GuardDutyに「PenTest:S3/KaliLinux」を検知させるPythonスクリプト作った | DevelopersIO
こんにちは、臼田です。 みなさん、AWSの脅威検知してますか?(挨拶 今回は特定のFindingsを出そうシリーズです。 PenTest:S3/KaliLinuxとは PenTest:S3/KaliLinuxはS3のデータアクセスAPIなどについてKali Linuxによるアクセスがあった場合に検知されるGuardDuty Findingsです。Kali Linuxはペネトレーションテストに使われるOSであり、通常そのようなOSからのアクセスはありません。 このFindingsは動作を見ている限り、CloudTrailのAPIイベントに記録されたUser-Agentを識別していると思われるため、ただ検知させることが目的であればこれを逆手に取り、Kali Linuxを実際に使わなくてもヘッダを書き換えるだけで目的を達成できます。 ただこれはあくまで検証結果と推測に基づくものではありませんので
GitHub - lanjelot/patator: Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
Patator was written out of frustration from using Hydra, Medusa, Ncrack, Metasploit modules and Nmap NSE scripts for password guessing attacks. I opted for a different approach in order to not create yet another brute-forcing tool and avoid repeating the same shortcomings. Patator is a multi-threaded tool written in Python, that strives to be more reliable and flexible than his fellow predecessors
GitHub - s0md3v/Arjun: HTTP parameter discovery suite.
Arjun can find query parameters for URL endpoints. If you don't get what that means, it's okay, read along. Web applications use parameters (or queries) to accept user input, take the following example into consideration http://api.example.com/v1/userinfo?id=751634589 This URL seems to load user information for a specific user id, but what if there exists a parameter named admin which when set to
GitHub - christophetd/CloudFlair: 🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
Important note: As of late 2024, Censys does not provide API access to free accounts anymore. This means CloudFlair does not work with free Censys accounts anymore. CloudFlair is a tool to find origin servers of websites protected by CloudFlare (or CloudFront) which are publicly exposed and don't appropriately restrict network access to the relevant CDN IP ranges. The tool uses Internet-wide scan
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
Python for Pentesters | Python Pearls
GitHub - Datalux/Osintgram: Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname
GitHub - NullArray/DorkNet: Selenium powered Python script to automate searching for vulnerable web apps.
GitHub - dylanmeca/labsecurity: Labsecurity is a tool that bundles ethical hacking python scripts into a single tool with cli interface.
GitHub - aufzayed/HydraRecon: All In One, Fast, Easy Recon Tool
GitHub - codingo/Interlace: Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
GitHub - qeeqbox/social-analyzer: API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
GitHub - hangmansROP/securitytrailsapi: A wrapper around the Security Trails API
GitHub - m0rtem/CloudFail: Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
GitHub - swisskyrepo/PayloadsAllTheThings: A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Installs pentesting tools, then symlinks them to be ran seamlessly.
GitHub - maurosoria/dirsearch: Web path scanner
GitHub - adamdb5/IPDump: A python utility to quickly generate a report for any hostname / IP Address, URL or Domain.
GitHub - evyatarmeged/Raccoon: A high performance offensive security tool for reconnaissance and vulnerability scanning
GitHub - jmortega/python-pentesting: python-pentesting-tool
GitHub - dloss/python-pentest-tools: Python tools for penetration testers