Kali
Java-Remote-Class-Loader is a tool that allows you to send Java bytecode in the form of class files to your clients (or potential targets) to load and execute using Java ClassLoader together with Reflect API. The client receives the class file from the server and return the respective execution output. Payloads must be written in Java …
Continue reading “Java-Remote-Class-Loader : Tool To Send Java Bytecode Victims To Load & Execute”
Rafel is Remote Access Tool Used to Control Victims Using WebPanel With More Advance Features. Main Features Admin Permission Add App To White List Looks Like Browser Runs In Background Even App is Closed(May not work on some Devices) Accessibility Feature Support Android v5 – v10 No Port Forwarding Needed Acquire Wakelock Fully Undetectable Prerequisites …
RMIScout performs wordlist and bruteforce attacks against exposed Java RMI interfaces to safely guess method signatures without invocation. On misconfigured servers, any known RMI signature using non-primitive types (e.g., java.lang.String), can be exploited by replacing the object with a serialized payload. This is a fairly common misconfiguration (e.g., VMWare vSphere Data Protection + vRealize Operations …
Continue reading “RMIScout : Bruteforce Attacks Against Exposed Java RMI Interfaces”
Threadtear is a multifunctional deobfuscation tool for java. Android application support is coming soon (Currently working on a dalvik to java converter). Suitable for easier code analysis without worrying too much about obfuscation. Even the most expensive obfuscators like ZKM or Stringer are included. For easier debugging there are also other tools included. Insert debug …
Continue reading “Threadtear : Multifunctional Java Seobfuscation Tool Suite”
RMS (Runtime Mobile Security) is a powerful web interface that helps you to manipulate Android Java Classes and Methods at Runtime. You can easily dump all the loaded classes and relative methods, hook everything on the fly, trace methods args and return value, load custom scripts and many other useful stuff. General Info Runtime Mobile …
GodOfWar is a command-line tool to generate war payloads for penetration testing / red teaming purposes, written in ruby. Features Preexisting payloads. (try -l/–list) cmd_get filebrowser bind_shell reverse_shell reverse_shell_ui Configurable backdoor. (try –host/-port) Control over payload name. To avoid malicious name after deployment to bypass URL name signatures. Also Read – MySQL Magic: Dump MySQL …
Continue reading “GodOfWar : Malicious Java WAR Builder With Built-In Payloads”
Recaf is an easy to use modern Java bytecode editor based on Objectweb’s ASM. No more hassling with the constant pool or stack-frames required. Also Read : IP Obfuscator – Simple Tool to Social Engineer and Bypass Firewall Requirements You can run Recaf with Java 8 or higher (Its recommended that you use the lastest …
Recaf is an easy to use modern Java bytecode editor based on Objectweb’s ASM. No more hassling with the constant pool or stack-frames required. Check out the docs for more information. Recaf Requirements You can run Recaf with Java 8 or higher (Its reccomended that you use the lastest jdk8 release from jdk.java.net). Using Java …
Dex2jar is a tool to work with android .dex and java .class files. dex-reader/writer: Read/write the Dalvik Executable (.dex) file. It has a light weight API similar with ASM. d2j-dex2jar: Convert .dex file to .class files (zipped as jar) smali/baksmali: disassemble dex to smali files and assemble dex from smali files. different implementation to smali/baksmali, …
Continue reading “Dex2jar – Tools To Work With Android .dex & Java .class Files”
HackBar is a java based Burpsuite Plugin. It is tested and working perfectly on Burpsuite 1.7.36, Windows 10 and xubuntu 18.04. In order to use Hackar basic requirements is Burpsuite and Java. How to Install HackBar Download Jar ‘https://github.com/d3vilbug/HackBar/releases/tag/1.0’ and add in burpsuite Upcoming Features/Modules Ctrl + H (shortcut) WAF bypass (SQLi) Decoder/Encoder Simulate Attack …
Continue reading “HackBar : HackBar plugin for Burpsuite v1.0”
