Exploitation / Maintaining Access
by do son · Published September 1, 2022 · Last modified September 19, 2023
Reverse SSH Want to use SSH for reverse shells? Now you can. Manage and connect to reverse shells with native SSH syntax Dynamic, local, and remote forwarding Native SCP and SFTP implementations for retrieving...
Supernova Supernova is an open-source Golang tool that empowers users to securely encrypt their raw shellcodes. Additionally, it offers automatic conversion of the encrypted shellcode into formats compatible with various programming languages, including: C...
sh4d0wup Have you ever wondered if the update you downloaded is the same one everybody else gets or did you get a different one that was made just for you? Shadow updates are updates that...
Exploitation / Reverse Engineering
by do son · Published May 24, 2018 · Last modified September 4, 2023
Fibratus Fibratus is a tool for exploration and tracing of the Windows kernel. It lets you trap system-wide events such as process life-cycle, file system I/O, registry modifications or network requests among many other observability signals. In a...
Electron_shell An increasing number of desktop applications are opting for the Electron framework. Electron provides a method that can be debugged, usually by utilizing Chrome’s inspect function or calling inspect through Node.js. In this...
OSDP (Open Supervised Device Protocol) Vulnerabilities Attack #1: Encryption is Optional OSDP supports, but doesn’t strictly require, encryption. So your connection might not even be encrypted at all. Attack #1 is just to passively listen...
PCILeech Summary: PCILeech uses PCIe hardware devices to read and write from the target system memory. This is achieved by using DMA over PCIe. No drivers are needed for the target system. PCILeech supports...
Exploitation / Maintaining Access / Post Exploitation
by do son · Published August 4, 2022 · Last modified August 20, 2023
RedGuard – Excellent C2 Front Flow Control tool RedGuard is a derivative work of the C2 facility pre-flow control technology. It has a lighter design, efficient flow interaction, and reliable compatibility with go language...
SMShell PoC for an SMS-based shell. Send commands and receive responses over SMS from mobile broadband-capable computers. This tool came as an inspiration during research on eSIM security implications led by Markus Vervier, presented...
ropr ropr is a blazing fast multithreaded ROP Gadget finder What is an ROP Gadget? ROP (Return Oriented Programming) Gadgets are small snippets of a few assembly instructions typically ending in a ret instruction which...
