All Projects → gvb84 → Brutedet

gvb84 / Brutedet

Licence: mit
Generalized proof of concept tool which can be used for drop-in bruteforce protection when needed.

Programming Languages

c
50402 projects - #5 most used programming language

Projects that are alternatives of or similar to Brutedet

Ladongo
Ladon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Stars: ✭ 366 (+7220%)
Mutual labels:  security-tools, detection, brute-force
Esd
Enumeration sub domains(枚举子域名)
Stars: ✭ 785 (+15600%)
Mutual labels:  security-tools, brute-force
Limitrr
Light NodeJS rate limiting and response delaying using Redis - including Express middleware.
Stars: ✭ 203 (+3960%)
Mutual labels:  security-tools, brute-force
Vxscan
python3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Stars: ✭ 1,244 (+24780%)
Mutual labels:  security-tools, detection
Ladon
大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+58120%)
Mutual labels:  security-tools, brute-force
Aiodnsbrute
Python 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+7300%)
Mutual labels:  security-tools, brute-force
Canary
Canary: Input Detection and Response
Stars: ✭ 29 (+480%)
Mutual labels:  security-tools, detection
Pentester Fully Automatic Scanner
DNS Subdomain● Brute force ● Web Spider ● Nmap Scan ● etc
Stars: ✭ 315 (+6200%)
Mutual labels:  security-tools, brute-force
Applicationinspector
A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Stars: ✭ 3,873 (+77360%)
Mutual labels:  security-tools, detection
Sentinel Attack
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (+13420%)
Mutual labels:  security-tools, detection
Graudit
grep rough audit - source code auditing tool
Stars: ✭ 747 (+14840%)
Mutual labels:  security-tools
Scapy
Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.
Stars: ✭ 6,932 (+138540%)
Mutual labels:  security-tools
Awesome Object Detection
Awesome Object Detection based on handong1587 github: https://handong1587.github.io/deep_learning/2015/10/09/object-detection.html
Stars: ✭ 6,628 (+132460%)
Mutual labels:  detection
Bluespawn
An Active Defense and EDR software to empower Blue Teams
Stars: ✭ 737 (+14640%)
Mutual labels:  security-tools
Bypass Firewalls By Dns History
Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
Stars: ✭ 739 (+14680%)
Mutual labels:  security-tools
Sprayingtoolkit
Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Stars: ✭ 802 (+15940%)
Mutual labels:  security-tools
Awesome Python Security
Awesome Python Security resources 🕶🐍🔐
Stars: ✭ 738 (+14660%)
Mutual labels:  security-tools
Brakeman
A static analysis security vulnerability scanner for Ruby on Rails applications
Stars: ✭ 6,281 (+125520%)
Mutual labels:  security-tools
Cs Suite
Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
Stars: ✭ 815 (+16200%)
Mutual labels:  security-tools
Safety Helmet Wearing Dataset
Safety helmet wearing detect dataset, with pretrained model
Stars: ✭ 802 (+15940%)
Mutual labels:  detection

In this tarball you'll find a simple, drop-in bruteforce detection program. It's a very lightweight implementation in portable C and it doesn't require any external dependencies besides a standard C library. It should run under all modern POSIX-like systems (Linux, *BSD etc). The actual program doesn't know anything about IP addressess or the structure of the data that's being fed into it. One simply feeds textual lines of data to it's standard input. This data is then fed into a counting Bloom filter for three specific time buckets. There's a time bucket for a 10 second period, a 60 second period and a 10 minute period. The tresholds for each bucket are user configurable and once a treshold is reached a bruteforce attempt is detected and a supplied command will be executed. One can then for example add a firewall rule to block a certain IP address.

The tool is just quick proof of concept but it might be useful when one doesn't have the time and resources to add integrated bruteforce detection to possibly very complex web application stack. It's easy to filter for, say, very CPU-intensive URL's and set specific tresholds for those URL's.

More information regarding usage of the tool can be found at the included HTML file in this distribution 'doc/brutedet.html' or by emailing the author.

email: Vincent Berg [email protected]

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].