Mallory is a transparent TCP and UDP proxy. It can be used to get at those hard to intercept network streams, assess those tricky mobile web applications, or maybe just pull a prank on your friend. In more technical terms, Mallory is an extensible TCP/UDP man in the middle proxy that is designed to be […]
man-in-the-middle
FakeIKEd – Fake IKE Daemon Tool For MITM
FakeIKEd, or fiked for short, is a fake IKE daemon supporting just enough of the standards and Cisco extensions to attack commonly found insecure Cisco PSK+XAUTH VPN setups in what could be described as a semi MitM attack. Fiked can impersonate a VPN gateway’s IKE responder in order to capture XAUTH login credentials; it doesn’t […]
VideoJak – IP Video Security Assessment Tool
[ad] What is VideoJak? VideoJak is an IP Video security assessment tool that can simulate a proof of concept DoS against a targeted, user-selected video session and IP video phone. VideoJak is the first of its kind security tool that analyzes video codec standards such as H.264. VideoJak works by first capturing the RTP port […]
ISR-evilgrade – Inject Updates to Exploit Software
[ad] ISR-evilgrade is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates and exploiting the system or software. How does it work? It works with modules, each module implements the structure needed to emulate a false update of specific applications/systems. Evilgrade needs the manipulation of the victims […]
Biometric Keylogger Can Grab Fingerprints
Well this is quite scary as biometrics are touted as the ultimate in security and two factor authentication with biometrics is about as ‘heavy’ as most places get. The fact that the biometric data can be ‘sniffed’ reconstructed and re-used…is worrying to say the least. Do any of you have biometric measures in your workplace? […]