社内ã§ã®ã‚µãƒ¼ãƒãƒ¼ãƒ¬ã‚¹ã‚¢ãƒ—リケーション開発をã€ãƒ—ラットフォームエンジニアリングを整備ã—㦠迅速化・安定化ã•ã›ã‚‹å–り組ã¿
Honeypot_on_GCP-20191006.pdf
社内ã§ã®ã‚µãƒ¼ãƒãƒ¼ãƒ¬ã‚¹ã‚¢ãƒ—リケーション開発をã€ãƒ—ラットフォームエンジニアリングを整備ã—㦠迅速化・安定化ã•ã›ã‚‹å–り組ã¿
GitHub - m-mizutani/lurker: Scalable security network sensor as low interaction honeypot
lurker is network based honeypot for capturing payload for all TCP ports. lurker sends spoofing TCP SYN-ACK packet against attacker and scanner's TCP SYN packet. Then they will send TCP data payload after 3-way handshake and lurker captures the data and notify and save it for security research. A lot of existing honeypot has each capture mechanism for specific protocol. lurker does not have such m
ãƒãƒ‹ãƒ¼ãƒãƒƒãƒˆã§ã‚ˆã見るユーザーエージェントã«ã¤ã„ã¦èª¿ã¹ãŸ - ã‹ã‚“ãšãã£ã¨
よã見ã‹ã‘るユーザーエージェントã«ã¤ã„ã¦èª¿ã¹ã¦ã¿ãŸ 今回ã¯å°‘ã—趣å‘を変ãˆã¦â€¦â€¦ ãƒãƒ‹ãƒ¼ãƒãƒƒãƒˆã®ãƒã‚°ã§ã‚ˆã見ã‹ã‘るユーザーエージェントã«ã¤ã„ã¦èª¿ã¹ã¦ã¿ã¾ã—ãŸã€‚ ZmEu é …ç›®å 内容 UserAgent ZmEu パス /phpmyadmin/scripts/setup.php, /pma/scripts/setup.php ãªã© 最åˆã«æ®‹ã—ã¦ã„ã /w00tw00t.at.blackhats.romanian.anti-sec:) ã®ãƒã‚°ãŒç‰¹å¾´çš„ãªè„†å¼±æ€§ã‚¹ã‚ャナã§ã™ã€‚Webサイトç‰ã‚’é‹å–¶ã—ã¦ã„ã‚‹æ–¹ã§ã‚ã‚Œã°ã€ãƒã‚°ã«ã“ã®æ–‡å—列ãŒã‚ã‚‹ã®ã‚’見ãŸã“ã¨ãŒã‚る方も多ã„ã®ã§ã¯ãªã„ã§ã—ょã†ã‹ï¼Ÿ アクセス先ã¯phpmyadminã®ã‚»ãƒƒãƒˆã‚¢ãƒƒãƒ—スクリプトã®ã»ã‹ã€SSHパスワードã®ãƒ–ルートフォースアタックも行ã£ã¦ã„ã‚‹ã¨ã®æƒ…å ±ã‚‚ã‚ã‚Šã¾ã™ã€‚英語版 Wikipedia ã«ã¯ãƒšãƒ¼ã‚¸ãŒã‚ã‚‹ãらã„ãªã®ã§ã€ãŠãらã有åãªã‚¹ã‚ャ
How I Discovered Thousands of Open Databases on AWS
My journey on finding and reporting databases with sensitive data about Fortune-500 companies, Hospitals, Crypto platforms, Startups during due diligence, and more. Table Of Contents OverviewBackgroundMy HypothesisScanningBI & Automation: From thousands to hundredsExamples of data I foundConclusionOverviewIt is easy to find misconfigured assets on cloud services, by scanning the CIDR blocks (IP ra
リリースã€éšœå®³æƒ…å ±ãªã©ã®ã‚µãƒ¼ãƒ“スã®ãŠçŸ¥ã‚‰ã›
最新ã®äººæ°—エントリーã®é…ä¿¡
j次ã®ãƒ–ックマーク
kå‰ã®ãƒ–ックマーク
lã‚ã¨ã§èªã‚€
eコメント一覧を開ã
oページを開ã
GitHub - SpectralOps/netz: Discover internet-wide misconfigurations while drinking coffee
GitHub - noptrix/httpgrep: Scans for HTTP servers and finds given strings in HTTP body and HTTP response headers.
GitHub - zmap/zdns: Fast CLI DNS Lookup Tool
GitHub - zmap/zgrab2: Fast Go Application Scanner
GitHub - ivre/ivre: Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, build your taylor-made EASM tool, collect and analyse network intelligence
GitHub - nullt3r/jfscan: JFâš¡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate report.
GitHub - noptrix/sshprank: A fast SSH mass-scanner, login cracker and banner grabber tool using the python-masscan and shodan module.
{{#tags}}- {{label}}
{{/tags}}