January 26, 2017 · Apple, OSX security tools, tools
The chainbreaker can extract user credential in a Keychain file with Master Key or user password in forensically sound manner. Master Key candidates can be extracted from volafox or volatility keychaindump module.   Read the rest of the entry...
January 26, 2017 · OSX security tools, tools
Arpy is an easy-to-use ARP spoofing MiTM tool for Mac. It provides 3 targeted functions: Packet Sniffing Visited Domains Visited Domains with Gource   Read the rest of the entry...
January 26, 2017 · OSX security tools, tools
EggShell (formerly known as NeonEggShell) is an iOS and OS X surveillance tool written in python. This tool creates an command line session with extra functionality like downloading files, taking pictures, location tracking, and gathering data on a target. Communication between server and target is encrypted with a random 128 bit AES key. EggShell also has the functionality to switch between and handle multiple targets. This is a proof of concept project, intended for use on machines you own.   Read the rest of the entry...
January 26, 2017 · OSX security tools, tools
pwnd.sh is a post-exploitation framework (and an interactive shell) developed in Bash shell scripting. It aims to be cross-platform (Linux, Mac OS X, Solaris etc.) and with little to no external dependencies.   Read the rest of the entry...
Apple Security Advisory 2013-10-15-1 - Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user Read the original post: Apple Security Advisory 2013-10-15-1   Read the rest of the entry...
Apple iOS version 7.0.2 suffers from a SIM lock screen display bypass vulnerability. Go here to see the original: Apple iOS 7.0.2 SIM Lock Screen Display Bypass   Read the rest of the entry...
Apple Motion version 5.0.7 suffers from an integer overflow overflow vulnerability. Read more from the original source: Apple Motion 5.0.7 Integer Overflow   Read the rest of the entry...
Apple Security Advisory 2013-10-03-1 - OS X version 10.8.5 Supplemental Update is now available and addresses a logic issue in Directory Service's verification of authentication credentials. Read this article: Apple Security Advisory 2013-10-03-1   Read the rest of the entry...
Apple Security Advisory 2013-09-26-1 - iOS 7.0.2 is now available and addresses passcode lock security issues. Read more here: Apple Security Advisory 2013-09-26-1   Read the rest of the entry...
Good for Enterprise iOS application versions 2.2.2.1611 and below suffer from a cross site scripting vulnerability. See the original post here: Good For Enterprise 2.2.2.1611 Cross Site Scripting   Read the rest of the entry...