Skip to main content

Project Artillery

By RoCk StAr DeViL

Project Artillery is an advanced active response tool for detecting attackers before they have the chance to hit the rest of your network. Project Artillery is an open-source Python-driven tool written purely in native Python. The purpose of Artillery is to provide a combination of a honeypot, file-system monitoring, system hardening, real-time threat intelligence feeds, and overall health of a server to create a comprehensive way to secure a system. Project Artillery was written to be an addition to security on a server and make it very difficult for attackers to penetrate a system. The concept is simple. Project Artillery will monitor the filesystem looking for any type of change, if one is detected, an email is sent to the server owner. If SSH brute force attacks are detected, notifications will be sent to the server owner, as well as ban the offending IP address.

Project Artillery has a built in threat intelligence feed that automatically blocks attackers known from other sensors deployed around the globe. The “Artillery Threat Intelligence Feed” (ATIF) is a number of TrustedSec owned servers strategically deployed around the globe and feeding real-time intelligence back to your Artillery installations. This allows you to be on a defensive ground for already known attackers prior to them ever hitting you. When Artillery is deployed, it contacts TrustedSec’s central intelligence feed to pull multiple Artillery sensors located around the globe into a realtime alerting system of attacker IP addresses. The Artillery systems you install will continuously pull the feeds in realtime and have coverage from attacker addresses prior to them hitting you.

One of the most effective features is the honeypot aspects of Artillery. Artillery will open a series of pre-defined ports that are commonly attacked. For example 135/445 (RPC/SMB), 1433 (MSSQL), 5900 (VNC), and many others. If an attacker attempts to port scan or connect to these ports, a random sequence of random data is sent back to the attacker to look as a strange protocol then bans the offending attacker. Using this method on the Internet yielded over 973 blocked offenders within leveraging it in a weeks timeframe

To download Project Artillery, you must utilize github and issue the following command:

Comments

Post a Comment

plz add ur comment here

Popular posts from this blog

Upcoming Book- Kali Linux Revealed: Mastering the Penetration Testing Distribution

By RoCk StAr DeViL
More exciting news! In the past year, Kali Linux Official Team has been working internally on an Official Kali Linux book – Kali Linux Revealed: Mastering the Penetration Testing Distribution . This is the first official Kali book from Offsec Press , and is scheduled for release on June 5th, 2017 . Kali Linux Revealed will be available in both hard copy and online formats. Keeping the Kali Linux spirit, the online version of the book will be free of charge, allowing anyone who wishes to hone their skills and improve their knowledge of Kali to do so at no cost. This book, together with our official Kali documentation site will encompass the body of knowledge for the Kali Linux Certified Professional   (KLCP) .
1 comment
Read more

Wordpress hacking - How to install / run wpscan on windows xp / windows 7 / windows 10

By RoCk StAr DeViL
HOW TO RUN WPSCAN ON WINDOWS Byrockstardevil Requirements: rubyinstaller Development Kit for rubyinstaller curl DLL for windows : libcurl.dll 1 - install rubyinstaller you must have Ruby 2.2.3 version . download links here : http://rubyinstaller.org/downloads/ for more info : https://github.com/oneclick/rubyinstaller/wiki 2 - install Development Kit for rubyinstaller download link : http://rubyinstaller.org/downloads/ how to install : https://github.com/oneclick/rubyinstaller/wiki/Development-Kit if you face that problem  "unknown encoding name -  (ArgumentError)" just type "chcp 1252" in cmd and hit enter 3 - install libcurl.dll A - Download libcurl.dll from : http://www.confusedbycode.com/curl/ B - copy libcurl.dll copy  libcurl.dll into ruby bin folder or wpscan folder and make sure to add it to your PATH. I also added .DLL to PATHEXT ex : C:\Ruby21-x64\bin\ you can visit : http://www.computerhope.com/issues/ch000549.htm to know to set the p...
2 comments
Read more

Kali Linux: A complete InfoSec Distro

By RoCk StAr DeViL
BackTrack has always been a popular choice when it comes to security and penetration testing. This open source distro has gained a lot of popularity and was rolled till version 5 with frequent changes to the variants. This project from Offensive Security has been moved from Ubuntu to Debian and the operating system is now renamed as Kali Linux. If you have installed a fresh copy of Kali Linux, then you might have noticed some awesome security and penetration tools under Kali Linux drop down menu list. These tools are powerful and yet efficient to use. If you go through the menu list of security tools, you might have noticed that few like Wireless Attacks, Forensics and Reverse Engineering is added, which is quite impressive. One more section has been added in the list, ie Hardware Hacking. One more thing that you would be happy to see is Arduino kit on the list. Arduino is a single-board microcontroller designed to make the process of using electronics in multi-disciplinary projects mo...
Post a Comment
Read more