Git Product home page Git Product logo

linux-malware's Introduction

Hi there ๐Ÿ‘‹

  • ๐Ÿ”ญ Iโ€™m currently working on #risk, #unix, #cisco, #security and #dataanalytics
  • ๐Ÿ‘ฏ Iโ€™m looking to collaborate on ATT&CK
  • ๐Ÿ’ฌ Ask me about security research, technical or otherwise
  • ๐Ÿ“ I write articles for Cisco, share F/OSS code at CiscoCXSecurity and speak at conferences on my research
  • ๐Ÿ“ซ How to reach me: Twitter | LinkedIn | Fediverse
Tim's github stats

linux-malware's People

Contributors

darrenmartyn avatar limiteci avatar nrgline4sec avatar timb-machine avatar unixfreaxjp avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

olivierh59500 deadmanindia denisse-dev lkthinh p3t3rp4rk3r pseudobobsmith dannymas l1ves hecg119 ankitmani rasarab lalalaaa123 happyduck303 limiteci saislam preventions howler4695 simasjan rigidus leesw1347 koloer-blus daiwaka chanpu9 go3005 materaj2 ceyhuncamli crackercat eskimosuntan darrenmartyn j5s unixfreaxjp oxyo htudu superuser5 sanholy yuhmylaughs macsecurity lpdcacodingbear russ168 ish4d0w mengjacky aspenmayer hartl3y94 teichopsia ryanlycch alienzox mohamedtaoufik achromaticarc fengjixuchui x-tfrk omaramin17 dontjustadream duzzy-exoduus rockhacker magnologan hartescout hadesangel 0xlaiho uk0 rustychaps ciscocxsecurity nrgline4sec yooninjung xjhonly ethicalsecurity-agency emelnichenko empty2081 wholetthedog-out arphanetx gavz m00zh33 zaq2989 3v1lw1th1n deblike gmh5225 exporx 5l1v3r1 tabell tuantmb albertzsigovits erathaowl oleksandr-vengeruk devonsantana gnusec vineetp6 supphavit90 yyosefi 0xabdi ntkscnzv tuantm8

linux-malware's Issues

[Intel]: https://securelist.com/an-overview-of-targeted-attacks-and-apts-on-linux/98440/

Area

Press/academia

Parent threat

Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Command and Control, Exfiltration, Impact

Finding

https://securelist.com/an-overview-of-targeted-attacks-and-apts-on-linux/98440/

Industry reference

No response

Malware reference

No response

Actor reference

No response

Component

No response

Scenario

No response

[Intel]: https://rp.os3.nl/

Area

Press/academia

Parent threat

No response

Finding

https://rp.os3.nl/

Industry reference

No response

Malware reference

No response

Actor reference

No response

Component

No response

Scenario

No response

another linux sandbox

Hello Tim,

I've been studying your material on linux malware lately. Thanks for sharing your research and your thoughts.
I know of another linux sandbox that I'd like to share with you, but I don't really know how to do a PR, so here it is:

Sandbox:
https://tria.ge/s?q=tag%3alinux

Best regards,

JM

[Intel]: https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/linux-threat-report-2021-1h-linux-threats-in-the-cloud-and-security-recommendations

Area

Press/academia

Parent threat

No response

Finding

https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/linux-threat-report-2021-1h-linux-threats-in-the-cloud-and-security-recommendations

Industry reference

No response

Malware reference

No response

Actor reference

No response

Component

No response

Scenario

No response

[Intel]: https://www.crowdstrike.com/blog/an-analysis-of-lightbasin-telecommunications-attacks

Area

Malware reports

Parent threat

Credential Access, Defense Evasion, Discovery, Lateral Movement, Collection, Command and Control, Impact

Finding

https://www.crowdstrike.com/blog/an-analysis-of-lightbasin-telecommunications-attacks

Industry reference

vertical:Telecomms
attack:T1573.001:Symmetric Cryptography
attack:T1590:Gather Victim Network Information
attack:T1562.004:Disable or Modify System Firewall
attack:T1048.001:Exfiltration Over Unencrypted Non-C2 Protocol
attack:T1021.004:SSH
attack:T1037.004:RC Scripts
attack:T1090.001:Internal Proxy
attack:T1090.002:External Proxy
attack:T1110.003:Password Spraying

Malware reference

#134
SLAPSTICK
STEELCORGI
PingPong
TINYSHELL
CordScan
SIGTRANslator
Fast Reverse Proxy
Microsocks Proxy
ProxyChains

Actor reference

LightBasin
UNC1945

Component

Solaris, Linux, Telecomms

Scenario

Internal specialist services

Scenario variation

Enclave deployment

[Intel]: https://www.blackberry.com/us/en/pdfviewer?file=/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-bb-2021-threat-report.pdf

Area

Press/academia

Parent threat

Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Command and Control, Exfiltration, Impact

Finding

https://www.blackberry.com/us/en/pdfviewer?file=/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-bb-2021-threat-report.pdf

Industry reference

No response

Malware reference

LaZagne
Dalcs
Mirai
Gafgyt
Tsunami
IPStorm
Wellmess
FritzFrog

Actor reference

No response

Component

Linux

Scenario

No response

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.