all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Sandman - NTP Based Backdoor For Red Team Engagements In Hardened Networks

Add to bookmarks
Oct. 28, 2022, 11:30 a.m. | noreply@blogger.com (Unknown)

KitPloit - PenTest Tools! www.kitploit.com


Sandman is a backdoor that is meant to work on hardened networks during red team engagements.

Sandman works as a stager and leverages NTP (a protocol to sync time & date) to get and run an arbitrary shellcode from a pre-defined server.

Since NTP is a protocol that is overlooked by many defenders resulting in wide network accessibility.


Usage

SandmanServer (Usage)

Run on windows / *nix machine:

python3 sandman_server.py "Network Adapter" "Payload Url" "optional: ip to spoof"

  • Network Adapter: The …

backdoor csharp cybersecurity infosec networks ntp python red team redteam red team tools sandman team windows

Visit resource

More from www.kitploit.com / KitPloit - PenTest Tools!

HardeningMeter - Open-Source Python Tool Carefully Designed To Comprehensively Assess The Security Hardening Of Binaries … 22 hours ago | www.kitploit.com
hardeningmeter protection python python3 +2
JS-Tap - JavaScript Payload And Supporting Software To Be Used As XSS Payload Or Post … 1 day, 22 hours ago | www.kitploit.com
js-tap multithreaded taken traffic +3
MasterParser - Powerful DFIR Tool Designed For Analyzing And Parsing Linux Logs 2 days, 22 hours ago | www.kitploit.com
cyber security dfir automation digital forensic masterparser +1
C2-Cloud - The C2 Cloud Is A Robust Web-Based C2 Framework, Designed To Simplify The … 3 days, 22 hours ago | www.kitploit.com
c2-cloud command & control hacking tool offensive security +4
OSTE-Web-Log-Analyzer - Automate The Process Of Analyzing Web Server Logs With The Python Web Log … 4 days, 22 hours ago | www.kitploit.com
attack detection lfi detection oste-web-log-analyzer rfi detection +1
ThievingFox - Remotely Retrieving Credentials From Password Managers And Windows Utilities 5 days, 22 hours ago | www.kitploit.com
ntlm post-exploitation powershell python +7
Galah - An LLM-powered Web Honeypot Using The OpenAI API 6 days, 22 hours ago | www.kitploit.com
galah golang llm openai api +3
CrimsonEDR - Simulate The Behavior Of AV/EDR For Malware Development Training 1 week ago | www.kitploit.com
amsi antivirus crimsonedr dll +5
Url-Status-Checker - Tool For Swiftly Checking The Status Of URLs 1 week, 1 day ago | www.kitploit.com
bugbountyautomation bugbounty tools httpx infosys +2

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Head of Security Operations

@ Canonical Ltd. | Home based - Americas, EMEA
View on infosec-jobs.com

Security Specialist

@ Lely | Maassluis, Netherlands
View on infosec-jobs.com

Senior Cyber Incident Response (Hybrid)

@ SmartDev | Cầu Giấy, Vietnam
View on infosec-jobs.com

Sr Security Engineer - Colombia

@ Nubank | Colombia, Bogota
View on infosec-jobs.com

Security Engineer, Investigations - i3

@ Meta | Menlo Park, CA | Washington, DC | Remote, US
View on infosec-jobs.com

Cyber Security Engineer

@ ASSYSTEM | Bridgwater, United Kingdom
View on infosec-jobs.com
View more jobs