NSA firewall exploits for Fortinet, Cisco etc are here along with some of the implants:
https://mega.nz/#!zEAU1AQL!oWJ63n-D6...7MEsa1iLH5UjKU
Nice and safe python files which are really well commented too. Some need you to already have a telnet username/pass, which is easy if you can monitor world communications but less useful for everyone else unless you sniff a local network. Others might be more useful such as the one below.
The files are pgp encrypted with AES256 so to decrypt on linux you do: $ gpg --decrypt --output eqgrp-free-file.tar.xz eqgrp-free-file.tar.xz.gpg
For windows, probably a nice GUI to do the same thing somewhere.
Password = theequationgroup
The Shadowserver Foundation has conducted a scan of the Internet for CISCO devices running IOS software affected by the CVE-2016-6415 vulnerability.
Recently experts from CISCO discovered a vulnerability, tracked as CVE-2016-6415, in IOS system,while investigating the Equation Group‘s exploits leaked by the Shadow Broker hacker group. In particular, experts from CISCO were evaluating the impact of the BENIGNCERTAIN exploit. The experts also discovered another zero-day exploit dubbed EXTRABACON that could be used to hack CISCO ASA software.
The CVE-2016-6415 resides in the IKEv1 packet processing code. A remote, unauthenticated attacker could exploit it retrieve memory contents.
“The vulnerability is due to insufficient condition checks in the part of the code that handles IKEv1 security negotiation requests. An attacker could exploit this vulnerability by sending a crafted IKEv1 packet to an affected device configured to accept IKEv1 security negotiation requests,” reads the security advisory published by Cisco.
The flaw affects Cisco IOS XR versions 4.3.x, 5.0.x, 5.1.x and 5.2.x – versions 5.3.0 and later are not impacted. All IOS XE releases and various versions of IOS are affected.
http://securityaffairs.co/wordpress/51505/security/cve-2016-6415-impact.html