Awesome-Mainframe-Hacking

Mainframe Hacking Guide

A collection of resources for learning and practicing Mainframe Penetration Testing and Security

GitHub

420 stars
23 watching
69 forks
last commit: about 2 years ago

↑ IBM zSeries / ↑ Books

Mainframe Basics for Security Professionals_ Getting Started with RACF - Ori Pomerantz, Barbara Vander Weele, Mark E. Nelson, Tim Hahn (2008, IBM Press) Amazon -
IBM Redbooks - Introduction to the New Mainframe: z/OS Basics Amazon -
PoCorGTFO#12 - Page 32 - A JCL Adventure with Network Job Entry PDF -

↑ IBM zSeries / ↑ Tutorials

Emulating a MVS/zOS with Hercules
bigiron - Wiki/Collection of materials related to IBM z/OS security 42 almost 9 years ago
TSO Tutorial
Z/OS Introduction- An IBM Redbooks video course
Multiple Mainframe Security guides from Chicago Classic Computing
Using UNIX System Services to escalate your privileges on z/OS
The crash course to z/OS pentesting 81 over 4 years ago by

↑ IBM zSeries / ↑ Scripts and Tools

TN3270 Clients - X3270
Multipurpose Nmap Scripts 10,270 8 days ago

↑ IBM zSeries / ↑ Scripts and Tools / Multipurpose Nmap Scripts

tn3270-screen.nse
tso-enum.nse
tso-brute.nse
vtam-enum.nse
lu-enum.nse
cics-enum.nse
cics-info.nse
cics-user-brute.nse
cics-user-enum.nse

↑ IBM zSeries / ↑ Scripts and Tools

TPX Brute - The z/OS TPX logon panel brute forcer 17 almost 7 years ago
RACF Database Parser 10 8 months ago

↑ IBM zSeries / ↑ Scripts and Tools / Mainframe Application pentesting (CICS etc.)

CICSPwn 84 about 4 years ago
BIRP 125 about 3 years ago
CICSshot - Take screenshots of CICS 6 about 8 years ago
Hacked wc3270 emulator 6 over 8 years ago

↑ IBM zSeries / ↑ Scripts and Tools / zOS Enumeration Scripts

All in one Enumeration of information like VERSION, APF Libraries, SVCs, USERS etc. on Z/OS 63 29 days ago
Collection of REXX Scripts by @ayoul3__ 25 almost 8 years ago
SETRRCVT by @jaytay79 33 over 2 years ago

↑ IBM zSeries / ↑ Scripts and Tools

FTP - JCL commmand execution - Metasploit Modules by @bigendiansmalls 34,288 4 days ago
Metasploit Payloads for z/OS 34,288 4 days ago
NC110-OMVS Netcat for z/OS OMVS 10 over 11 years ago
TShOcker - Mini command interpreter for TSO & UNIX accessible by NetCat 24 about 6 years ago
zOS Privilege Escalation scripts by ayoul3__ 79 over 5 years ago
Note on TESTAUTH command for running a program in elevated state 5 about 5 years ago
zOSFTPlib - python ftplib-like library specifically for Z/OS

↑ IBM zSeries / ↑ Presentations and Talks

Video - All the talks by Soldier of FORTRAN (@mainframed767)
How to Break into z/OS Systems - Staurt Henderson
How to Break Into z/OS Systems Through USS, TCP/IP, and the Internet
Video - Mainframe [z/OS] Reverse Engineering & Exploit Development by @bigendiansmalls
Video - Security Necromancy : Further Adventures in Mainframe Hacking by Soldier of FORTRAN (@mainframed767) & @bigendiansmalls
Top 10 Security Vulnerabilities in z/OS by John Hillman (Vanguard)
The current state of Mainframe Hacking by Phil Young - Soldier of FORTRAN (@mainframed767)
Advanced Mainframe Hacking by Phil Young - Soldier of FORTRAN (@mainframed767)
Defcon 22 From ROOT to SPECIAL - Soldier of FORTRAN (@mainframed767)
Mainframes: What the F$#K is That About? - Soldier of FORTRAN (@mainframed767)
BSidesAustin Mainframes: Everybody has one but nobody knows how to hack them - Soldier of FORTRAN (@mainframed767)
BSidesLV 2013 - Legacy 0-Day How hackers breached the Logica Mainframe - Soldier of FORTRAN (@mainframed767)
Gaps in your Defense: Hacking the Mainframe by Soldier of FORTRAN (@mainframed767)
Video - Gaps in your Defense: Hacking the Mainframe by Soldier of FORTRAN (@mainframed767)
Hacking Mainframes; Vulnerabilities in applications exposed over TN3270 by Dominic White (Sensepost)
Video - Hacking Mainframes; Vulnerabilities in applications exposed over TN3270 by Dominic White (Sensepost)
Video - Ransomware on the Mainframe: Checkmate by @bigendiansmalls
Video - Learning Mainframe Hacking: Where the hell did all my free time go? by @bigendiansmalls
Post exploit goodness on a Mainframe SPECIAL is the new root by (@ayoul3__)
Video - Hacking Customer Information Control System (CICS) by Ayoub Elaassal (@ayoul3__)
Video - IBM Networking Attacks-Or The Easiest Way To Own A Mainframe by Martyn Ruks
Video - Cracking Mainframe Passwords by Nigel Pentland
Video - Exploiting the Mainframe - Z/OS integrity 101 by Mark Wilson & Ray Overby
Video - A Gentle Introduction to Hacking Mainframes by Dan Helton
PDF- Talk - Gibson 101 - Quick Introduction to Hacking Mainframes in 2020
Video - Buffer overflow on the mainframe, presented by Jake Labelle
PDF- Talk - How I Found Mainframe Buffer Overflows by Jake Labelle

↑ IBM zSeries / ↑ ACF2 Specific references

CA ACF2 for z/OS - 16.0 Documentation
GIAC - ACF2 Mainframe Security

↑ IBM zSeries / ↑ Labs

Mainframe Hacking - Choose Your own Adventure Game
DVCA - Damn Vulnerable CICS Application 21 9 months ago
DC30 - Mainframe Buffer Overflows Workshop Container 88 9 months ago

↑ IBM zSeries / ↑ Misc

Evil Mainframe Hacking Training/Course
CBT Tape - Collection of Freeware & Open Source distribution of IBM mainframe MVS & OS/360 Environments
z/OS Internet Library by IBM - Collection of manuals,guides & books about z/OS
DoD Security Technical implementation Guides(STIGS) - Search for ACF2, Z/OS, RACF etc.
Default Accounts 81 over 4 years ago

↑ IBM iSeries / ↑ iSeries Books

Hacking iSeries by Shalom Carmel Amazon -
Mastering IBM i: The Complete Resource for Today's IBM i System by Jim Buck & Jerry Fottral Amazon -
Experts' Guide to OS/400 & i5/OS Security by Carol Woodbury & Patrick Botz Amazon -
The IBM AS400 A technical introduction PDF -

↑ IBM iSeries / ↑ Tutorials and Checklists

AS/400 Security Assessment Mindmap
iSeries Penetration Testing
Security Audit of IBM AS/400 and System i : Part 1
Security Audit of IBM AS/400 and System i : Part 2
Security Assessment of the IBM i (AS 400) System : Part 1
Seclists Mailing list thread on Pentesting AS/400
Resources from Shalom Carmel's talk at BH Europe - 2006

↑ IBM iSeries / ↑ Tools

hack400tool - security handling tools for IBM Power Systems (formerly known as AS/400) 97 almost 7 years ago
Hash generator for IBM System i hashes (DES, SHA-1)
AS/400 SHA-1 hash format plugin for John the Ripper

↑ IBM iSeries / ↑ iSeries Presentations and Talks

Hack the Legacy: IBM I aka AS400 Revealed by Bart Kulach
AS/400 for pentesters by Shalom Carmel
AS/400: Lifting the Veil of Obscurity

↑ IBM iSeries / ↑ Miscellaneous

AS400i.com
Hack The Legacy Website