Arcane : A Simple Script Designed To Backdoor iOS Packages
Arcane is a simple script designed to backdoor iOS packages (iphone-arm) and create the necessary resources for APT repositories. It was created for this publication to help illustrate why Cydia repositories can be dangerous and what post-exploitation attacks are possible from a compromised iOS device. How Arcane Works? To understand what's happening in the GIF, decompress a package created with Arcane. dpkg-deb...
IRFuzz : Simple Scanner with Yara Rules
IRFuzz is a simple scanner with yara rules for document archives or any files. Install 1. Prerequisites Linux or OS X Yara: just use the latest release source code, compile and install it (or install it via pip install yara-python)Yara Rules - You may download yara rules from here or import your own custom ruleset.Python dependencies Dependencies are managed with pipenv. To get started...
Evine : Interactive CLI Web Crawler
Evine is a simple, fast, and interactive web crawler and web scraper written in Golang. Evine is useful for a wide range of purposes such as metadata and data extraction, data mining, reconnaissance and testing. Install From Binary Pre-build binary releases are also available. From source go get github.com/saeeddhqan/evine "$GOPATH/bin/evine" -h From GitHub git clone https://github.com/saeeddhqan/evine.git cd evine go build . mv evine /usr/local/bin evine...
SharpAppLocker : C# Port Of The Get-AppLockerPolicy PS Cmdlet
SharpAppLocker is a tool used for C# Port Of The Get-AppLockerPolicy PS Cmdlet. Usage Usage:-h, -?, --help Show Help-l, --local Queries local applocker config-d, --domain Queries domain applocker config (needs an ldappath)-e, --effective Queries the effective applocker config on thiscomputer-x, --xml output applocker in XML format (default is json)--ldap=VALUE the ldap filter to query the domain policy from For detailed information please...
Wireless Penetration Testing Approach: Kali Linux and Raspberry Pi for Security Analytics
As of 2020, we all are aware of the security breaches happening to the data within the organization. The organizations are using the LAN network or wifi networks, allowing the employees to access and perform their tasks and operations. To ensure that the organization’s sensitive data is secured, a secured wifi network is necessary. The term Wireless Penetration Testing...
SharpAppLocker : C# Port Of The Get-AppLockerPolicy PS Cmdlet
SharpAppLocker is a C# port of the Get-AppLockerPolicy PS cmdlet. The Get-AppLockerPolicy cmdlet retrieves the AppLocker policy from the local Group Policy Object (GPO), a specified GPO, or the GP-deployed effective policy on the computer. By default, the output is an AppLockerPolicy object. If the Xml parameter is used, then the output will be the AppLocker policy as an XML-formatted...
Chalumeau : Automated, Extendable & Customizable Credential Dumping Tool
Chalumeau is automated,extendable and customizable credential dumping tool based on powershell and python. Main Features Write your own PayloadsIn-Memory executionExtract Password ListDashboard reporting / Web InterfaceParsing MimikatzDumping Tickets Known Issues Parsing Mimikatz dcsync (working on fix)Bypassing Antivirus and EDRs , you will need to maintain your payloads To Do Encrypted CommunicationAutomated Lateral movementAutomated Password SprayingAutomated Hash Cracking Using git clone https://github.com/cyberstruggle/chalumeau.gitcd chalumeau/chmod +x install.shsudo ./install.sh#Runchmod +x start.shsudo...
gTunnel : A Robust Tunelling Solution Written In Golang
gTunnel is a TCP tunneling suite built with golang and gRPC. gTunnel can manage multiple forward and reverse tunnels that are all carried over a single TCP/HTTP2 connection. I wanted to learn a new language, so I picked go and gRPC. Client executable have been tested on windows and linux. Dependencies gTunnel has been tested with Docker version 19.03.6, but any...
TaoWu – A CobaltStrike Toolkit 2020
TaoWu is a CobaltStrike toolkit. All the scripts are gathered on the Internet and slightly modified by myself. You can use it under GPLv3. And all on your own risk. Any PR is appreciated. Or you can contact me on E-mail taowuopen@protonmail.com Let's make TaoWu better than ever together. Any contributions can grant you TaoWu's internal version access in the near...
XECA : PowerShell Payload Generator
XECA is a project that creates encrypted PowerShell payloads for offensive purposes. Creating position independent shellcode from DLL files is also possible. Install Firstly ensure that rust is installed, then build the project with the following command: cargo build How It Works? Identify and encrypt the payload. Load encrypted payload into a powershell script and save to a file named "launch.txt"The key to...
