Found 31 bookmarks
Newest
arch3rPro/Pentest-Docker: 基于CasaOS容器云构建的渗透测试平台 - A Home Cloud Container Platform Built For Learning Penetration And Network Security
arch3rPro/Pentest-Docker: 基于CasaOS容器云构建的渗透测试平台 - A Home Cloud Container Platform Built For Learning Penetration And Network Security
基于CasaOS容器云构建的渗透测试平台 - A Home Cloud Container Platform Built For Learning Penetration And Network Security - arch3rPro/Pentest-Docker
·github.com·
arch3rPro/Pentest-Docker: 基于CasaOS容器云构建的渗透测试平台 - A Home Cloud Container Platform Built For Learning Penetration And Network Security
whid-injector/whid-31337: WHID Elite is a GSM-enabled Open-Source Multi-Purpose Offensive Device that allows a threat actor to remotely inject keystrokes, bypass air-gapped systems, conduct mousejacking attacks, do acoustic surveillance, RF replay attacks and much more. In practice, is THE Wet Dream of any Security Consultant out there!
whid-injector/whid-31337: WHID Elite is a GSM-enabled Open-Source Multi-Purpose Offensive Device that allows a threat actor to remotely inject keystrokes, bypass air-gapped systems, conduct mousejacking attacks, do acoustic surveillance, RF replay attacks and much more. In practice, is THE Wet Dream of any Security Consultant out there!
WHID Elite is a GSM-enabled Open-Source Multi-Purpose Offensive Device that allows a threat actor to remotely inject keystrokes, bypass air-gapped systems, conduct mousejacking attacks, do acoustic...
·github.com·
whid-injector/whid-31337: WHID Elite is a GSM-enabled Open-Source Multi-Purpose Offensive Device that allows a threat actor to remotely inject keystrokes, bypass air-gapped systems, conduct mousejacking attacks, do acoustic surveillance, RF replay attacks and much more. In practice, is THE Wet Dream of any Security Consultant out there!
Bluetooth Vulnerabilities in Android, MacOS, iOS, Linux let attackers inject data - Thyrasec
Bluetooth Vulnerabilities in Android, MacOS, iOS, Linux let attackers inject data - Thyrasec
Researchers have found new Bluetooth vulnerabilities in Bluetooth HID allowing attackers to inject keystrokes
Android – Vulnerable if Bluetooth is enabled. Allows injecting keystrokes
Reports are periodic messages with a specific format that are transmitted by an HID device and processed by the host.
Input HID reports include input data like keyboard keypress and mice movements / button clicks
. Bluetooth Logical Link Control and Adaptation Protocol (L2CAP
and it’s the entry point to send data to the system.
L2CAP Channel 0x0013 (19) – HID Interrupt which allows sending input and output reports with low latency
The key here is that if we are able to send packets with the right format to the HID control and interrupt channels, that means we are acting as if we’re a keyboard or mouse.
the keyboard can start the connection and pairing process. That’s normally not an issue but it seems that in many cases the authentication process can be bypassed altogether.
Now, the key in getting this to work is that the keyboard can specify certain settings that allow it to not require authentication. These are certain fields in the connection packets .
That is, only peripherals that were previously paired can reconnect this way. The way this is done is by identifying devices by their Bluetooth address
·thyrasec.com·
Bluetooth Vulnerabilities in Android, MacOS, iOS, Linux let attackers inject data - Thyrasec
unveroleone/HackStarter-Kit: The HackStarter Kit is a collection of tools, guides, and insights to help beginners explore cybersecurity. It covers WiFi deauthentication, BLE manipulation, RF analysis, and more, while helping avoid common mistakes.
unveroleone/HackStarter-Kit: The HackStarter Kit is a collection of tools, guides, and insights to help beginners explore cybersecurity. It covers WiFi deauthentication, BLE manipulation, RF analysis, and more, while helping avoid common mistakes.
The HackStarter Kit is a collection of tools, guides, and insights to help beginners explore cybersecurity. It covers WiFi deauthentication, BLE manipulation, RF analysis, and more, while helping a...
·github.com·
unveroleone/HackStarter-Kit: The HackStarter Kit is a collection of tools, guides, and insights to help beginners explore cybersecurity. It covers WiFi deauthentication, BLE manipulation, RF analysis, and more, while helping avoid common mistakes.
Bluetooth Low Energy HackMe: the best way to learn BLE security basics while having fun!
Bluetooth Low Energy HackMe: the best way to learn BLE security basics while having fun!
Bluetooth Low Energy HackMe is is a free, open source tool: hands-on practical introduction to BLE security - without the need of any special hardware. Application simulates various BLE devices using your laptop's built-in Bluetooth adapter. You can actively learn by solving practical hacking challenges using nothing more than just a phone.
·smartlockpicking.com·
Bluetooth Low Energy HackMe: the best way to learn BLE security basics while having fun!
johnlodan/blind-rce: A Python-based program for Time-based/Blind Remote Code Execution (RCE). The main objective of this program is to extract the data that is not visible and/or not returned in the response of vulnerable target. It uses time-based techniques by sending a payload to the target with a command specified and then waiting for its response.
johnlodan/blind-rce: A Python-based program for Time-based/Blind Remote Code Execution (RCE). The main objective of this program is to extract the data that is not visible and/or not returned in the response of vulnerable target. It uses time-based techniques by sending a payload to the target with a command specified and then waiting for its response.
A Python-based program for Time-based/Blind Remote Code Execution (RCE). The main objective of this program is to extract the data that is not visible and/or not returned in the response of vulnera...
·github.com·
johnlodan/blind-rce: A Python-based program for Time-based/Blind Remote Code Execution (RCE). The main objective of this program is to extract the data that is not visible and/or not returned in the response of vulnerable target. It uses time-based techniques by sending a payload to the target with a command specified and then waiting for its response.
89luca89/distrobox: Use any linux distribution inside your terminal. Enable both backward and forward compatibility with software and freedom to use whatever distribution you’re more comfortable with. Mirror available at: https://gitlab.com/89luca89/distrobox
89luca89/distrobox: Use any linux distribution inside your terminal. Enable both backward and forward compatibility with software and freedom to use whatever distribution you’re more comfortable with. Mirror available at: https://gitlab.com/89luca89/distrobox
Use any linux distribution inside your terminal. Enable both backward and forward compatibility with software and freedom to use whatever distribution you’re more comfortable with. Mirror available...
·github.com·
89luca89/distrobox: Use any linux distribution inside your terminal. Enable both backward and forward compatibility with software and freedom to use whatever distribution you’re more comfortable with. Mirror available at: https://gitlab.com/89luca89/distrobox
Metasploit Unleashed | Exploit Development | OffSec
Metasploit Unleashed | Exploit Development | OffSec
Next, we are going to cover one of the most well-known and popular aspects of the Metasploit Framework, _**exploit development**_. In this section, we...
·offsec.com·
Metasploit Unleashed | Exploit Development | OffSec
[PATCH] Payload Library for Web UI & SSH - SharkJack Firmware 1.1.0+
[PATCH] Payload Library for Web UI & SSH - SharkJack Firmware 1.1.0+
Payload Library for Web UI/SSH(Unofficial Patch) This (unofficial) Patch provides the Official SharkJack Web UI with a additional Tab on the Web UI (http://172.16.24.1/) to maintain your payloads on the Device itself rather than relying on a PC to switch to your prior used payloads. I personally ...
·forums.hak5.org·
[PATCH] Payload Library for Web UI & SSH - SharkJack Firmware 1.1.0+