NetNeedle provides for encrypted control channels and chat sessions that are disguised to look like other common network activity. It only transmits "decoy" data in the "payload" section of any packet, so forensic analysts will only see packets that look identical to ordinary ping or HTTP GET requests. The actual data is encoded in IP headers in fields that typically contain random values. In addition to evasion features, penetration testers can use this tool to maintain control over servers in environments with highly restrictive access lists. Because NetNeedle subverts expectations surrounding network traffic, it enables users to set up back doors that use simple ICMP packets or TCP ports that are already in use. Administrators who believe that they are safe due to "principle of least privilege" access control lists or who believe that ICMP ping is harmless will find themselves sadly mistaken.
56da4a7d0137517d311b0345a3bd36bb779ed022129f6019d8d167245c947157Coreography is an open source utility for browsing memory images on a Pentium based Linux system. It allows users to search through core dumps, ELF executables, libraries, object files, and even currently running processes. It was designed with simplicity in mind but is very versatile at the same time.
1e63b015698902272ebde05e271b34a69542d5e15d34573e080a53cc5f488286
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed