Information Security
BackToMe Little framework made in python to create payloads for Linux, Windows, and OSX with the unique handler. INFOS This little framework is intended to help pentesters/red teamers in creating FUD payloads with unique...
Make metasploit android payload persistent Add AlarmManager Make service restart on destroy How-to just download release version, unpack android.zip under “data” folder of metasploit-framework’s root directory or compile Compile To compile JavaPayload for Metasploit...
What is Backdoor Factory? 1. What is Patching? “A patch is a piece of software designed to update a computer program or its supporting data, to fix or improve it.[1] This includes fixing security...
On this post, I want to introduce a small tip when you create an android payload with Metasploit. How to autohide Android payload icon after running Update Metasploit to latest version apt-get update apt-get...
Metasploit Plugins Plugins for Metasploit Framework. Currently, only the Pentest plugin is being maintained due to changes in Metasploit Framework that limit what gems can be loaded when the framework starts. Installation git clone https://github.com/darkoperator/Metasploit-Plugins.git...
netgear_dgn1000_setup_unauth_exec The module netgear_dgn1000_setup_unauth_exec exploits an unauthenticated OS command injection vulnerability in vulnerable Netgear DGN1000 with firmware versions up to 1.1.00.48 in addition to DGN2000v1 models, all firmware versions. The vulnerability occurs in within the syscmd fuction...
dde_delivery This module generates an DDE command to place within a word document, that when executed, will retrieve a HTA payload via HTTP from an web server. Currently have not figured out how to...
Stækka Metasploit – Extending Metasploit This MSF plugin extends Metasploit for some missing features and modules allowing interaction with other/custom exploits/ways of getting shell access. The current focus here is Linux/Unix support. Core features...
What is Apache Struts 2 REST Plugin XStream RCE (CVE-2017-9805)? Apache Struts released the latest security bulletin, Apache Struts 2.5.x REST plug-in there is a high-risk vulnerability in the implementation of the remote code,...
Meterpreter_Paranoid_Mode v1.4 – SSL/TLS connections Meterpreter_Paranoid_Mode.sh allows users to secure your staged/stageless connection for Meterpreter by having it check the certificate of the handler it is connecting to. We start by generating a certificate...
Suggested Reading