Mitigating-Web-Shells
aizawa
Our great sponsors
Mitigating-Web-Shells | aizawa | |
---|---|---|
2 | 1 | |
943 | 49 | |
0.5% | - | |
0.0 | 6.6 | |
10 months ago | 23 days ago | |
YARA | Python | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Mitigating-Web-Shells
-
FBI Director Christopher Wray says agency blocked planned cyberattack on children's hospital
The NSA provides publicly to everyone a GitHub Repository to mitigate back doors that other nation-state threat actors are using. Your statement "the sheer number of backdoors and exploits the NSA has and if revealed, would stop probably all malicious programs" implies that nation-state threat actors are using the same back doors, so why would they do this?
-
Mass exploitation of on-prem Exchange servers :(
There is likely a Cobalt Strike BEACON acting as C2 now even if you've patched. I recommend full incident response mode, probably want to isolate the server. Run an integrity check against a known good config with WinDiff or NSA's dirChecker to find other anomolies. https://github.com/nsacyber/Mitigating-Web-Shells
aizawa
What are some alternatives?
Automate-Powershell
DevBrute - DevBrute is a versatile password brute forcing tool designed to tackle a wide range of Social Media accounts and Web Applications. With its robust capabilities, it's adept at breaking through various security barriers.
gimmeSH - For pentesters who don't wanna leave their terminals.
dosbomb - dosbomb ia a dos tool that cuts off targets or surrounding infrastructure in a flood of Internet traffic
ExchangeMarch2021IOCHunt - Really fast knock up use at own risk etc.
OSTE-Vulnerable-Web-Application - Vulnerable Web application made with PHP/SQL designed to help new web testers gain some experience and test DAST tools for identifying web vulnerabilities. Containing some of the most well-known vulnerabilities such as SQL, cross-site scripting (XSS), OS command injections, our intention to expand more vulnerabilities for learning purposes.
htshells - Self contained htaccess shells and attacks
Villain - Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
spectre-meltdown-checker - Reptar, Downfall, Zenbleed, ZombieLoad, RIDL, Fallout, Foreshadow, Spectre, Meltdown vulnerability/mitigation checker for Linux & BSD
cerberus - Cerberus is another simple stressing tool simulating DDoS attacks.
wso-webshell - 🕹 wso php webshell
FDsploit - File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.