https://github.com/syst3ma/awesome_cisco_exploitation

A curated list of awesome Cisco exploitation resources
https://github.com/syst3ma/awesome_cisco_exploitation

awesome awesome-list cisco cisco-exploitation exploitation ios security security-research source-code

Last synced: about 2 months ago
JSON representation

A curated list of awesome Cisco exploitation resources

• Host: GitHub
• URL: https://github.com/syst3ma/awesome_cisco_exploitation
• Owner: lololosys
• License: cc0-1.0
• Created: 2017-06-10T06:25:14.000Z (almost 8 years ago)
• Default Branch: master
• Last Pushed: 2017-10-07T11:10:41.000Z (over 7 years ago)
• Last Synced: 2024-07-29T20:08:11.799Z (9 months ago)
• Topics: awesome, awesome-list, cisco, cisco-exploitation, exploitation, ios, security, security-research, source-code
• Size: 57.5 MB
• Stars: 66
• Watchers: 8
• Forks: 14
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Contributing: contributing.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-security-collection - **29**星

README

        
[![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)

A curated list of awesome Cisco exploitation resources. Inspired by

[awesome](https://github.com/sindresorhus/awesome).

# A curated list of awesome Cisco exploitation resources

- [Awesome Cisco Exploiation](#awesome-cisco-exploitation)

    - [Exploitation](#exploitation)

    - [Shellcoding](#shellcoding)

    - [Malwares and implents](#malwares)

    - [Code](#code)

    - [Remediation](#remediation)

## Exploitation

+ [Cisco IOS Router Exploitation - A map of the problem space](http://www.blackhat.com/presentations/bh-usa-09/LINDNER/BHUSA09-Lindner-RouterExploit-PAPER.pdf) - by Felix 'FX' Lindner [July 26, 2009]

+ [Research on Cisco IOS Security Mechanisms](http://www.ipcsit.com/vol51/109-A30035.pdf) - by Xiaoyan Sua,Dongying Wua, Da Xiaoa, Yuxiang Hana [2011]

+ [Burning the bridge: Cisco IOS exploits](http://phrack.org/issues/60/7.html) - by FX of Phenoelit [2002]

+ [IOS Exploitation Techniques](ftp://hackbbs.org/milworm/166) - by Gyan Chawdhary []

+ [BENIGNCERTAIN - Extracting VPN private keys from Cisco PIX](https://packetstormsecurity.com/files/download/138470/BenignCertain.tgz)

+ [EXTRABACON - Authentication Bypass in Cisco ASA](https://www.exploit-db.com/exploits/40386/)

+ [Cisco ASA: IKEv1 heap overflow - CVE-2016-1287 - Presentation](https://www.nccgroup.trust/globalassets/newsroom/uk/blog/documents/2017/06-june/cisco-asa-episode-1-ikev1-exploit-web.pdf)

+ [Cisco ASA: IKEv1 heap overflow - CVE-2016-1287 - Writeup](https://blog.exodusintel.com/2016/02/10/firewall-hacking/)

## Shellcoding

+ [Killing the Myth of Cisco IOS Diversity - Recent Advances in Reliable Shellcode Design](https://www.usenix.org/legacy/event/woot11/tech/final_files/Cui.pdf) - by Ang Cui,Jatin Kataria,Salvatore J. Stolfo []

+ [Cisco IOS Shellcodes](https://www.blackhat.com/presentations/bh-usa-08/Chawdhary_Uppal/BH_US_08_Chawdhary_Uppal_Cisco_IOS_Shellcodes.pdf) - by Gyan Chawdhary,Varun Uppal [2008]

## Malwares

+ [SYNful Knock - A Cisco router implant](https://www.fireeye.com/blog/threat-research/2015/09/synful_knock_-_acis.html) [2015]

+ [JetPlow NSA implent](https://www.schneier.com/blog/archives/2014/01/jetplow_nsa_exp.html) 

## Code

+ [IOS 11.2-8 Leaked Source Code](https://github.com/dvur12/cisco_ios_research/tree/master/IOS%20Source%20Code/IOS-11.2-8)

## Remediation

+ [Synful Knock Scanner](https://www.talosintelligence.com/scanner/)