January 27, 2017 · tools
This project has been developed to exploit CSRF Web vulnerabilities and provide you a quick and easy exploitation toolkit. In few words, this is a simple HTTP Server in NodeJS that will communicate with the clients (victims) and send them payload that will be executed using JavaScript. This has been developed entirely in NodeJS, and configuration files are in JSON format. *However, there's a tool in Python in utils folder that you can use to automate CSRF exploitation. * This project allows you to perform PoC (Proof Of Concepts) really easily. Let's see how to get/use it.   Read the rest of the entry...
January 26, 2017 · Apple, OSX security tools, tools
The chainbreaker can extract user credential in a Keychain file with Master Key or user password in forensically sound manner. Master Key candidates can be extracted from volafox or volatility keychaindump module.   Read the rest of the entry...
January 26, 2017 · OSX security tools, tools
Arpy is an easy-to-use ARP spoofing MiTM tool for Mac. It provides 3 targeted functions: Packet Sniffing Visited Domains Visited Domains with Gource   Read the rest of the entry...
January 26, 2017 · tools
evilarc lets you create a zip file that contains files with directory traversal characters in their embedded path.   Read the rest of the entry...
January 26, 2017 · tools
Osint tool to get results from Google, Bing, Yahoo,British Telecom,Pages Blanches,Paginas Blancas,SpravKaru,Das Telefon Bush,Yellow Pages,lullar, about peoples.   Read the rest of the entry...
January 26, 2017 · OSX security tools, tools
EggShell (formerly known as NeonEggShell) is an iOS and OS X surveillance tool written in python. This tool creates an command line session with extra functionality like downloading files, taking pictures, location tracking, and gathering data on a target. Communication between server and target is encrypted with a random 128 bit AES key. EggShell also has the functionality to switch between and handle multiple targets. This is a proof of concept project, intended for use on machines you own.   Read the rest of the entry...
January 26, 2017 · OSX security tools, tools
pwnd.sh is a post-exploitation framework (and an interactive shell) developed in Bash shell scripting. It aims to be cross-platform (Linux, Mac OS X, Solaris etc.) and with little to no external dependencies.   Read the rest of the entry...
January 26, 2017 · Android, software, tools
Android App to crack WiFi Passwords without requiring device rooting.   Read the rest of the entry...
December 26, 2013 · Privacy, tools
Is it possible to generate an Ed25519 keypair that has a very similar public key as another keypair (fooling a casual visual comparison) or is this   Read the rest of the entry...
November 12, 2013 · exploit, m$, Security, software, tools
Read More: [local] - VideoSpirit Lite 1.77 - (SEH) Buffer Overflow   Read the rest of the entry...