Zifsoft releases Salsa Invader Helios

App genealogy: Salsa/Outlook/Invader/Helios
Project Name: Helios
App Name: Invader Helios
Version: Invader version 5.5
Program: Aggressor
Release Icon:

 Audience:
  •  Wordpress admins with Ithemes Security or Wordfence against bruteforce attack.
Objective:
  • Invader Helios is the solution after your Itheme Security or Wordfence report.
  • You receive a report in your inbox. What do you do with it? Helios helps you unveil the attacker, send a detail report to the attackers ISPs.
How does it work?
  • Assuming you have set up your iThemes Security and Wordfence to send a report to you whenever someone tries a bruteforce attack on your site.
  • Open the report. When you are done reading it, click the Aggressor Addin bar, “handlehacker”.
  • Helios looks up the IP (currently lookip.net) and creates an IP package:

    Your user tried to hacked into our site.

    ——————–

    119.104.143.210 . The details provided on this page can be used to contact the owner in case of a security issue like spam, phishing or hacking.

    Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

    Information related to ‘119.104.0.0 – 119.107.255.255’

    Abuse contact for ‘119.104.0.0 – 119.107.255.255’ is ‘hostmaster@nic.ad.jp’

    inetnum: 119.104.0.0 – 119.107.255.255

    netname: KDDI

    descr: KDDI CORPORATION

    descr: Garden Air Tower,3-10-10,Iidabashi,Chiyoda-ku,Tokyo,102-8460,Japan

    country: JP

    admin-c: JNIC1-AP

    tech-c: JNIC1-AP

    status: ALLOCATED PORTABLE

    remarks: Email address for spam or abuse complaints : abuse@dion.ne.jp

    changed: hm-changed@apnic.net 20080201

    changed: ip-apnic@nic.ad.jp 20090624

    changed: hm-changed@apnic.net 20151202

    mnt-by: MAINT-JPNIC

    mnt-irt: IRT-JPNIC-JP

    mnt-lower: MAINT-JPNIC

    source: APNIC

     

    irt: IRT-JPNIC-JP

    address: Urbannet-Kanda Bldg 4F, 3-6-2 Uchi-Kanda

    address: Chiyoda-ku, Tokyo 101-0047, Japan

    e-mail: hostmaster@nic.ad.jp

    abuse-mailbox: hostmaster@nic.ad.jp

    admin-c: JNIC1-AP

    tech-c: JNIC1-AP

    auth: # Filtered

    mnt-by: MAINT-JPNIC

    changed: abuse@apnic.net 20101108

    changed: hm-changed@apnic.net 20101111

    changed: ip-apnic@nic.ad.jp 20140702

    source: APNIC

     

    role: Japan Network Information Center

    address: Urbannet-Kanda Bldg 4F

    address: 3-6-2 Uchi-Kanda

    address: Chiyoda-ku, Tokyo 101-0047,Japan

    country: JP

    phone: +81-3-5297-2311

    fax-no: +81-3-5297-2312

    e-mail: hostmaster@nic.ad.jp

    admin-c: JI13-AP

    tech-c: JE53-AP

    nic-hdl: JNIC1-AP

    mnt-by: MAINT-JPNIC

    changed: hm-changed@apnic.net 20041222

    changed: hm-changed@apnic.net 20050324

    changed: ip-apnic@nic.ad.jp 20051027

    changed: ip-apnic@nic.ad.jp 20120828

    source: APNIC

     

    Information related to ‘119.104.143.0 – 119.104.143.255’

     

    inetnum: 119.104.143.0 – 119.104.143.255

    netname: KDDI-NET

    descr: KDDI CORPORATION

    country: JP

    admin-c: JP00000127

    tech-c: JP00000181

    remarks: This information has been partially mirrored by APNIC from

    remarks: JPNIC. To obtain more specific information, please use the

    remarks: JPNIC WHOIS Gateway at

    remarks: http://www.nic.ad.jp/en/db/whois/en-gateway.html or

    remarks: whois.nic.ad.jp for WHOIS client. (The WHOIS client

    remarks: defaults to Japanese output, use the /e switch for English

    remarks: output)

    changed: apnic-ftp@nic.ad.jp 20140905

    source: JPNIC

     

    This query was served by the APNIC Whois Service version 1.88.15-37 (WHOIS-UK4)

     

     

    IP address tools

     

    IP Lookup

    ——————–

    This email was sent from your website “BricksNCubes” by the Wordfence plugin at Saturday 26th of August 2017 at 03:46:50 AM

    The Wordfence administrative URL for this site is: http://www.bricksncubes.sg/wp-admin/admin.php?page=Wordfence

    A user with IP address 119.104.143.210 has been locked out from signing in

  • It will then merges the IP package with the original security with the ISP address. You just have to click send and let the ISP deal with the hacker.
Download: For current subscribers: \\Salsa\Program\Devt\codes\Invader\20170826_Helios
Release history:
  • 20130105 ver 1.0 Salsa Outlook Contact Manager
    Cleans up contact db
    Deletes duplicate
  • 20140101 ver 2.0 Salsa Outlook Contact Manager
    Works with Salsa email blasting (Salsa BT)
    Includes unsubscribe
    Exports and deletes invalid emails
  • 20160101 ver3.0 Renamed to Salsa Invader
    Incorporates Salsa Selenium search features
    Search directly in sales db
  • 20160501 ver4.0 Salsa Invader Aggressor
    Exposes spammers and traces their IP
  • 20160701 ver4.1 Salsa Invader Body
    Searches bait URL in the email body
    Prototype analytical module to analyze headers
  • 20160805 ver4.2 Salsa Invader Clone
    Searches contact for same spammer using aliases
  • 20161225 ver4.3 Salsa Invader DimSum
    Addition of Dim Sum features from Salsa Lafei project
  • 20170311 ver 4.5 Salsa Invader Egg Head
    The first 2 subprojects of adding pattern recognition algorithm to identifying and categorizing spam.
  • 20170415 ver 4.6 Salsa Invader FU
    Addition of a template database,
  • 20170624 ver 5.25 Salsa Invader Gnani
    IP mapper to isolate major spammers.
  • 20170826 ver 5.5 Salsa Invader Helios.
    Sends ISP report base on IP. The next step to receiving report of a bruteforce attack from iTheme Security and Wordfence.

 

Fields marked with an * are required

Leave a Reply

Your email address will not be published. Required fields are marked *