I'm sure you remember my older post about the malicious office document generator and the office exploitation toolkit. Just a refresher - Luckystrike is the open source script that helps you create malicious Microsoft Office documents using PowerShell and MicroSploit is an open source shell script that helps you create custom Microsoft Office platform based backdoors using the Metasploit framework. Now, there is a new and improved entrant in this market of red teaming tool - the Malicious Macro Read more about The Malicious Macro Generator!
Oh boy! This post is going to be interesting as it is about an interesting topic - mobile bootloaders. Specifically, this post is about BootStomp, which helps you find vulnerabilities in the bootloader. All of us know; as the name suggests, that bootloader is a program loads the operating system. It does so by accessing the non-volatile memory to load the operating system into the RAM. You also might be aware that bootloaders come in two flavours - digitally locked and unlocked.A locked Read more about BootStomp: Find Mobile Device Bootloader Vulnerabilities
I was working with a customers Red Hat JBoss server today and wanted to test for affected deserialization vulnerabilities. Though my favourite go-to tool - the Burp Suite has many extensions, I wanted to try something that I had not before. That's when I stumbled across JexBoss, which turned out to be a pretty decent open source tool. I think JexBoss is a play on Java EXploitation like a Boss wording. Read more about JexBoss: Java Deserialization Verification & EXploitation Tool!
If you remember, I had posted about this Red Teaming Hardware Implant in an earlier post. It now happens that it was updated and we now have WarBerryPi Version 5! As you remember, it is a Raspberry Pi based hardware implant allowing you to be stealthy during red teaming scenarios, exfiltrating information with speed. Read more about UPDATE: WarBerryPi Version 5!
Sometime early last month, I made a post about OSRFramework which was version 0.16.8. A new version of this open sources research framework was released at the recently concluded BlackHat 2017 conference. To be precise, it was released on Wednesday, July 26 in the OSINT Arsenal category and was versioned as OSRFramework 0.17.0. Read more about UPDATE: OSRFramework 0.17.0 BlackHat Arsenal Version!
All of us know that post-exploitation we need some mechanism to maintain access on the target. One of the most common methods is by installing a trojan. I have tried to maintain a list of similar tools on the malware sources page on this blog. Now, there is a new entrant which ups the game real time - Koadic. It also happens to be open source and as much difficult to detect by using common methods. Read more about Koadic: An Advanced Windows JScript/VBScript RAT!
This is a short post about nps_payload, an open source, python script that helps you create basic payloads that help you avoid or bypass intrusion detection systems. This is a mix of @ben0xa's Not PowerShell (nps) frameworks and some features of @HackingDave’s unicorn tool. As you know, Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory and the Not PowerShell toolkit allows you to encrypt and drop binaries.As with most offensive tools Read more about nps_payload: Basic Intrusion Detection Avoidance Payload Generator!