Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists, where trail can be anything from domain name, URL, IP address or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in discovery of unknown threats (e.g. new malware).
- Uses multiple public blacklists (alientvault, autoshun, badips, sblam etc)
- Has extensive static trails for identification (domain names, URLs, IPaddresses or User-Agent values)
- Optional heuristic mechanisms for detection of unknown threats
- Based on Traffic -> Sensor <-> Server <-> Client Architecture
- Web reporting interface
Continue reading “Detect malicious traffic with MalTrail in Linux”
1 Install TakeTV
DLNA/UPnP devices such as smart TVs are known to have no security at all.
Now you can discover these devices and take control of them using your terminal thanks to TakeTV! Install it; clone its
repository first: git clone https://github.com/SvelizDonoso/taketv.git.
Then install its dependencies: sudo apt-get/dnf install youtube-dl.
2 Discover exposed devices
After installing the tool, use it to auto-discover any DLNA/UPnP-enabled devices on the network: python taketv.py –all –timeout 30.
Once the time’s up, a list of discovered devices will be shown.
3 Prepare some media
You can download media and store it on your local Apache HTTP server, or you can use the ‘assistent’ tool (yes, the spelling is wrong) included with TakeTV.
Download the classic ECB-Tux image:
python assistent.py –url https://blog.ilippo.io/content/images/2015/11/Tux-ECB.png –dimage.
You can download video and audio from
YouTube as well.
4 Start your local HTTP server
Start your HTTP server now: python assistent.py –httpserver –port 8000. Feel free to change the TCP port and make sure you allow the remote TV/device to connect to it: sudo iptables -I INPUT 1 -p tcp -s –dport 8000 -j ACCEPT.
5 Take over!
It’s time to take over the TV! You can cast the downloaded image/video/audio to it,
control its volume, mute/unmute it, and more:
python taketv.py –ip YOUR_TV_IP –play http://HTTPSERVERIP/imagen/Tux-ECB.png
See python taketv.py -h for help.