🚀 New open source drop from Happy Hacking Space

Say hello to ZmapSDK — a Python SDK for the lightning fast internet scanner zmap.io
Built with care by Atilla Balin for hackers who like things simple fast and scriptable

🔗 Dive in: https://github.com/HappyHackingSpace/ZmapSDK
Contributions welcome

#HappyHacking #OpenSource #Zmap #Python

Weekend Reads

* 10 years of Zmap https://arxiv.org/abs/2406.15585
* AI and energy demands https://buttondown.email/maiht3k/archive/on-the-energy-demands-of-ai/
* Vulnerability intelligence dataset https://arxiv.org/abs/2406.16347
* ECMP routing effects on censorship https://arxiv.org/abs/2406.19304
* Enigma v. Malwarebytes unwanted program lawsuit https://blog.ericgoldman.org/archives/2024/06/this-case-keeps-wrecking-internet-law-enigma-v-malwarebytes.htm

#Zmap #AI #CVE #BGP #Section230

ZMap: i’m speed !
ZMap is a fast single packet network scanner designed for Internet-wide network surveys
https://blindlystupid.com/zmap-im-speed/
#ITWorld #SoftwareAndTools #scan #zmap

The #ZMap Project is a collection of open source measurement tools for performing large-scale studies of the hosts and services that compose the public #Internet.

#ZMap is a fast single-packet #NetworkScanner optimized for #Internet-wide network surveys. On a computer with a gigabit connection, #ZMap can scan the entire public #IPv4 address space on a single port in under 45 minutes. With a 10gigE connection and PF_RING, #ZMap can scan the #IPv4 address space in 5 minutes.

I spotted the Got 0.90 release thanks to @AMDmi3's tool repology.org

Which, currently still doesn't distinguish between the -portable branch of Game of Trees and the one specific to OpenBSD.

Nonetheless, I was checking repology.org to see how ZMap is doing in relation to the 3.0.0 release.

At least at the time as I write this toot, of the 103 repositories tracked, MacPorts is the ONLY one at 3.0.0!

https://repology.org/project/zmap-network-scanner/versions

Two are at -beta1. I do not see any at RC1 or even RC2.

So, that may be a first for any MacPort which I maintain?

It's been an interesting Friday.

#MacPorts #ZMap #Repology #OpenSource

I submitted a PR to update MacPorts' version of ZMap to version 3.0.0 which was officially released!

https://github.com/macports/macports-ports/pull/19211

It's passed the build bot/CI checks.

However, since I do not have commit access, it is up to someone else to merge it.

Thanks to @zakir for merging one of my PRs in the upstream project before this release!

Thanks to Herby Gillot (not sure where Herby may be on the FediVerse) for giving me a heads up that 3.0.0 was officially out (I had previously been working on PRs for RC2).

#ZMap #MacPorts #OpenSource #NetworkScanning #Security

@zakir I submitted this PR which seems to have made the CI/build bots happy at least:

https://github.com/macports/macports-ports/pull/19015

Though it would probably still be advisable to get the Assets and branch tags in closer alignment for whenever this progresses beyond Release Candidates?

Regardless, it's up to someone else to merge that PR, but hopefully it improves things a little bit for MacPorts users!

#ZMap #MacPorts #OpenSource #NetworkScanning

I closed a PR (https://github.com/macports/macports-ports/pull/19013) to update the MacPorts' ZMap to 3.0.0-RC2 (which was what I had originally targeted, but somewhere along the lines I downgraded it to beta-1 erroneously thinking it was newer, when: it isn't).

Also broke out the json-c dependency as an optional variant (which was part of the original MacPorts' Portfile submission, but some build bot/CI checks led me down an incorrect path for trying to rectify the errors encountered).

Also added a default_variants +release

The release variant removes some debugging and logging options as mentioned in INSTALL.md here: https://github.com/zmap/zmap/blob/main/INSTALL.md

However, it failed the CI/build bot checks!

Looking at https://github.com/macports/macports-ports/actions/runs/5206571426/jobs/9393277491?pr=19013 it appears as if the distfile that the CI/build bots grabbed had Errors related to the checksums generated? o.O

@zakir I'm not sure if you can make heads or tails of that?

The zmap 3.0.0-RC2.tar.gz I've grabbed from here:

https://github.com/zmap/zmap/archive/refs/tags/v3.0.0-RC2.tar.gz

I do observe a date discrepancy here: https://github.com/zmap/zmap/releases (April 22nd and April 6th both being mentioned, screenshot attached for reference) not sure if that is related.

It appears as if the CI/Build bots grabbed a tarball from here:

https://codeload.github.com/zmap/zmap/legacy.tar.gz/v3.0.0-RC2?dummy=

Which, when I attempt to download locally, yields:

zmap-zmap-v3.0.0-RC2-0-g70c2688.tar.gz

Which certainly has different checksums than I included in the Portfile, e.g.

% openssl dgst -rmd160 zmap-zmap-v3.0.0-RC2-0-g70c2688.tar.gz

RIPEMD160(zmap-zmap-v3.0.0-RC2-0-g70c2688.tar.gz)= 557341e8a872eb61f8c91b64c5910c024fb7efac

openssl dgst -sha256 zmap-zmap-v3.0.0-RC2-0-g70c2688.tar.gz

SHA256(zmap-zmap-v3.0.0-RC2-0-g70c2688.tar.gz)= 35d2783b4701549caa0f099d661ba46ad96627ccf00d7352f4ee61a4702a78d8

ls -alF zmap-zmap-v3.0.0-RC2-0-g70c2688.tar.gz

-rw-r--r--@ 1 grey staff 156261 Jun 8 02:20 zmap-zmap-v3.0.0-RC2-0-g70c2688.tar.gz

If I had to guess: there were two tarballs with a 3.0.0-RC2 "version" and that is the source of the issue?

🙏
#ZMap #MacPorts #OpenSource

@zakir With much help and thanks from Herby Gillot (and still outstanding A/V accompaniment by @xorcist_band /https://kick.com/djbat ), that PR has been merged!

So, ZMap is now part of MacPorts:

https://ports.macports.org/port/zmap/details/

#ZMap #MacPorts #OpenSource

352 #highered #jobs seek #OSS experience (https://bit.ly/2QlPas0) including…

Software Developer at Stanford University (@stanford ): " You will help foster an #opensource community of external researchers as well as support researchers in their use of #ZMap tools. All development will be public and open source. Serve as the primary maintainer of the ZMap suite of open source network measurement tools. Act as a public face of the open source project."

https://www.higheredjobs.com/search/details.cfm?JobCode=178260446&Title=Software%20Developer

OSINT: Zmap, How to Scan the Entire Internet in 45 Minutes! #osint #zmap #infosec #cybersecurity #cyberwarrior #cyberwarrior #osint
https://www.hackers-arise.com/post/zmap-for-scanning-the-internet-scan-the-entire-internet-in-45-minutes

RT @three_cube@twitter.com

Open Source Intelligence (OSINT) for Hackers: Using Zmap to Scan the Entire Internet in 45 Minutes! #zmap #osint #osint4hackers #cyberwarrior

https://hackers-arise.com/post/zmap-for-scanning-the-internet-scan-the-entire-internet-in-45-minutes

🐦🔗: https://twitter.com/three_cube/status/1363531254755250179

Russland: Datenleak des Überwachungsprojektes „SORM“ https://tarnkappe.info/russland-datenleak-des-ueberwachungsprojektes-sorm/ #AntonCherepennikov #LeonidEvdokimov #AlisherUsmanov #paketsniffer #Russland #Artikel #MFISoft #Sarow #SORM #ZMAP

Entweder meine Fritze oder mein Provider mag es nicht wenn ich große Portscans mache. Meine Leitung war bis zum Neustart des Routers tot. 15 GB in die Welt schicken geht mit 40 MBit/s ganz gut. #zmap