TheItalianJob Save

Uses Shodan to locate HackingTeam C&C Servers.

Project README


Uses Shodan to locate HackingTeam C&C Servers.

Only releasing the fingerprints because they are burned to the fucking ground now. Fuck those HackingTeam Scumlords. It now returns no valid results due to C&C server shutdown, but releasing for historical reasons.

Greetz to Phineas Fisher, you fucking hero.

Fuck HackingTeam

Licence: WTFPL.

More fingerprints to add now that their sekret sauce is public thanks to our lord and saviour. If you go looking at other state surveillance malwares though, you can fingerprint their C&C servers just as easily. Most of them use either a wierdly configured webserver, or a fake webserver that presents a particular banner as the C&C service. Hence, are easy to locate via shodan or by zmapping the internet.

Requirements: Shodan python module, Shodan API key from Shodan, obviously

pip install shodan

Examples of past C&C servers...
Open Source Agenda is not affiliated with "TheItalianJob" Project. README Source: 0x27/TheItalianJob
Open Issues
Last Commit
8 years ago

Open Source Agenda Badge

Open Source Agenda Rating