Search the Community

FruityWifi is a wireless network auditing tool based in the Wifi Pineapple idea. The application can be installed in any Debian based system. Tested in Debian, Kali Linux, BugTraq, Kali Linux ARM (Raspberry Pi), Raspbian (Raspberry Pi), Pwnpi (Raspberry Pi). With the new version, it is possible to install external modules. This functionality gives the user more flexibility and the FruityWifi can be customized. The modules can be added or removed anytime using the on-line repository. A new modules panel was added to the status page. All modules can be enabled/disabled from this panel. The new phishing option allows to enable/disable the feature from the status page. Responder.py module has been released and can be installed from the modules page. (HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server can be enabled to capture user, passwords and NTLM/LM hashes) Download: https://github.com/xtr4nge/FruityWifi

Modular Everything in the browser is a module, a web-app running in its own process. Construct your own browsing experience by selecting the right modules for you. Hackable Want vertical tabs? Write some JS & CSS! Customised autocomplete engine? JS! Every behavior is programmatic and exposed through APIs. Open source The entire technology stack is open source. Modify existing modules and you can create your own to extend the behavior of Breach. Getting Involved Homepage: Breach - A new modular Browser Mailing list: breach-dev@googlegroups.com IRC Channel: #breach on Freenode You can find a list of Modules available or under developement here: List of Modules Runing Breach on Linux See instructions here: Running Breach on Linux Link: https://github.com/breach/breach_core/ Source: TF

Kaspersky malware probers have uncovered a new 'operating system'-like platform that was developed and used by the National Security Agency (NSA) in its Equation spying arsenal. The EquationDrug or Equestre platform is used to deploy 116 modules to target computers that can siphon data and spy on victims. "It's important to note that EquationDrug is not just a trojan, but a full espionage platform, which includes a framework for conducting cyberespionage activities by deploying specific modules on the machines of selected victims," Kaspersky researchers say in a report. "Other threat actors known to use such sophisticated platforms include Regin and Epic Turla. "The architecture of the whole framework resembles a mini-operating system with kernel-mode and user-mode components carefully interacting with each other via a custom message-passing interface." The platform is part of the NSA's possibly ongoing campaign to infect hard disk firmware. It replaces the older EquationLaser and is itself superseded by the GrayFish platform. Kaspersky says the newly-identified wares are as "sophisticated as a space station" thanks to the sheer number of included espionage tools. Extra modules can be added through a custom encrypted file system containing dozens of executables that together baffle most security bods. Most of the unique identifiers and codenames tied to modules is encrypted and obfuscated. Some modules capabilities can be determined with unique identification numbers. Others are dependent on other plugins to function. Each plugin has a unique ID and version number that defines a set of functions it can provide. Some of the plugins depend on others and might not work unless dependencies are resolved. Kaspersky bods have found 30 of the 116 modules estimated to exist. "The plugins we discovered probably represent just a fraction of the attackers' potential," the researchers say. Executable timestamps reveal NSA developers likely work hardest on the platform on Tuesdays to Fridays, perhaps having late starts to Monday. Modules detected in the tool include code for: Network traffic interception for stealing or re-routing Reverse DNS resolution (DNS PTR records) Computer management Start/stop processes Load drivers and libraries Manage files and directories System information gathering OS version detection Computer name detection User name detection Locale detection Keyboard layout detection Timezone detection Process list Browsing network resources and enumerating and accessing shares WMI information gathering Collection of cached passwords Enumeration of processes and other system objects Monitoring LIVE user activity in web browsers Low-level NTFS filesystem access based on the popular Sleuthkit framework Monitoring removable storage drives Passive network backdoor (runs Equation shellcode from raw traffic) HDD and SSD firmware manipulation Keylogging and clipboard monitoring Browser history, cached passwords and form auto-fill data collection. Source