The chainbreaker can extract user credential in a Keychain file with Master Key or user password in forensically sound manner. Master Key candidates can be extracted from volafox or volatility keychaindump module.
>> CATEGORY: OSX security tools
Arpy is an easy-to-use ARP spoofing MiTM tool for Mac. It provides 3 targeted functions: Packet Sniffing Visited Domains Visited Domains with Gource
EggShell (formerly known as NeonEggShell) is an iOS and OS X surveillance tool written in python. This tool creates an command line session with extra functionality like downloading files, taking…
pwnd.sh is a post-exploitation framework (and an interactive shell) developed in Bash shell scripting. It aims to be cross-platform (Linux, Mac OS X, Solaris etc.) and with little to no…
Apple Security Advisory 2013-10-15-1 – Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user
Apple iOS version 7.0.2 suffers from a SIM lock screen display bypass vulnerability.
Apple Motion version 5.0.7 suffers from an integer overflow overflow vulnerability.
Apple Security Advisory 2013-10-03-1 – OS X version 10.8.5 Supplemental Update is now available and addresses a logic issue in Directory Service’s verification of authentication credentials.
Apple Security Advisory 2013-09-26-1 – iOS 7.0.2 is now available and addresses passcode lock security issues.
Good for Enterprise iOS application versions 2.2.2.1611 and below suffer from a cross site scripting vulnerability.