[Hackmeeting] Linux Malware: Links

Nachricht löschen

Nachricht beantworten
Autor: Anathema
Datum:  
To: hackmeeting
Betreff: [Hackmeeting] Linux Malware: Links
Scusate il ritardo, ecco i links di alcune cose che ho trattato nel 10
mins speech:

- JellyFish, GPU malware: https://github.com/x0r1/jellyfish

- Turla, APT russo:
https://securelist.com/analysis/publications/65545/the-epic-turla-operation/
e https://securelist.com/blog/research/67962/the-penquin-turla-2/

- cd00r, usato da Turla:
https://www.giac.org/paper/gcih/342/handle-cd00r-invisible-backdoor/103631
e
https://www.giac.org/paper/gcih/207/cd00rc-extending-packet-coded-backdoor-server-netcat-relays-high-bandwidth/101846
e https://funoverip.net/2011/03/cd00r-knocking-backdoor-improved/

- alcune userland backdoors: https://github.com/chokepoint/azazel e
https://github.com/andreafabrizi/prism

- Il gia` citato BDFProxy: https://github.com/secretsquirrel/BDFProxy
(attualmente sto scrivendo una nuova versione che pubblichero` nei
prossimi giorni, tenete d'occhio il mio repo https://github.com/davinerd)

Credo sia tutto. Se ho dimenticato qualcosa fatemi sapere.
Se mi viene in mente altro, aggiungero`.

Al prossimo hackmeeting \o/

--
Anathema

+--------------------------------------------------------------------+
|GPG/PGP KeyID: CFF94F0A available on http://pgpkeys.mit.edu:11371/  |
|Fingerprint: 80CE EC23 2D16 143F 6B25  6776 1960 F6B4 CFF9 4F0A     |
|                                     |
|https://keybase.io/davbarbato                         |
|https://www.msack.org                             |
+--------------------------------------------------------------------+