Awesome-Mirrors/awesome-shodan-queries
1
0
Fork 0
mirror of https://github.com/jakejarvis/awesome-shodan-queries.git synced 2025-02-24 16:39:49 -05:00
Code Issues Packages Projects Releases Wiki Activity

Update readme.md

Browse Source
This commit is contained in:
H3liumBoy 2022-07-26 16:58:01 +02:00 committed by GitHub
parent b3439d187b
commit 6ccec14b34
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 53 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
readme.md
View File

@ -28,6 +28,7 @@ The world and its devices are quickly becoming more connected through the shiny
- [Printers & Copiers](#printers--copiers)
- [Home Devices](#home-devices)
- [Random Stuff](#random-stuff)
- [Threat hunting](#threat-hunting)
---
@ -689,7 +690,59 @@ port:17 product:"Windows qotd"
"X-Recruiting:"
```
## Threat-hunting
C2 traffic
product:"c2"
### Cobalt Strike [🔎 →](https://beta.shodan.io/search?query=product%3A%22Cobalt+Strike+Beacon%22)
Cobalt Strike was one of the first public red team command and control frameworks. In 2020, HelpSystems acquired Cobalt Strike to add to its Core Security portfolio and pair with Core Impact. Today, Cobalt Strike is the go-to red team platform for many U.S. government, large business, and consulting organizations.
Hunt Query:
```
product:"Cobalt Strike Beacon"
```
### Metasploit Framework [🔎 →](https://beta.shodan.io/search?query=ssl%3A%22MetasploitSelfSignedCA%22)
A Metasploit Framework is a powerful tool that provides a universal interface to work with vulnerability exploit code. It has to exploit code for a wide range of vulnerabilities that impact web servers, OSes, network equipment, and everything in between. Metasploit which serves as both exploitation and C2 frameworks.
```
ssl:"MetasploitSelfSignedCA"
```
Covenant
Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers.
ssl:"covenant" http.component:"Blazor"
Mythic
A cross-platform, post-exploit, red teaming framework built with python3, docker, docker-compose, and a web browser UI. Its designed to provide a collaborative and user-friendly interface for operators, managers, and reporting throughout red teaming.
SSL:Mythic port:7443
Brute Ratel C4
Brute Ratel C4 (BRc4), is the newest red-teaming and adversarial attack simulation tool to hit the market. While this capability has managed to stay out of the spotlight and remains less commonly known than its Cobalt Strike brethren, it is no less sophisticated. Instead, this tool is uniquely dangerous in that it was specifically designed to avoid detection by endpoint detection and response (EDR) and antivirus (AV) capabilities.
http.html_hash:-195716165
Source/Credits: ht://twitter.com/MichalKoczwara/
---