Jump to content

GAUSS - The Nation State Malware Kit


Recommended Posts

If I'm not mistaken, they are the same people that stole Corelan Coders teaching materials and sold classes teaching from tuts off his site. They tend to auto blog and plagiarize other sites, and also jump the gun on vulns. I think they even once published a vuln on BackTrack since it used the default passwords of root/toor. Might be a different site, but if its the same people, they have a whole slew of sub domains, and at one point, I think I even found XSS on one of their pages, this, coming from a school that teaches how to protect against XSS. Take what they post, with a grain of salt is all I am saying...

Yeah, same people as I had thought before ->


By the way, the default user on the link you posted, is "root". Oh, the irony.... Sure someone will have fun bruteforcing that one...


I went through the first 18 or so names of users before I got bored, then saw Ryan Dewhurst, someone I respect and follow on Twitter. Didn't know he was associated with them though. Hes one of the guys behind DVWA I think as well as the wordpress scanner or wp-scan scripts on google code(I think). Sad...good people associated with a site thats borderline crap.

Hey, lets email their webhost while we're at it... infoseci@pair.com

Edited by digip
Link to comment
Share on other sites


Also interesting that they have 14 domains using the same google analytics code.


Edited by digip
Link to comment
Share on other sites

I think they are a company, looking to make money, like most businesses, but they do it in a way, that to me, seems boderline shady. The corelan incident was bad at the time, but they worked it out and apologized, but no one likes being stolen from. I'm going through it now with Attack Scanner. Someone stole our Pro version and basically reworked it a tad, encrypted it and are selling it as their own product, so I don't like thieves in that regard, where people profit off others works. Sharing something is one thing, flat our stealing, then I have an issue when you make money off someone else's hard work and pass it off as your own. So the corelan thing was one strike against them.

Then the Backtrack thing, was kind of silly, if not just maybe a way to bring more attention to their company. Free advertisement through controversy, aka, how can we get famous like Michael Jackson famous in the tabloids, oh, lets call out someone else famous in the community and it will draw attention to us. We'll apologize again, and all will be fine, but in the meantime, it will promote us. To some extent, it worked I guess.

To me, they are the Gregory Evans of infosec though, but thats my opinion. I don't expect others to feel the same way. They have decent articles and writers, but is it all their material, or reposted from someone else's work?

Link to comment
Share on other sites

One positive = They thought it was good enough to steal ... :unsure: ... I am not anywhere near the programming level of people like you, sebkinne, etc., but isn't there a way to bind your Attack Scanner for updates, serial/integrity checks so you can have a cache and verify all of the AS's you sold?

(I sound like a Welshman, jk :) )

All in all; they have lost my trust AND I will not support/read any whitepapers, docs, info, etc. as they are probably someone elses' work. B)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...