This repository is the reference implementation of The Update Framework (TUF). It is written in Python and intended to conform to version 1.0 of the TUF specification. This implementation is in use in production systems, but is also intended to be a readable guide and demonstration for those working on implementing TUF in their ownRead More
An automated web hacking framework for web applications Detailed insight about Vajra can be found at https://hackwithproxy.medium.com/introducing-vajra-an-advanced-web-hacking-framework-bd8307a01aa8 About Vajra Vajra is an automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing. Vajra has highly customizable target scope based scan feature. Instead of runningRead More
A framework for identifying and exploiting out-of-band (OOB) vulnerabilities. Installation & Setup Mole Install Python >= 3.6 virtualenv -p /usr/bin/python3 venv source venv/bin/activate ./venv/bin/pip3 install -r requirements.txt git submodule update –init –recursive Set an API key in config.yml (must be the same for the client and server) DNS Configuration You’ll need to configure the DNSRead More
Teatime is an RPC attack framework aimed at making it easy to spot misconfigurations in blockchain nodes. It detects a large variety of issues, ranging from information leaks to open accounts, and configuration manipulation. The goal is to enable tools scanning for vulnerable nodes and minimizing the risk of node-based attacks due to common vulnerabilities.Read More
[*] If you want to learn more about the techniques utlized in this framework please take a look at Part 1 and Part 2 Description ScareCrow is a payload creation framework for generating loaders for the use of side loading (not injection) into a legitimate Windows process (bypassing Application Whitelisting controls). Once the DLL loaderRead More
BlackMamba is a multi client C2/post exploitation framework with some spyware features. Powered by Python 3.8.6 and QT Framework. Some of BlackMamba features are: Multi Client – Supports multiple client connections at the same time. Real Time Communication Updates – Real time communication and updates between the client and server. Encrypted Communication – Almost allRead More
This framework is the end product of my experience in reverse engineering iOS kernelcache,I do manually look for vulnerabilities in the kernel and have automated most of the things I really wanted to see in Ghidra to speed up the process of reversing, and this proven to be effective and saves a lot of time.Read More
A tool to enumerate and spray valid Active Directory accounts through Kerberos Pre-Authentication. Background Although many Kerberos password spraying tools currently exist on the market, I found it difficult to find tools with the following built-in functionality: The ability to prevent users from locking out the domain The ability to integrate username enumeration with theRead More
Output from the kernel log after compiling and running example/open1_hook.c xnuspy is a pongoOS module which installs a new system call, xnuspy_ctl, allowing you to hook kernel functions from userspace. It supports iOS 13.x and 14.x on checkra1n 0.12.2 and up. 4K devices are not supported. Requires libusb: brew install libusb Building Run make inRead More
linux post-exploitation framework made by linux user Still under active development 中文介绍 check my blog for updates how to use what to expect (in future releases) packer: cryptor + memfd_create packer: use shm_open in older Linux kernels dropper: shellcode injector – python injector: inject shellcode into another process, using GDB port mapping: forward from CCRead More
