- 44
- 43 299
aalphaas
New Zealand
เข้าร่วมเมื่อ 4 พ.ย. 2011
Expert Guidance on Uncharted Cybersecurity Frontiers
eBPF Tutorial Part 8: Non-Interactive Honeypot with eBPF and XDP
In this eighth installment of our eBPF tutorial series, we demonstrate a non-interactive honeypot application developed using eBPF and XDP. This honeypot simulates open ports on a system without actually exposing any services. When scanned, it responds as if the targeted ports are open, potentially misleading unauthorized scanners.
Key features:
Utilizes eBPF and XDP for efficient packet processing
Simulates open ports without running actual services
Provides a method for early detection of network scanning activities
This tutorial covers the implementation details, explaining how eBPF and XDP are leveraged to create this deceptive network security tool. We'll examine the code structure, deployment process, and potential use cases for this type of honeypot in network security strategies
Key features:
Utilizes eBPF and XDP for efficient packet processing
Simulates open ports without running actual services
Provides a method for early detection of network scanning activities
This tutorial covers the implementation details, explaining how eBPF and XDP are leveraged to create this deceptive network security tool. We'll examine the code structure, deployment process, and potential use cases for this type of honeypot in network security strategies
มุมมอง: 136
วีดีโอ
Building a Firewall with eBPF and TC Hooks - Part 7 of the eBPF Series
มุมมอง 98หลายเดือนก่อน
n this video, we're diving into Part 7 of our eBPF series and Part 3 of our network security journey using eBPF. We'll explore how to build a firewall using eBPF and TC hooks to filter IP addresses. Topics Covered: Introduction to TC (Traffic Control) and its role in network traffic management Overview of our firewall application, including its architecture and components Step-by-step code walk...
Part 6 of eBPF Programming Series: Building Firewall (Egress) with eBPF and LSM Hook
มุมมอง 96หลายเดือนก่อน
In this part of the series, showcasing another practical implementation of eBPF in network security, an egress filter using the LSM hook: socket_connect. This filter offers an efficient and lightweight solution for instant network restrictions. Highlights: •Detailed explanation of the LSM hook socket_connect. •How to leverage the socket_connect lsm hook in developing an egress filter using eBPF...
eBPF Programming Part 5 - DIY Firewall using eBPF
มุมมอง 188หลายเดือนก่อน
Welcome to Part 5 of my eBPF Programming Series! In this episode, we explore network security using eBPF, with a specific focus on XDP (Express Data Path). XDP allows for high-performance packet processing directly in the Linux kernel, making it a powerful tool for building network security solutions. What you’ll learn in this video: A deep dive into XDP and how it works. The advantages of XDP ...
Build Web Application Firewall using eBPF - Prevent Command Injection, Backdoors and Reverse Shells
มุมมอง 1772 หลายเดือนก่อน
In this video, I demonstrate a simple yet effective Web Application Firewall (WAF) built using eBPF and Linux Security Module (LSM) hooks. This tool blocks command injection attacks by ensuring that only specific commands are allowed to run on the server, making any unauthorized attempts, including reverse shells, useless to attackers. No source code changes are required-just run this eBPF app ...
eBPF Programming Part 3 - Preventing Linux Local Privilege Escalation using eBPF and LSM
มุมมอง 1972 หลายเดือนก่อน
In this video, I showcase a program I developed using eBPF (Extended Berkeley Packet Filter) and Linux Security Modules (LSM) to prevent Linux Local Privilege Escalation. By hooking into the bprm_check_security function, the program effectively monitors and prevents Linux Local Privilege Escalation.
eBPF Programing Part 2 Malware Detection Using eBPF and LSM
มุมมอง 1652 หลายเดือนก่อน
In this video, I showcase a program I developed using eBPF (Extended Berkeley Packet Filter) and Linux Security Modules (LSM) to detect self-deleting malware behavior. By hooking into the path_unlink function, the program effectively monitors and detects malicious activities where a binary attempts to delete itself.
eBPF Programming for Cybersecurity Enthusiasts
มุมมอง 2722 หลายเดือนก่อน
In this demo, I mainly focused on tracepoint syscalls hooks, how to use them in eBPF programs, and different types of eBPF loaders. Things covered in this video are: Writing a simple tracepoint/syscalls hook in C eBPF program and eBPF loader How eBPF kernel space programs work How to make use of different types of loaders to load eBPF into kernel space
Shadower - A Controlled R@ns0mw@r3 Simulator for Red Teamers.
มุมมอง 2755 หลายเดือนก่อน
Shadower is a tool designed for red teaming methodologies, automating the creation of droppers using the .NET remote reflector loading function. This advanced technique allows droppers to covertly load agents over the network, executing them in memory to conceal the true nature of the malicious payload. Shadower enables the development of droppers that can load agents over the network, simulati...
Automating Red Team Operations for Controlled R@ns0mw@r3 Simulations
มุมมอง 3298 หลายเดือนก่อน
Shadower, a tool that for red teaming methodologies, automating the creation of agents utilizing the .NET remote reflector loading function. This technique allows agents to discreetly load actual binaries over the network, executing them in memory to obscure the true nature of the malicious payload. Shadower enables the creation of agents capable of encrypting files on victim machines, marked b...
Reverse Shell using Wireshark: Unleashing Wireshark's Offensive Hidden Powers
มุมมอง 463ปีที่แล้ว
In this video, join me as we delve into the world of Wireshark's offensive powers. Discover the secret offensive capabilities of this powerful tool and witness how attackers exploit its hidden powers for their nefarious purposes. From Lua scripting to executing external binaries, we'll explore the dark side of Wireshark and learn how to defend against these cunning tactics. Prepare to be captiv...
AI-Driven Reverse Shells - Programming for Pentesters and Red Teamers with ChatGPT: Part 2
มุมมอง 332ปีที่แล้ว
Welcome to Part 2 of "Programming for Pentesters and Red Teamers" series! In this video, we delve into the fascinating realm of using generative AI, specifically ChatGPT, to develop custom applications for penetration testing engagements. Join me, as we explore the concept of reverse shells over HTTP, a crucial tool for remote access and control in ethical hacking scenarios. With the guidance o...
UDPEvader Builder - A platform independent UDP reverse shell builder
มุมมอง 210ปีที่แล้ว
Welcome to the latest version of UDPEvader, a powerful tool designed to assess the effectiveness of your antivirus software. UDPEvader serves as a platform-independent agent and controller, communicating flawlessly over UDP to evaluate your antivirus solution. With UDPEvader, identifying the effectiveness of your antivirus has never been easier. This tool empowers you to uncover any vulnerabili...
UDPEvader - A platform independent UDP reverse shell
มุมมอง 239ปีที่แล้ว
Introducing UDPEvader, a powerful tool designed to assess the effectiveness of your antivirus . UDPEvader is a platform-independent agent and controller communicates over UDP that can assess your antivirus . It helps you identify effectiveness of your antivirus. The tool offers unique features like custom prompts and dynamic port setting, making it easy to use and customize. Watch the demo wher...
AI-Driven Reverse Shells - Programming for Pentesters and Red Teamers with ChatGPT: Part 1 "
มุมมอง 2.6Kปีที่แล้ว
Welcome to Part 1 of "Programming for Pentesters and Red Teamers" series! In this video, we delve into the fascinating realm of using generative AI, specifically ChatGPT, to develop custom applications for penetration testing engagements. Join me, as we explore the concept of reverse shells over TCP , a crucial tool for remote access and control in ethical hacking scenarios. With the guidance o...
🔒 Shadower: The Ultimate Defense Stack Evaluation Tool | AV Bypass, Ransomware Simulation & More!🚀🛡️
มุมมอง 559ปีที่แล้ว
🔒 Shadower: The Ultimate Defense Stack Evaluation Tool | AV Bypass, Ransomware Simulation & More!🚀🛡️
Mimik: Create Your Own Controlled Ransomware | Red Team Powerhouse 💥🔒
มุมมอง 8422 ปีที่แล้ว
Mimik: Create Your Own Controlled Ransomware | Red Team Powerhouse 💥🔒
Experimental Remote Admin Tool for Penetration Testers - Complete Access via Stealthy HTTP RDP
มุมมอง 1.4K2 ปีที่แล้ว
Experimental Remote Admin Tool for Penetration Testers - Complete Access via Stealthy HTTP RDP
C# for Pentesters Part IX - SSL Reverse Shell
มุมมอง 8052 ปีที่แล้ว
C# for Pentesters Part IX - SSL Reverse Shell
Cross platform Rust ReverseShell Agent and Controller
มุมมอง 5802 ปีที่แล้ว
Cross platform Rust ReverseShell Agent and Controller
Nim Lang for Pentesters Part V Create Undetectable Payload by loading your exe to memory
มุมมอง 8523 ปีที่แล้ว
Nim Lang for Pentesters Part V Create Undetectable Payload by loading your exe to memory
C# for Pentesters Part VIII Undetectable reverse shell and automate Macro Embedded Word using C#
มุมมอง 7843 ปีที่แล้ว
C# for Pentesters Part VIII Undetectable reverse shell and automate Macro Embedded Word using C#
C# for Pentesters Part VII - FUD reverse shell using InstallUtil.exe
มุมมอง 1.2K3 ปีที่แล้ว
C# for Pentesters Part VII - FUD reverse shell using InstallUtil.exe
Nim Lang for Pentesters Part IV Automate Macro Embedded Excel and assessment of anti virus
มุมมอง 6173 ปีที่แล้ว
Nim Lang for Pentesters Part IV Automate Macro Embedded Excel and assessment of anti virus
Anti Virus assessment - platform independent reverse shell using V Lang
มุมมอง 4793 ปีที่แล้ว
Anti Virus assessment - platform independent reverse shell using V Lang
C# for Pentesters Part VI Automate Macro Embedded Excel with FUD reverse shell
มุมมอง 5923 ปีที่แล้ว
C# for Pentesters Part VI Automate Macro Embedded Excel with FUD reverse shell
Nim for Pentesters Part III Antivirus assessment using PS reverse shell without PowerShell.exe
มุมมอง 8513 ปีที่แล้ว
Nim for Pentesters Part III Antivirus assessment using PS reverse shell without PowerShell.exe
C# for Pentesters - Part V - Anti virus assessment using Regasm.exe and regsvr32.exe
มุมมอง 1K3 ปีที่แล้ว
C# for Pentesters - Part V - Anti virus assessment using Regasm.exe and regsvr32.exe
Antivirus assessment using AvBuster 3.0
มุมมอง 5993 ปีที่แล้ว
Antivirus assessment using AvBuster 3.0
Nim Lang for Pentesters Part II - Classic Shellcode Injection using Nim
มุมมอง 7863 ปีที่แล้ว
Nim Lang for Pentesters Part II - Classic Shellcode Injection using Nim
nice explanation. It will be very helpful if you provide the source and all documents. thank you
I will upload all to my git here github.com/diljith369/learning-ebpf asap
plz provide slide and code
Can c++ thick client app will open with dotpeek ?
Rather than providing a simple 'yes' or 'no' answer to a question, I would like you to try it , (Hint : dotnet binaries are byte codes (IL)and requires CLR's JIT compiler to translate the IL code to machine code, c++ binaries compilation process is different" Hope you got it , sorry for the delayed response :) Happy learning
can u make videos on api nd mobile pentesting
Will definitely try once i get enough time, sorry for the delayed response
Much appreciated for everything, please change your terminal's font color to default and focus more on malware development techniques rather than reverse shells. get out of it please.
Thanks for the video Can you shoot a video about pdf code injection for the C# for Pentest series?
thanks can you show the pdf exploit with C#
thanks can you show the pdf exploit with C#
WHOAA! LOVE YOUR STUFF MATE, KEEP UP THIS DIRTY OFFENSIVE PROGRAMMING SERIES PLEASE!
Mimik ransomware simimulator code sir... Not upload on GitHub
First
Pls pdf exploit
Hello my friend, first of all thank you for your informative videos. I'd like to ask you which GitHub repo that contains bypassAV in c# language in your GitHub account. Could you share me the link ?
Sir which encryption method we should use to bypass antiviruses and is encryption method used to bypass antiviruses ? Thank you ...
its 1 year later ? do you know ho to bypass avs with shellcode encryption now days ?
you are genius
Thats cool
where to get xoring script???
Have discord channel or discord? Want to ask if you have some recommendations for learning c#,nim and c++ even nim. Or resources i could use.
Please continue making these nim lang videos.
Where can I get this application?
will be available soon in my github , working on next version :)
@@Aalphaas Nice! Could you share your github profile?
@@tojabdhei4881 github.com/diljith369
Love your channel ❤️
This seems to be a really interesting language, very go-like but more powerful. Kee up this great content.
I love your videos, thanks!!
<3
Great Video as always, Do you have a discord server?
bro your audio volum is low plz make it high
download "sslrevshellrest"?
discord pls ?
Cool, is the source in a public repo?
Great video aalphaas, Kindly cover Process injection, migration and hollowing do you have discord?
Already covered Process Injection , process hollowing will be released soon
Please cover Process injection, Migration and Hollowing with
Bro what happened? Where u went?
ya tienes mas de mil y aun no subes que falso
github.com/diljith369/CSharp4Pentesters
Is this code uploaded?
github.com/diljith369/CSharp4Pentesters
Thank you for sharing. Really useful knowledge. However, have you figure out how to hide cmd.exe window?) It seems when victim close the windows the connection is closing (
I'm having a lot of difficulty printing the resulting output from any Powershell commands executed this way. Is there any way to unpack the PSObject that results and echo it out as a string in Nim?
2:09 Where can I download this project
github.com/diljith369/CSharp4Pentesters
Plz upload AV bypass series of Nim lang to your github account.
github.com/diljith369/nim4Pentest
Great 👍,
hi i have problems with libraries Interop
After following the video guide lines , please let me know which step you are facing issue ?
Please share the script bro
github.com/diljith369/CSharp4Pentesters
Please share the script bro
Very nice explanation calvin
Great one
can we work on making your manager handle many connections?
Yes please feel free to make changes. github.com/diljith369/OffensiveVLang
Share source code
github.com/diljith369/OffensiveVLang
burp invisible proxy is not working when client application firing http request directly to ipaddress instead of domain name
only part 1 and part 2 , comon man we need more parts love this nim videos too much ❤️❤️
iamma im lover too 😉
I like your video please share resources
github.com/diljith369/CSharp4Pentesters