Updating DIR

LICENSE

@@ -1,16 +1,16 @@
-                    GNU GENERAL PUBLIC LICENSE
-                       Version 3, 29 June 2007
+GNU GENERAL PUBLIC LICENSE
+Version 3, 29 June 2007
 
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
+Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+Everyone is permitted to copy and distribute verbatim copies
+of this license document, but changing it is not allowed.
 
                             Preamble
 
-  The GNU General Public License is a free, copyleft license for
+The GNU General Public License is a free, copyleft license for
 software and other kinds of works.
 
-  The licenses for most software and other practical works are designed
+The licenses for most software and other practical works are designed
 to take away your freedom to share and change the works.  By contrast,
 the GNU General Public License is intended to guarantee your freedom to
 share and change all versions of a program--to make sure it remains free
@@ -19,35 +19,35 @@ GNU General Public License for most of our software; it applies also to
 any other work released this way by its authors.  You can apply it to
 your programs, too.
 
-  When we speak of free software, we are referring to freedom, not
+When we speak of free software, we are referring to freedom, not
 price.  Our General Public Licenses are designed to make sure that you
 have the freedom to distribute copies of free software (and charge for
 them if you wish), that you receive source code or can get it if you
 want it, that you can change the software or use pieces of it in new
 free programs, and that you know you can do these things.
 
-  To protect your rights, we need to prevent others from denying you
+To protect your rights, we need to prevent others from denying you
 these rights or asking you to surrender the rights.  Therefore, you have
 certain responsibilities if you distribute copies of the software, or if
 you modify it: responsibilities to respect the freedom of others.
 
-  For example, if you distribute copies of such a program, whether
+For example, if you distribute copies of such a program, whether
 gratis or for a fee, you must pass on to the recipients the same
 freedoms that you received.  You must make sure that they, too, receive
 or can get the source code.  And you must show them these terms so they
 know their rights.
 
-  Developers that use the GNU GPL protect your rights with two steps:
+Developers that use the GNU GPL protect your rights with two steps:
 (1) assert copyright on the software, and (2) offer you this License
 giving you legal permission to copy, distribute and/or modify it.
 
-  For the developers' and authors' protection, the GPL clearly explains
+For the developers' and authors' protection, the GPL clearly explains
 that there is no warranty for this free software.  For both users' and
 authors' sake, the GPL requires that modified versions be marked as
 changed, so that their problems will not be attributed erroneously to
 authors of previous versions.
 
-  Some devices are designed to deny users access to install or run
+Some devices are designed to deny users access to install or run
 modified versions of the software inside them, although the manufacturer
 can do so.  This is fundamentally incompatible with the aim of
 protecting users' freedom to change the software.  The systematic
@@ -58,14 +58,14 @@ products.  If such problems arise substantially in other domains, we
 stand ready to extend this provision to those domains in future versions
 of the GPL, as needed to protect the freedom of users.
 
-  Finally, every program is threatened constantly by software patents.
+Finally, every program is threatened constantly by software patents.
 States should not allow patents to restrict development and use of
 software on general-purpose computers, but in those that do, we wish to
 avoid the special danger that patents applied to a free program could
 make it effectively proprietary.  To prevent this, the GPL assures that
 patents cannot be used to render the program non-free.
 
-  The precise terms and conditions for copying, distribution and
+The precise terms and conditions for copying, distribution and
 modification follow.
 
                        TERMS AND CONDITIONS

README

@@ -20,47 +20,12 @@ or for illegal purposes.
 in these organizations do not care for laws and ethics anyways.
 You are not one of the "good" ones if you ignore this.)
 
-NOTE: no this is not meant to be a markdown doc! old school!
-
 BlackMarlinExec ( Seven Degrees of Domain Admin )
-```
-makefile pull pxcs/BlackMarlinExec
-```
-
 
 INTRODUCTION 
 ------------
 BlackMarlinExec uses graph and analysis theory to reveal the hidden and unintended relationships within an Active Directory or Active Environment. Security can use BlackMarlinExec to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. It also has it's own attack path management that continuously maps and quantifies Active Directory attack paths. CS can see thousand, even millions of attack paths within your existing architecture.
 
-Intro About Barracuda Attack ✓
-------------
-TCP Killer
-Barracuda is a utility to kill all TCP connections on a network. It works by intercepting network traffic, and forging RST packets of existing connections to cause hangups. Works for both IPv4 connections and IPv6. Barracuda ( TCPkiller ) is a sneaky way to kill network connections. Any targeted system will appear to work when examined through typical diagnostics - DNS will resolve, ICMP's will go through, and the network card will be able to connect ( slow ) to the network-but no TCP connections will be sustained.
-
-LDAP Automatic Injections ✓
-------------
-Using BME to automate the process of detecting and exploiting LDAP injection vulnerabilities in AD scenario. With BME, CS researcher can quickly identify and exploit LDAP injection flaws, allowing CS to assess the security posture of the applications more effectively.
-
-More Features 
-------------
-Automated detection of LDAP injection vulnerabilities.
-Exploitation of LDAP injection vulnerabilities to extract sensitive information.
-Customizable payloads for fine-tuning injection attacks.
-
-Network Traffic Analysis ✓
-------------
-This is a research project for classifying network traffic. We collected more than 300000 flows from some network. After that, we used nDPI to analyze the flows. We got more than 100 types of applications. Then we group that application into 10 classes. After that, we tried different ML algorithms to classify them.
-Our current results
-
-Decision Tree 95.8% accuracy
-Random Forest 96.69% accuracy
-Regression 92.1% accuracy
-Boosting 95.8% accuracy
-Neural Net 97.5% accuracy
-KNN 97.24% accuracy
-PAA 99.29% accuracy
-SVM 94.7% accuracy
-
 To get the dataset check out the instructions in the dataset folder.
 
 ( THIS TOOL IS FOR LEGAL PURPOSES ONLY! )
@@ -69,79 +34,6 @@ There are already several active directory tools available, however, none does
 either support more than one protocol to find an attack path or support parallelized
 connections.
 
-
-HOW TO COMPILE
---------------
-To configure, compile and install BME, just type:
-
-```
-./configure
-make
-make install
-```
-
-If you want the ssh module, you have to setup libssh (not libssh2!) on your
-system,  get it from https://www.libssh.org, for ssh v1 support you also need
-to add "x-x-x" option in the cmake command line.
-IMPORTANT: If you compile on MacOS then you must do this - do not install libssh via brew!
-
-If you use Ubuntu/Debian, this will install supplementary 'src' needed
-for a few optional modules (note that some might not be available on your distribution):
-
-This enables all optional modules and features with the exception of Oracle,
-SAP R/3, NCP and the apple filing protocol - which you will need to download and
-install from the vendor's web sites.
-
-For all other Linux derivates and BSD based systems, use the system
-software installer and look for similarly named 'src' like in the
-command above. In all other cases, you have to download all source 'src'
-and compile them manually.
-
-SUPPORTED PLATFORMS
--------------------
-- All UNIX platforms (Linux, *BSD, Solaris, etc.)
-- MacOS (basically a BSD clone)
-- Windows with Cygwin (both IPv4 and IPv6)
-- Mobile systems based on Linux, MacOS or QNX (e.g. Android, iPhone, Blackberry 10, Zaurus, iPaq)
-
-HOW TO USE
-----------
-If you just enter `bme`, you will see a short summary of the important
-options available.
-Type `./bme -h` to see all available command line options.
-
-RESULTS OUTPUT
---------------
-
-The results are output to stdio along with the other information.  Via the -command
-command line option, the results can also be written to a file.  Using -command,
-the format of the output can be specified.  Currently, these are supported: 
-
-SPEED
------
-through the parallelizing feature, this active directory tool can be very
-fast, however it depends on the protocol. The fastest are generally POP3
-and FTP.
-Experiment with the task option (-t) to speed things up! The higher - the
-faster ;-) (but too high - and it disables the service)
-
-STATISTICS
-----------
-Run against a SuSE Linux 7.2 on localhost with a "-C FILE" containing
-295 entries (294 tries invalid logins, 1 valid). Every test was run three
-times (only for "1 task" just once), and the average noted down.
-
-```
-P A R A L L E L    T A S K S
-SERVICE	1	4	8	16	32	50	64	100	128
-------- --------------------------------------------------------------------
-telnet	x-x-x
-ftp	x-x-x
-pop3	x-x-x
-imap	x-x-x
-```
-
-
 Thanks to
 - Allah and pxcs ( p3xsouger )
 - Our Offsec team GangstaCrew