On Wed, Jul 19, 2017 at 04:39:41PM -0500, eric gisse wrote: > Looking at the exitmap source, as I was curious what modules > existed....the problem I see is that it does not have modules that are > capable of the more difficult to pull off things like SSH honeypot > detection.
The Tor Project maintains a second repository with more modules. Unfortunately this repository is private because we are in an uphill battle that is already difficult -- without our adversaries being able to see what we scan for. Here's some more information on that: <https://lists.torproject.org/pipermail/tor-talk/2014-July/034219.html> > The idea is solid but the implementation has to keep up with the > times. Specific attack vectors like > CVE-2014-3566 (or any other sort of TLS/SSL downgrade attack) need to > be tested for, and all that. Which makes the "inverse-metasploit" > notion all the more compelling. Modules for that would be great. If only there were more volunteers working on these issues! > Other things come to mind like testing for binary patching (eg, ninja > exe patching). The module "patchingCheck" (in src/modules/) does this for an executable that's hosted on live.sysinternals.com. Or were you thinking of something else? -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
