Discussion · bonfire.cafe

Just finished landing Exit Code support. So now if more scanners are made or one of the projects gets more features you can quickly switch to whichever makes the most sense for your use case!

I literally lost a ton of sleep on this volunteer incident response work so I'm going to go touch grass for a bit.

More hacks later tonight, still got some loose ends gnawing at me lol.

https://github.com/datapartyjs/walk-without-rhythm?tab=readme-ov-file#how-to-use

#nodejs #npm #javascript #Sha1Hulud #WalkWithoutRhythm #Sha1HuludScanner #cybersecurity

Bradley

@bradley@techhub.social replied · 2 weeks ago

@nullagent thanks for working on/sharing this

LukefromDC

@LukefromDC@kolektiva.social replied · 2 weeks ago

@nullagent Interesting name for a worm!

nullagent

@nullagent@partyon.xyz replied · 2 weeks ago

The fork of the CrowdStrike scanner introduced me to a really good idea, I should support the same exit code design so that our tools can work in tandem.

Maybe we detect different things or maybe one vs the other works in your environment.

So I made an issue to track this support:

https://github.com/datapartyjs/walk-without-rhythm/issues/18

#CrowdStrike #Sha1HuludScanner #WalkWithoutRhythm #cybersecurity #npm #nodejs

nullagent

@nullagent@partyon.xyz replied · 2 weeks ago

Just finished landing Exit Code support. So now if more scanners are made or one of the projects gets more features you can quickly switch to whichever makes the most sense for your use case!

I literally lost a ton of sleep on this volunteer incident response work so I'm going to go touch grass for a bit.

More hacks later tonight, still got some loose ends gnawing at me lol.

https://github.com/datapartyjs/walk-without-rhythm?tab=readme-ov-file#how-to-use

#nodejs #npm #javascript #Sha1Hulud #WalkWithoutRhythm #Sha1HuludScanner #cybersecurity

Federation Bot

@Federation_Bot replied · 2 weeks ago

I spent more time searching for other Sha1-Hulud detection tools and found four more bringing it to 6 scanners (5 in nodejs).

Linked them all from my readme in case those work better for you.

Best way to beat a work like this is to keep scanning and keep an eye out for the attacker to try and evade all of our tools.

By using more than one hopefully we make the attackers job harder to evade all of us.

https://github.com/datapartyjs/walk-without-rhythm?tab=readme-ov-file#similar-tools

#Sha1Hulud #WalkWithoutRhythm #nodejs #npm #github #microsoft

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.1-alpha.8 no JS en

Automatic federation enabled