duckhunt
exabgp
Our great sponsors
duckhunt | exabgp | |
---|---|---|
10 | 7 | |
494 | 2,022 | |
- | 0.4% | |
0.0 | 8.2 | |
over 3 years ago | 12 days ago | |
Python | Python | |
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
duckhunt
-
Would disabling HID keyboard driver installation on windows prevent Rubber Ducky/O.MG cable payloads?
The cheapest way is a solution that monitors for high-speed keystroke injection, which is what the rubber ducky is generally used for. One such project is https://github.com/pmsosa/duckhunt (I have no affiliation with this project. It appears to have been updated about 2.5 years ago)
-
Auto Executable Scripts
(Found some code that does it, but I'm not sure if it's the same one that first I saw a while back)
- Is it possible to safely insert a USB into your main computer and prevent any malware from automatically running?
-
FBI: Cyber criminals are mailing out USB drives that install ransomware
If it acts as a keyboard, then it is a fast one and can be prevented. https://github.com/pmsosa/duckhunt
-
gaming usb dongle malware
If you worry about badusb use this https://github.com/pmsosa/duckhunt it blocks keyboard input when detected too fast typing.
-
is this program safe to use in Tails?
Looks like it doesn't even run on Linux. https://github.com/pmsosa/duckhunt#todo
- is this program safe?
-
how to identify a Rubber ducky?
It depends on the sophistication of the attack. You could for example try to detect it based on the manufacturer. That is your best option to prevent the attack by blocking it to act as a keyboard. If spoofed, or you don't have such a measure, you can try to detect it and then stop it. Typically, by focusing on the behavior from the keyboard. E.g., connected and tying without pause, monitoring the actual first commands from the keyboard,.. Have a look at https://github.com/pmsosa/duckhunt for example.
exabgp
-
How to analyze a package/library?
I'm curious how ExaBGP works. In particular:
-
Java Library for BGP Peering?
I don’t know of a specific Java implementation but https://github.com/Exa-Networks/exabgp might fit in ok. Use exa to talk bgp but write java applets to “do things” with what exa hands you.
-
BGP Implemented in Go
> not to be tenable in Python
https://github.com/Exa-Networks/exabgp is written in python
- Has anyone worked with exabgp? Have question regarding return path traffic
-
More details about the October 4 outage
"Those translation queries are answered by our authoritative name servers that occupy well known IP addresses themselves, which in turn are advertised to the rest of the internet via another protocol called the border gateway protocol (BGP)."
"To ensure reliable operation, our DNS servers disable those BGP advertisements if they themselves can not speak to our data centers, since this is an indication of an unhealthy network connection."
Correct me if I am wrong, but here "DNS servers" means the computers, not the software running on them, i.e., each computer is running both DNS server software and a BGP daemon.
For example, with a BGP daemon like ExaBGP the output of a DNS query can be checked and routes could be removed if the query fails.
https://github.com/Exa-Networks/exabgp
-
Tools to Explore BGP
13 years ago I wrote a nice reference implementation for BGP "client" use - I just treated it as an API onto Cisco routers: https://github.com/BytemarkHosting/bgpfeeder is 1300 lines of Ruby, one file, no dependencies, and quite verbose.
At the time I was running a hosting company & wanted to feed updates to our IP lists from a web-based database into our routers (e.g. a customer wants a new IP to their servers, or moves their VPS images between physical hosts). But I couldn't understand how to get tight control of quagga, or the Ciscos and wondered how how to speak it directly?
It took about a week poring over the RFCs and the Net::BGP Perl module, but I can go back to it now for some useful revision. It brought a lot of disparate BGP knowledge together in one place, and re-expressed it in a language I still know. So if you know Ruby and are curious about BGP it might help you see what you can do with it.
Though if you want to use BGP to control your network devices today, you'd use https://github.com/Exa-Networks/exabgp instead. It can pull every trick you could possibly want with BGP - e.g. DDoS mitigation, anycast, and generally letting you mess with BGP via JSON. There are lots of extensions to BGP, and I only cared about the ones to send v4 & v6 routes around. Also I only wanted to write it all in one file :)
- lab env getting the full route table.
What are some alternatives?
instahack - instahack is a bash & python based script which is officially made to test password strength of Instagram account from termux and kali with bruteforce attack and. it based on tor This tool works on both rooted Android device and Non-rooted Android device. Best Tool For Instagram Bruteforce hacking Tool By Waseem Akram. Made in Bash & python. This is an official repository of instahack
gobgp - BGP implemented in the Go Programming Language
branch-protection-bot - A bot tool to disable and re-enable "Include administrators" option in branch protection
bgpsimple - simple BGP peering and route injection script
usbguard - USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system)
Ryven - Flow-based visual scripting for Python
hosts - 🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
rustybgp - BGP implemented in the Rust Programming Language
blender-dactyl-keyboard - Blended Dactyl Manuform, a parameterized ergonomic keyboard
Cloudmare - Cloudflare, Sucuri, Incapsula real IP tracker.
pico-ducky-ui - Make a USB Rubber Ducky like device using Waveshare ESP32-S2 LCD
netflix-proxy - Smart DNS proxy to watch Netflix