all InfoSec news
New Tool: dns-pydivert.py
Dec. 26, 2022, 12:06 a.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
dns-pydivert is a tool that uses WinDivert, a “user-mode packet capture-and-divert package for Windows” to divert IPv4 DNS packets to and from the machine it is running on.
This tool requires admin rights.
When started, it listens for IPv4 UDP packets with source and/or destination port equal to 53.
When this tools processes its first UDP packet with destination port 53, it considers the source address of this packet as the DNS client’s IPv4 address (e.g., the Windows machine …
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Consultant
@ Auckland Council | Central Auckland, NZ, 1010
Security Engineer, Threat Detection
@ Stripe | Remote, US
DevSecOps Engineer (Remote in Europe)
@ CloudTalk | Prague, Prague, Czechia - Remote
Security Architect
@ Valeo Foods | Dublin, Ireland
Security Specialist - IoT & OT
@ Wallbox | Barcelona, Catalonia, Spain