stephenzupan / cyber Goto Github PK
View Code? Open in Web Editor NEWthis repo contains different scripts pertaining to cybersecurity projects
cyber's Introduction
In the MITM (Man in the Middle) folder there is a script (MITM.py) which takes two cmd line arguments, a target IP:Port combination and a gateway IP:Port combination. This implant sits between the target and the gateway and replaces any .exe or .sh download requests with a poisoned version of the requested file. This MITM has several bugs at the moment but I wanted to include it because of all the hours I poured into this assignment.
The Timing Attack folder features a timing attack (exploit_szupan.py) on what I found to be a very frustrating target server (hw.py). My script times the response between the target server and the user and exploits it to quickly brute force an administrator-privileged PIN. The result of this attack is an interactive python shell that can be used to exploit the target server.
Finally, the Network Pivoting subdirectory has both an exploit script (pivot.py) as well as a screenshot visualization from CypherPath (the platform on which our pen testing homework was created and tested) of the target network. In the image you can see the basic network layout, including the attack box, the computers the attack box can access, and the final targets which my exploit worms through and steals login credentials and other IP:Port combinations for potential targets. This implant stops when the target file, 'flag.txt,' is found and securely exfiltrated to the attacking box.
All of these folders also contain the homework assignment files for which the exploits were created.
The Metasploit folder contains 3 Ruby scripts (auxiliary_szupan.rb, exploit_szupan.rb, and post_szupan.rb) I created for an offensive pen testing toolkit. The target server these scripts are designed to run on is included in the folder as well (TargetServer.py) as the assignment explanation in .pdf format.
In the PowerShell folder there are two files, a PowerShell script (implant_szupan.ps1) containing an offensive toolkit designed to locate a sensitive file, backdoor the target machine, and exfiltrate the file to a secure server. The .pdf file details the specifics for the assignment.
cyber's People
Contributors
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.