Exploitation / Reverse Engineering
by do son · Published February 24, 2018 · Last modified October 10, 2021
Shellcode Factory tool A tool to print and test shellcodes from assembly code. It supports both Gas and Intel syntax (.s and .asm extensions respectively), as well as x86 and x64 architectures. Download...
Cloak Cloak is an intelligent python backdoor framework. What it exactly does? Cloak generates a python payload via msfvenom and then intelligently injects it into the python script you specify. To evade basic...
Exploitation / Network PenTest / Sniffing & Spoofing
by do son · Published February 10, 2018 · Last modified May 1, 2024
This repository contains some bettercap transparent proxy example modules. HTTP(S) Proxy Modules http/beefbox.rb – Similar to injectjs but specialized to work with the BeEF framework. http/debug.rb – Debug HTTP requests and responses. http/curl_log.rb – A simple...
Exploitation / Network PenTest
by do son · Published February 8, 2018 · Last modified October 25, 2022
Instructions for ReelPhish: This tool has been released along with a FireEye blog post. The blog post can be found at this link. Installation Steps The latest release of Python...
Exploitation / Network PenTest / Vulnerability
by do son · Published February 6, 2018 · Last modified October 10, 2021
Last year, hacker group Shadow Brokers unveiled NSA’s internal hacking tools and exploit code, including the three major tools EternalSynergy / EternalRomance / EternalChampion. A security researcher Sean Dillon (RiskSense) recently...
SYNOPSIS Generate-Macro is a standalone PowerShell script that will generate a malicious Microsoft Office document with a specified payload and persistence method. [!] This script will temporarily disable 2 macro...
Invoke-CradleCrafter v1.1 Invoke-CradleCrafter is a PowerShell v2.0+ compatible PowerShell remote download cradle generator and obfuscator. Background In the Fall of 2016 after releasing Invoke-Obfuscation, I continued updating my spreadsheet...
Demiguise – HTA encryption tool What does it do? The aim of this project is to generate .html files that contain an encrypted HTA file. The idea is that when your target visits...
MTPwn Author: Salvatore Mesoraca (https://smeso.it) IDs: SVE-2017-10086 Severity: High Affected versions: KK(4.4.x), L(5.x), M(6.x), N(7.x) Date of discovery: 25/08/2017 Date of upstream report: 28/08/2017 Date of fix: 27/10/2017 Date of...
CVE-2017-6736 / cisco-sa-20170629-snmp Cisco IOS remote code execution This repository contains Proof-Of-Concept code for exploiting remote code execution vulnerability in SNMP service disclosed by Cisco Systems on June 29th, 2017...
Ares is a Python Remote Access Tool. Warning: Only use this software according to your current legislation. Misuse of this software can raise legal and ethical issues which I don’t...
Exploitation / Network PenTest
by do son · Published December 30, 2017 · Last modified November 4, 2024
SideStep is yet another tool to bypass anti-virus software. The tool generates Metasploit payloads encrypted using the CryptoPP library (license included) and uses several other techniques to evade AV. Additional...
Exploitation / Network PenTest
by do son · Published December 25, 2017 · Last modified November 4, 2024
Recently, the security researchers found a critical vulnerability on Linksys Wireless Bridge WVBR0-25 that allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0 WVBR0. Authentication is not required...
Exploitation / Metasploit / Network PenTest
by do son · Published December 20, 2017 · Last modified November 4, 2024
This change includes a few changes needed to get a working iOS meterpreter stageless payload. Currently, you’ll need to run it on a jailbroken arm64 iPhone (e.g 5S+). Unless I’ve...
Invoke-PSImage Embeds a PowerShell script in the pixels of a PNG file and generates a oneliner to execute Invoke-PSImage takes a PowerShell script and embeds the bytes of the script...
Support Securityonline.info site. Thanks!
