Awesome
Awesome Mainframe Hacking
<a rel="license" href="http://creativecommons.org/licenses/by-sa/4.0/"><img alt="Creative Commons License" style="border-width:0" src="https://i.creativecommons.org/l/by-sa/4.0/80x15.png" /></a>
List of Awesome Mainframe Hacking/Pentesting Resources. This list is a collection of resources available online to learn Mainframe Penetration Testing & Security.
Special thanks to @mainframed767, @bigendiansmalls, @ayoul3__ and many other researchers for all their work in this field.
Contributions are welcome !
Table of Contents
↑ IBM zSeries
↑ Books
- Amazon - Mainframe Basics for Security Professionals_ Getting Started with RACF - Ori Pomerantz, Barbara Vander Weele, Mark E. Nelson, Tim Hahn (2008, IBM Press)
- Amazon - IBM Redbooks - Introduction to the New Mainframe: z/OS Basics
- PDF - PoCorGTFO#12 - Page 32 - A JCL Adventure with Network Job Entry
↑ Tutorials
- Emulating a MVS/zOS with Hercules
- bigiron - Wiki/Collection of materials related to IBM z/OS security
- TSO Tutorial
- Z/OS Introduction- An IBM Redbooks video course
- Multiple Mainframe Security guides from Chicago Classic Computing
- Using UNIX System Services to escalate your privileges on z/OS
- The crash course to z/OS pentesting by @hacksomeheavymetal
↑ Scripts and Tools
-
Mainframe Application pentesting (CICS etc.)
-
zOS Enumeration Scripts
-
FTP - JCL commmand execution - Metasploit Modules by @bigendiansmalls
-
TShOcker - Mini command interpreter for TSO & UNIX accessible by NetCat
-
Note on TESTAUTH command for running a program in elevated state
-
zOSFTPlib - python ftplib-like library specifically for Z/OS
↑ Presentations and Talks
-
Video - All the talks by Soldier of FORTRAN (@mainframed767)
-
How to Break Into z/OS Systems Through USS, TCP/IP, and the Internet
-
Video - Mainframe [z/OS] Reverse Engineering & Exploit Development by @bigendiansmalls
-
Top 10 Security Vulnerabilities in z/OS by John Hillman (Vanguard)
-
The current state of Mainframe Hacking by Phil Young - Soldier of FORTRAN (@mainframed767)
-
Advanced Mainframe Hacking by Phil Young - Soldier of FORTRAN (@mainframed767)
-
Defcon 22 From ROOT to SPECIAL - Soldier of FORTRAN (@mainframed767)
-
Mainframes: What the F$#K is That About? - Soldier of FORTRAN (@mainframed767)
-
Gaps in your Defense: Hacking the Mainframe by Soldier of FORTRAN (@mainframed767)
-
Video - Gaps in your Defense: Hacking the Mainframe by Soldier of FORTRAN (@mainframed767)
-
Hacking Mainframes; Vulnerabilities in applications exposed over TN3270 by Dominic White (Sensepost)
-
Video - Ransomware on the Mainframe: Checkmate by @bigendiansmalls
-
Video - Learning Mainframe Hacking: Where the hell did all my free time go? by @bigendiansmalls
-
Post exploit goodness on a Mainframe SPECIAL is the new root by (@ayoul3__)
-
Video - Hacking Customer Information Control System (CICS) by Ayoub Elaassal (@ayoul3__)
-
Video - IBM Networking Attacks-Or The Easiest Way To Own A Mainframe by Martyn Ruks
-
Video - Exploiting the Mainframe - Z/OS integrity 101 by Mark Wilson & Ray Overby
-
Video - A Gentle Introduction to Hacking Mainframes by Dan Helton
-
PDF- Talk - Gibson 101 - Quick Introduction to Hacking Mainframes in 2020
-
Video - Buffer overflow on the mainframe, presented by Jake Labelle
-
PDF- Talk - How I Found Mainframe Buffer Overflows by Jake Labelle
↑ ACF2 Specific references
↑ Labs
- Mainframe Hacking - Choose Your own Adventure Game
- DVCA - Damn Vulnerable CICS Application
- DC30 - Mainframe Buffer Overflows Workshop Container
↑ Misc
- Evil Mainframe Hacking Training/Course
- CBT Tape - Collection of Freeware & Open Source distribution of IBM mainframe MVS & OS/360 Environments
- z/OS Internet Library by IBM - Collection of manuals,guides & books about z/OS
- DoD Security Technical implementation Guides(STIGS) - Search for ACF2, Z/OS, RACF etc.
- Default Accounts
↑ IBM iSeries
↑ iSeries Books
- Amazon - Hacking iSeries by Shalom Carmel
- Amazon - Mastering IBM i: The Complete Resource for Today's IBM i System by Jim Buck & Jerry Fottral
- Amazon - Experts' Guide to OS/400 & i5/OS Security by Carol Woodbury & Patrick Botz
- PDF - The IBM AS400 A technical introduction
↑ Tutorials and Checklists
- AS/400 Security Assessment Mindmap
- iSeries Penetration Testing
- Security Audit of IBM AS/400 and System i : Part 1
- Security Audit of IBM AS/400 and System i : Part 2
- Security Assessment of the IBM i (AS 400) System : Part 1
- Seclists Mailing list thread on Pentesting AS/400
- Resources from Shalom Carmel's talk at BH Europe - 2006
↑ Tools
- hack400tool - security handling tools for IBM Power Systems (formerly known as AS/400)
- Hash generator for IBM System i hashes (DES, SHA-1)
- AS/400 SHA-1 hash format plugin for John the Ripper
↑ iSeries Presentations and Talks
- Hack the Legacy: IBM I aka AS400 Revealed by Bart Kulach
- AS/400 for pentesters by Shalom Carmel
- AS/400: Lifting the Veil of Obscurity