:: Deepquest ::

The chainbreaker can extract user credential in a Keychain file with Master Key or user password in forensically sound manner. Master Key candidates can be extracted from volafox or volatility keychaindump module.

Arpy is an easy-to-use ARP spoofing MiTM tool for Mac. It provides 3 targeted functions: Packet Sniffing Visited Domains Visited Domains with Gource

EggShell (formerly known as NeonEggShell) is an iOS and OS X surveillance tool written in python. This tool creates an command line session with extra functionality like downloading files, taking pictures, location tracking, and gathering data on a target. Communication between server and target is encrypted with a random 128 bit AES key. EggShell also […]

pwnd.sh is a post-exploitation framework (and an interactive shell) developed in Bash shell scripting. It aims to be cross-platform (Linux, Mac OS X, Solaris etc.) and with little to no external dependencies.

Apple Security Advisory 2013-10-15-1 – Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user

Apple iOS version 7.0.2 suffers from a SIM lock screen display bypass vulnerability.

Apple Motion version 5.0.7 suffers from an integer overflow overflow vulnerability.

Apple Security Advisory 2013-10-03-1 – OS X version 10.8.5 Supplemental Update is now available and addresses a logic issue in Directory Service’s verification of authentication credentials.

Apple Security Advisory 2013-09-26-1 – iOS 7.0.2 is now available and addresses passcode lock security issues.

Good for Enterprise iOS application versions 2.2.2.1611 and below suffer from a cross site scripting vulnerability.