Scusate il ritardo, ecco i links di alcune cose che ho trattato nel 10
mins speech:
- JellyFish, GPU malware:
https://github.com/x0r1/jellyfish
- Turla, APT russo:
https://securelist.com/analysis/publications/65545/the-epic-turla-operation/
e
https://securelist.com/blog/research/67962/the-penquin-turla-2/
- cd00r, usato da Turla:
https://www.giac.org/paper/gcih/342/handle-cd00r-invisible-backdoor/103631
e
https://www.giac.org/paper/gcih/207/cd00rc-extending-packet-coded-backdoor-server-netcat-relays-high-bandwidth/101846
e
https://funoverip.net/2011/03/cd00r-knocking-backdoor-improved/
- alcune userland backdoors:
https://github.com/chokepoint/azazel e
https://github.com/andreafabrizi/prism
- Il gia` citato BDFProxy:
https://github.com/secretsquirrel/BDFProxy
(attualmente sto scrivendo una nuova versione che pubblichero` nei
prossimi giorni, tenete d'occhio il mio repo
https://github.com/davinerd)
Credo sia tutto. Se ho dimenticato qualcosa fatemi sapere.
Se mi viene in mente altro, aggiungero`.
Al prossimo hackmeeting \o/
--
Anathema
+--------------------------------------------------------------------+
|GPG/PGP KeyID: CFF94F0A available on http://pgpkeys.mit.edu:11371/ |
|Fingerprint: 80CE EC23 2D16 143F 6B25 6776 1960 F6B4 CFF9 4F0A |
| |
|https://keybase.io/davbarbato |
|https://www.msack.org |
+--------------------------------------------------------------------+