Clone of https://github.com/rmusser01/Infosec_Reference . For those who would prefer to not be tracked by MS.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 

4.1 KiB

Steal Everything; Kill Everyone; Profit! j/k please don’t :3

Too Many Cooks; Exploiting the Internet of Tr-069

Ever wanted to scan the internet in a few hours?

The Eavesdropper’s Dillemma

Coding Malware for fun and no profit

Use google bots to perform SQL injections on websites

device-pharmer

  • Opens 1K+ IPs or Shodan search results and attempts to login

Door Control Systems: An Examination of Lines of Attack

Implanting a Dropcam

Breaking IPMI/BMC

Achilles Heel of the American Banking System

Different Type of SCADA

Software Distribution Malware Infection Vector

JSBN

  • JSBN is a bot client which interprets commands through Twitter, requiring no hosting of servers or infected hosts from the command issuer. It is written purely in javascript as a Proof-of-Concept for javascript's botnet potentials.

Attacking multifunction printers and getting creds from them

Spidernet

  • Proof of Concept of SSH Botnet C&C Using Python

Weapons of Mass Distraction

  • In this talk, we aim to briefly cover the background of sock puppets (and related attacks) before moving on to real world demonstrations & “attacks“. Rigging polls, abusing Twitter, causing Reddit riots & targeting popular news organisations are some of the (many) attacks covered. In all these cases we discuss what we tried, what worked, what didn’t and what the implications are of the attacks. Where possible we will cover defences and solutions.

Adding your protocol to Masscan

You Can Type, but You Can’t Hide: A Stealthy GPU-based Keylogger

  • Keyloggers are a prominent class of malware that harvests sensitive data by recording any typed in information. Key- logger implementations strive to hide their presence using rootkit-like techniques to evade detection by antivirus and other system protections. In this paper, we present a new approach for implementing a stealthy keylogger: we explore the possibility of leveraging the graphics card as an alterna- tive environment for hosting the operation of a keylogger. The key idea behind our approach is to monitor the system’s keyboard buffer directly from the GPU via DMA, without any hooks or modifications in the kernel’s code and data structures besides the page table. The evaluation of our pro- totype implementation shows that a GPU-based keylogger can effectively record all user keystrokes, store them in the memory space of the GPU, and even analyze the recorded data in-place, with negligible runtime overhead.