Live DDoS Attack Map

This map is the fruit of collaboration between Google Ideas and Arbor Networks in an effort to raise awareness about distributed denial of service attacks in the world everyday.

Exploring the Data

The Digital Attack Map displays global DDoS activity on any given day. Attacks are displayed as dotted lines, scaled to size, and placed according to the source and destination countries of the attack traffic when known. Some features include:

Use the histogram at the bottom of the map to explore historical data.
Select a country to view DDoS activity to or from that country.
Use the color option to view attacks by class, duration, or source/destination port.
Use the news section to find online reports of attack activity from a specified time.
View the gallery to explore some examples of days with notable DDoS attacks.

About Us

Apakau, Inc. - based in Sunnyvale, CA - provides a service that helps enterprises around the globe achieve maximum performance and availability of their web and mobile applications. By ensuring ultra low latency of dynamic application data and APIs, Apakau eliminates delays that users - all over the world - experience on enterprise applications, on desktop as well as mobile devices.

Contact Us

info@apakau.com
+1 (415) 462-4934

415 Oakmead Pkwy
Sunnyvale, CA 94085

Monday, September 7, 2015

Evading AntiVirus using Veil

This is a tutorial on how to evade AV using a new tool called Veil. It is not just a tool, It is a framework like metasploit dedicated to AV evasion.

Here is the website of Veil Framework - https://www.veil-framework.com/

Installation

The best way to get Veil is by getting a copy of Kali linux. But this tool was added to kali recently, so if your copy of kali linux dont have veil installed, then you can use the following commands to install it in Kali:

apt-get update && apt-get install veil

OR

You can gitclone it on to your PC, for this type:

git clone https://github.com/Veil-Framework/Veil-Evasion.git

ok now we can have fun with the tool

Using Veil

Type ¨veil¨ into the terminal.

[Image: gf69.png]

You can use the ¨list¨ command to see the available payloads. The payloads are listed according to its success rate.

[Image: 56o1.png]

Here we are going to use the “powershell/VirtualAlloc”. To use this type ¨use 9¨.

[Image: h0dq.png]

Here we will just use the default values, so simple type ¨generate" and press enter.

Then you can choose to use Metasploit’s standard msvenom shellcode or choose your own. We will just choose the default, msfvenom.

type 1 and enter

[Image: o7ck.png]

next we have to choose the type of shell. just press enter

[Image: vjaz.png]

next enter the ip address of the host machine (the one you are using)

[Image: izi5.png]

then you have to enter the local port that you will be using, enter 4000 here

[Image: fozn.png]

You will then be asked to enter any MSVenom options that you want to use, we won’t be using any, so just press enter to bypass them.

And that is it! Veil will then generate our shellcode with the options that we chose.
Then we need to give our created file a name. here, some social engineering is required. Your file name should attract the victim.

[Image: kvgz.png]

Our file will be stored in the “/usr/share/veil/output/source/” directory.
Just take the created .bat file and send it to our target. When it is run, it will try to connect out to our machine.
We will now need to start a handler listener to accept the connection.

Getting a Remote Shell

To create the remote handler, we will be using Metasploit.

Start the Metasploit Framework from the menu or terminal (mfsconsole).
Now set up the multi/handler using the following screen:

[Image: hq1y.png]

Be sure to put in the IP address for your machine and the port that you entered into Veil. They must match exactly.

Metasploit will then start the handler and wait for a connection:

[Image: suiu.png]