[Dailydave] Dshell versus INNUENDO

Dave Aitel dave at immunityinc.com
Tue Feb 3 14:06:29 EST 2015


The US Army recently released DShell
<http://gizmodo.com/the-army-just-open-sourced-its-security-software-1683023527>,
which they've been using to do network incident response, as open
source. Part of it is a DNS decoder
<https://github.com/USArmyResearchLab/Dshell/blob/master/decoders/dns/innuendo-dns.py>
that tries to find INNUENDO traffic. Although they developed it only by
looking at our demonstration video <https://vimeo.com/115206626> (note:
email admin at immunityinc.com for an eval copy of INNUENDO!) we can
confirm their script works (see below).

It may, or may not, work against the *next* version of INNUENDO. ;>

Thanks,
Dave Aitel
Immunity, Inc.

Dshell image
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20150203/d33f831f/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dshell.png
Type: image/png
Size: 270242 bytes
Desc: not available
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20150203/d33f831f/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20150203/d33f831f/attachment-0001.sig>


More information about the Dailydave mailing list