Deepfake Technology

by on Jan.27, 2020, under Videos

Deepfake technology can be used for malicious purposes. One notable example is when malicious actors used deepfake voice technology to swindle a CEO out of $243,000.

Leave a Comment :, , , , , , , more...

kubernetes.io web terminal root shell

by on Jan.01, 2020, under Posts

Recently, I’ve been reading up on containers and kubernetes. I have just discovered this. It just seems like it could be easily abused:

No authentication necessary. You simply click on Launch Terminal and you’ll get a root shell with full internet access.

https://kubernetes.io/docs/tutorials/hello-minikube/

(This is a frame from https://www.katacoda.com/ )

Leave a Comment :, , , , , , , , more...

abuseipdb.com – ip list

by on Nov.04, 2019, under Blacklists, Posts

Here is a list of known ‘malicious’ IPs from abuseipdb.com. It is updated daily. It’s in a list/plaintext format that should be easy to integrate.

http://zitstif.com/badips.txt

http://zitstif.no-ip.org/badips.txt

Sha256sum:

http://zitstif.com/badipsHash.txt

http://zitstif.no-ip.org/badipsHash.txt

#Update 11/10/2019

Here are a list of offending IPs that have targeted my honeypot I have setup. This will be updated daily as well:

http://zitstif.com/badIpsHoney.txt

http://zitstif.no-ip.org/badIpsHoney.txt

Sha256sum:

http://zitstif.com/badIpsHoneyHash.txt

http://zitstif.no-ip.org/badIpsHoneyHash.txt

#Update 11/13/2019

Here’s another list of IPs that have offended the WAF I use:

http://zitstif.com/WAFips.txt

http://zitstif.no-ip.org/WAFips.txt

Sha256sum:

http://zitstif.com/WAFipsHash.txt

http://zitstif.no-ip.org/WAFipsHash.txt

#Update 11/20/2019

Here’s a great post that has a bunch of lists that can be used:

https://docs.danami.com/juggernaut/user-guide/ip-block-lists

#Update 11/26/2019

Another great resource:

http://www.covert.io/threat-intelligence/

#Update 11/30/2019

Here’s another list of IPs from abuse.ch:

http://zitstif.com/abuseChlist.txt

http://zitstif.no-ip.org/abuseChlist.txt

Sha256sum:

http://zitstif.com/abuseCHhash.txt

http://zitstif.no-ip.org/abuseCHhash.txt

#Update 12/2/2019

Black Hat Direcory – Wall of shame list:

http://zitstif.com/BlackHatDirlist.txt

http://zitstif.no-ip.org/BlackHatDirlist.txt

Sha256sum:

http://zitstif.com/BlackHatDirhash.txt

http://zitstif.no-ip.org/BlackHatDirhash.txt

#Update 10/25/2020

Scamalytics Ips

http://zitstif.com/scamIps.txt

http://zitstif.no-ip.org/scamIps.txt

Sha256sum:

http://zitstif.com/scamIpshash.txt

http://zitstif.no-ip.org/scamIpshash.txt

#Update 07/17/2022

http://zitstif.com/crowdsecips.txt

http://zitstif.no-ip.org/crowdsecips.txt

Sha256sum:

http://zitstif.com/crowdsecipsHash.txt

http://zitstif.no-ip.org/crowdsecipsHash.txt

#Update 01/25/2023

http://zitstif.com/zitSSH_honey.txt

http://zitstif.no-ip.org/zitSSH_honey.txt

Sha256sum:

http://zitstif.com/zitSSH_honey_hash.txt

http://zitstif.no-ip.org/zitSSH_honey_hash.txt

#Update 3/12/2023

http://zitstif.com/zitSSH_honey2.txt

http://zitstif.no-ip.org/zitSSH_honey2.txt

Sha256sum:

http://zitstif.com/zitSSH_honey_hash2.txt

http://zitstif.no-ip.org/zitSSH_honey_hash2.txt

 

 

 

Leave a Comment :, , , , , , , , , , , , , more...

Some quick and easy tools for working with segmented networks/VLANs

by on Oct.24, 2019, under Posts

Network segmentation can be a great tool for security and compliance. VLANing is a great means of achieving this. However, if you have to work on systems that are cut off from one another via this method, VLANs can become a pain. Here are some tools/websites that I use for working around VLANs to get my job done:

  • Portable storage devices, i.e. external hard drives/flash drives – very handy for when you have physical access
  • RMM tools, i.e. screenconnect, teamviewer, gotoassist, logmein, meshcentral, etc.
  • cl1p.net – The internet clipboard
  • Seashells – pipe standard output to this website and get a random link
  • Firefox Send  – You can upload up to 1GB without needing an account
  • Google Drive – May seem silly but when you’re working in a very well locked down networks that do a lot of content filtering, google usually isn’t blocked
  • A public facing personal SSH server
  • An instant messenger where you can message yourself, like Slack 

I hope this quick post helps some others. Feel free to leave comments below.

#Update 3/26/20: Other useful sites include (securely transferring sensitive information):

 

Leave a Comment :, , , , , , more...

NetCAT remotely leaking keystrokes from a victim SSH session

by on Sep.13, 2019, under Videos

https://www.tomshardware.com/news/intel-xeon-cpu-netcat-security-vulnerability-flaw,40376.html

Leave a Comment :, , , more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Archives

All entries, chronologically...