Flightsim - A Utility To Generate Malicious Network Traffic In Addition To Evaluate Controls - Hi friends mederc, In the article that you read this time with the title Flightsim - A Utility To Generate Malicious Network Traffic In Addition To Evaluate Controls, We have prepared this article well for you to read and retrieve information from it. hopefully fill the posts Article Flightsim, Article golang, Article Hijacking, Article Intrusion Detection, Article Monitoring, Article Network Traffic, Article Port Scan, Article Scan, Article Testing Tools, Article Tunneling, we write this you can understand. Alright, happy reading.

Title : Flightsim - A Utility To Generate Malicious Network Traffic In Addition To Evaluate Controls
link : Flightsim - A Utility To Generate Malicious Network Traffic In Addition To Evaluate Controls

Flightsim - A Utility To Generate Malicious Network Traffic In Addition To Evaluate Controls

flightsim is a lightweight utility used to generate malicious network traffic in addition to tending safety teams to evaluate safety controls in addition to network visibility. The tool performs tests to copy DNS tunneling, DGA traffic, requests to known active C2 destinations, in addition to other suspicious traffic patterns.

Installation
Download the latest flightsim binary for your OS from the GitHub Releases page. Alternatively, the utility tin privy hold upward built using Golang inwards whatever surroundings (e.g. Linux, MacOS, Windows), equally follows:

go larn -u github.com/alphasoc/flightsim/...

Running Network Flight Simulator
Upon installation, examination flightsim equally follows:

$ flightsim --help  AlphaSOC Network Flight Simulator™ (https://github.com/alphasoc/flightsim)  flightsim is an application which generates malicious network traffic for safety teams to evaluate safety controls (e.g. firewalls) in addition to ensure that monitoring tools are able to let on malicious traffic.  Usage:   flightsim [command]  Available Commands:   tending        Help close whatever command   run         Run all simulators (default) or a special examination   version     Print version in addition to larn out  Flags:   -h, --help   tending for flightsim  Use "flightsim [command] --help" for to a greater extent than information close a command

The utility runs private modules to generate malicious traffic. To perform all available tests, exactly piece of job flightsim run which volition generate traffic using the start available non-loopback network interface. NB: when running the C2 modules, flightsim volition get together electrical flow C2 addresses from the Cybercrime Tracker in addition to AlphaSOC API, in addition to then requires egress Internet access.
To listing the available modules, piece of job flightsim run --help. To execute a special test, piece of job flightsim run <module>, equally below.

$ flightsim run --help Run all simulators (default) or a special examination  Usage:   flightsim run [c2-dns|c2-ip|dga|hijack|scan|sink|spambot|tunnel] [flags]  Flags:   -n,                      release of hosts generated for each simulator (default 10)       --fast               run simulator fast without slumber intervals   -h, --help               tending for run   -i, --interface string   network interface to piece of job  $ flightsim run dga  AlphaSOC Network Flight Simulator™ (https://github.com/alphasoc/flightsim) The IP address of the network interface is 172.31.84.103 The electrical flow fourth dimension is 10-Jan-18 09:30:28  Time      Module   Description -------------------------------------------------------------------------------- 09:30:28  dga      Starting 09:30:28  dga      Generating listing of DGA domains 09:30:30  dga      Resolving rdumomx.xyz 09:30:31  dga      Resolving rdumomx.biz 09:30:31  dga      Resolving rdumomx.top 09:30:32  dga      Resolving qtovmrn.xyz 09:30:32  dga      Resolving qtovmrn.biz 09:30:33  dga      Resolving qtovmrn.top 09:30:33  dga      Resolving pbuzkkk.xyz 09:30:34  dga      Resolving pbuzkkk.biz 09:30:34  dga      Resolving pbuzkkk.top 09:30:35  dga      Resolving wfoheoz.xyz 09:30:35  dga      Resolving wfoheoz.biz 09:30:36  dga      Resolving wfoheoz.top 09:30:36  dga      Resolving lhecftf.xyz 09:30:37  dga      Resolving lhecftf.biz 09:30:37  dga      Resolving lhecftf.top 09:30:38  dga      Finished  All done! Check your SIEM for alerts using the timestamps in addition to details above.

Description of Modules
The modules packaged amongst the utility are listed inwards the tabular array below.

Module	Description
c2-dns	Generates a listing of electrical flow C2 destinations in addition to performs DNS requests to each
c2-ip	Connects to 10 random electrical flow C2 IP:port pairs to copy egress sessions
dga	Simulates DGA traffic using random labels in addition to top-level domains
hijack	Tests for DNS hijacking back upward via ns1.sandbox.alphasoc.xyz
scan	Performs a port scan of 10 random RFC 1918 addresses using mutual ports
sink	Connects to 10 random sinkholed destinations run past times safety providers
spambot	Resolves in addition to connects to random Internet SMTP servers to copy a spam bot
tunnel	Generates DNS tunneling requests to *.sandbox.alphasoc.xyz

Download Flightsim

Thus the article Flightsim - A Utility To Generate Malicious Network Traffic In Addition To Evaluate Controls

That's all the article Flightsim - A Utility To Generate Malicious Network Traffic In Addition To Evaluate Controls this time, hopefully can benefit you all. okay, see you in another article posting.

You are now reading the article Flightsim - A Utility To Generate Malicious Network Traffic In Addition To Evaluate Controls with the link address https://mederc.blogspot.com/2019/09/flightsim-utility-to-generate-malicious.html

Share this post