Tuesday, 3. April 2012
Artillery - Linux
Artillery is a honeypot/monitoring/prevention tool used to protect Linux-based systems. Artillery will setup multiple ports on the nix system and if anything touches it will automatically blacklist them. In addition, it monitors the filesystem for changes and emails the changes back to you. It also detects SSH brute force attacks and automatically blocks them as well.

svn co http://svn.secmaniac.com/artillery artillery/
Then python install.py

Artillery with Artillery from Hackett on Vimeo.



Building an HTTP shell with AES + Proxy Support in Python
Got a little bored today and decided to write a reverse HTTP shell in Python thats platform independent and supports AES encryption when passing information back and forth. So this works on Linux, OSX, and Windows. The shell also supports proxy settings as well. This Python shell will initiate a reverse connection out of the network and connect to the attacker machine via pure HTTP communications. It’s pretty straight forward on how it works. I’ve byte compiled the code so you do not need to have Python installed on the victim, it will simply run as a normal executable.

Download compiled shell.exe and all of the source code



OATH Toolkit - Linux
The OATH Toolkit contains a shared library, command line tool and a PAM module that makes it possible to build one-time password authentication systems. Supported technologies include the event-based HOTP algorithm and the time-based TOTP algorithm. OATH is the Open AuTHentication organization which specify the algorithms.