Displaying 1 to 7 from 7 results

system-bus-radio - Transmits AM radio on computers without radio transmitting hardware.

  •    C

This program transmits radio on computers / phones without radio transmitting hardware. Some computers are intentionally disconnected from the rest of the world. This includes having their internet, wireless, bluetooth, USB, external file storage and audio capabilities removed. This is called "air gapping". Even in such a situation, this program can transmit radio.

Cloakify - CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings; Evade DLP/MLS Devices; Defeat Data Whitelisting Controls; Social Engineering of Analysts; Evade AV Detection

  •    Python

CloakifyFactory & the Cloakify Toolset - Data Exfiltration & Infiltration In Plain Sight; Evade DLP/MLS Devices; Social Engineering of Analysts; Defeat Data Whitelisting Controls; Evade AV Detection. Text-based steganography using lists. Convert any file type (e.g. executables, Office, Zip, images) into a list of everyday strings. Very simple tools, powerful concept, limited only by your imagination. For a quick start on CloakifyFactory, see the cleverly titled file "README_GETTING_STARTED.txt" in the project for a walkthrough.

GTFOBins

  •    HTML

GTFOBins is a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions. Browse the project here.




qrxfer - Transfer files from Air gapped machines using QR codes

  •    Python

QRXfer is one of those "I had to give it a try" ideas. The basic idea is that it is possible to play back QR code encoded data to a receiver that may be able to reconstruct the data and reproduce the file that was originally sent. Think about an airgapped machine being able to generate the QR codes, you recording it with your phone, and playing it back to the receiver later.

dnsfilexfer - File transfer via DNS

  •    Python

Just some code to xfer files via DNS lookups. Supports encrypting the on the wire traffic with a short passphrase and can be used to be parsed purely from the output found in a tcpdump using xxd and the -X flag in the sender. In case the installation fails because of pycrypto, you might need to install python-dev manually.

PacketWhisper - PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography

  •    Python

PacketWhisper - Stealthily Transfer Data & Defeat Attribution Using DNS Queries & Text-Based Steganography, without the need for attacker-controlled Name Servers or domains; Evade DLP/MLS Devices; Defeat Data- & DNS Name Server Whitelisting Controls. Convert any file type (e.g. executables, Office, Zip, images) into a list of Fully Qualified Domain Names (FQDNs), use DNS queries to transfer data. Simple yet extremely effective. Traditional DNS exfiltration relies on one of the following: DNS tunneling; Hiding data in DNS query fields; or Encoded / encrypted payloads that are broken up and used as subdomains in the DNS query. All of these methods require that the attacker control a domain and/or an associated DNS Name Server to receive the data, which leads to attribution. Those approaches are also vulnerable to DNS Name Server blacklisting (common) and whitelisting (increasingly common). Another problem is that DFIR analysts are familiar with these methods, and SIEM systems will often detect and alert on seeing them.





We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.