All posts by zitstif

Deepfake Technology

January 27, 2020 zitstif Leave a comment

Deepfake technology can be used for malicious purposes. One notable example is when malicious actors used deepfake voice technology to swindle a CEO out of $243,000.

Posts

kubernetes.io web terminal root shell

January 1, 2020 zitstif Leave a comment

Recently, I’ve been reading up on containers and kubernetes. I have just discovered this. It just seems like it could be easily abused:

No authentication necessary. You simply click on Launch Terminal and you’ll get a root shell with full internet access.

https://kubernetes.io/docs/tutorials/hello-minikube/

(This is a frame from https://www.katacoda.com/ )

Blacklists, Posts

abuseipdb.com – ip list – IP Blacklists

November 4, 2019 zitstif Leave a comment

Here is a list of known ‘malicious’ IPs from abuseipdb.com. It is updated daily. It’s in a list/plaintext format that should be easy to integrate.

http://zitstif.com/badips.txt

http://zitstif.no-ip.org/badips.txt

Sha256sum:

http://zitstif.com/badipsHash.txt

http://zitstif.no-ip.org/badipsHash.txt

#Update 11/10/2019

Here are a list of offending IPs that have targeted my honeypot I have setup. This will be updated daily as well:

http://zitstif.com/badIpsHoney.txt

http://zitstif.no-ip.org/badIpsHoney.txt

Sha256sum:

http://zitstif.com/badIpsHoneyHash.txt

http://zitstif.no-ip.org/badIpsHoneyHash.txt

#Update 11/13/2019

Here’s another list of IPs that have offended the WAF I use:

http://zitstif.com/WAFips.txt

http://zitstif.no-ip.org/WAFips.txt

Sha256sum:

http://zitstif.com/WAFipsHash.txt

http://zitstif.no-ip.org/WAFipsHash.txt

#Update 11/20/2019

Here’s a great post that has a bunch of lists that can be used:

https://docs.danami.com/juggernaut/user-guide/ip-block-lists

#Update 11/26/2019

Another great resource:

http://www.covert.io/threat-intelligence/

#Update 11/30/2019

Here’s another list of IPs from abuse.ch:

http://zitstif.com/abuseChlist.txt

http://zitstif.no-ip.org/abuseChlist.txt

Sha256sum:

http://zitstif.com/abuseCHhash.txt

http://zitstif.no-ip.org/abuseCHhash.txt

#Update 12/2/2019

Black Hat Direcory – Wall of shame list:

http://zitstif.com/BlackHatDirlist.txt

http://zitstif.no-ip.org/BlackHatDirlist.txt

Sha256sum:

http://zitstif.com/BlackHatDirhash.txt

http://zitstif.no-ip.org/BlackHatDirhash.txt

#Update 10/25/2020

Scamalytics Ips

http://zitstif.com/scamIps.txt

http://zitstif.no-ip.org/scamIps.txt

Sha256sum:

http://zitstif.com/scamIpshash.txt

http://zitstif.no-ip.org/scamIpshash.txt

#Update 07/17/2022

http://zitstif.com/crowdsecips.txt

http://zitstif.no-ip.org/crowdsecips.txt

Sha256sum:

http://zitstif.com/crowdsecipsHash.txt

http://zitstif.no-ip.org/crowdsecipsHash.txt

#Update 01/25/2023

http://zitstif.com/zitSSH_honey.txt

http://zitstif.no-ip.org/zitSSH_honey.txt

Sha256sum:

http://zitstif.com/zitSSH_honey_hash.txt

http://zitstif.no-ip.org/zitSSH_honey_hash.txt

#Update 3/12/2023

http://zitstif.com/zitSSH_honey2.txt

http://zitstif.no-ip.org/zitSSH_honey2.txt

Sha256sum:

http://zitstif.com/zitSSH_honey_hash2.txt

http://zitstif.no-ip.org/zitSSH_honey_hash2.txt

#Update 5/25/2024

http://zitstif.no-ip.org/Firewallwaf.txt

http://zitstif.com/Firewallwaf.txt

Sha256sum:

http://zitstif.no-ip.org/Firewallwafhash.txt

http://zitstif.com/Firewallwafhash.txt

#Update 6/24/2024

http://zitstif.no-ip.org/zit_shame_list.txt

http://zitstif.com/zit_shame_list.txt

Sha256sum:

http://zitstif.no-ip.org/zit_shame_list_hash.txt

http://zitstif.com/zit_shame_list_hash.txt

Posts

Some quick and easy tools for working with segmented networks/VLANs

October 24, 2019 zitstif Leave a comment

Network segmentation can be a great tool for security and compliance. VLANing is a great means of achieving this. However, if you have to work on systems that are cut off from one another via this method, VLANs can become a pain. Here are some tools/websites that I use for working around VLANs to get my job done:

Portable storage devices, i.e. external hard drives/flash drives – very handy for when you have physical access
RMM tools, i.e. screenconnect, teamviewer, gotoassist, logmein, meshcentral, etc.
cl1p.net – The internet clipboard
Seashells – pipe standard output to this website and get a random link
Firefox Send – You can upload up to 1GB without needing an account
Google Drive – May seem silly but when you’re working in a very well locked down networks that do a lot of content filtering, google usually isn’t blocked
A public facing personal SSH server
An instant messenger where you can message yourself, like Slack

I hope this quick post helps some others. Feel free to leave comments below.

#Update 3/26/20: Other useful sites include (securely transferring sensitive information):

Videos

NetCAT remotely leaking keystrokes from a victim SSH session

September 13, 2019 zitstif Leave a comment

https://www.tomshardware.com/news/intel-xeon-cpu-netcat-security-vulnerability-flaw,40376.html

#!/zitstif.no-ip.org/

All posts by zitstif

kubernetes.io web terminal root shell

abuseipdb.com – ip list – IP Blacklists

Some quick and easy tools for working with segmented networks/VLANs

NetCAT remotely leaking keystrokes from a victim SSH session

(zitstif.com)