyroo
the-ulkopolitist
rss-kalevi-sorsa-saation-podcast
rss-sinivalkoinen-islam
rss-kaikki-paskaksi-ystavat
rss-kaikki-uusiksi