Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

Objective-C

Zig

Elixir

HTML

Ruby

Swift

Jupyter Notebook

PHP

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

Racket

Zig

Elixir

C

Rust

Go

R

PHP

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇸🇧 Solomon Islands

🇦🇼 Aruba

🇹🇼 Taiwan

🇦🇲 Armenia

🇧🇲 Bermuda

🇧🇷 Brazil

🇭🇷 Croatia

🇰🇼 Kuwait

All Countries Compare Countries

iSECPartners/jailbreak-Windows

Stars
125
Rank 285,304 (Top 6 %)
Language
Created over 10 years ago
Updated almost 10 years ago

iSECPartners/jailbreak-Windows

iSECPartners

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Certificate extraction tool for Windows

Jailbreak (Windows)

For a newer and open-source version of these tools please see https://github.com/iSECPartners/jailbreak

Written by: andreas [at] isecpartners.com and cclark [at] isecpartners.com

Jailbreak exports certificates marked as non-exportable from the Windows certificate store. This can help when you need to extract certificates for backup or testing. You must have permissions to use the private key on the filesystem in order for jailbreak to work -- Jailbreak cannot keys stored on smartcards.

Tested On:

WinXP SP2 x86
Win2k3 SP1 x86
Vista RTM & SP1 x86
Vista RTM x64 (jbstore only!)
Windows 7 x86
Windows 7 x64 (jbstore only!)

Note: Win2k does not work.

Instructions

Extract the files from the Jailbreak zip.
Run jailbreak.exe while running as administrator
A mmc with the Local Machine and Current-User Certificate snap-ins will load
All certificates are now marked as exportable
Use the certificate UI to export certificates and their private keys.

Note: If you get an unhandled exception, email andreas. It is probably a bug in Jailbreak.

Other Included Tools

jbcsp

jbcsp exports keys that are contained within the CSP and not associated with a certificate. jbscp requires .NET Framework 2.0.

Run: jbscp "Key container" "output file name" [-u]

-u is an optional parameter and will export from the user store instead of the machine store.

jbstore

JBStore exports all of the certificates in the "MY" user store. This has the advantage that it does not require user interaction with MMC. Use jbstore on x64 platforms.

JBStore can be set to export from either the CURRENT_USER\MY store or the LOCAL_MACHINE\MY store. The default is CURRENT_USER\MY.

To export from the LOCAL_MACHINE\MY store: jbstore /computer <outfile> <password>

To export from the CURRENT_USER\MY store: jbstore /user <outfile> <password>

or

jbstore <outfile> <password>

Acknowledgements

Thank you to those who have performed testing or provided feedback. Especially Andreas Klein for the jbcsp suggestions and Tom Aafloen for testing it on Vista x64.

(c) 2007-2010 iSEC Partners (www.isecpartners.com)

ios-ssl-kill-switch

Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS Apps

Introspy-iOS

Security profiling for blackbox iOS

Android-SSL-TrustKiller

Bypass SSL certificate pinning for most applications

sslyze

Current development of SSLyze now takes place on a separate repository

jailbreak

Introspy-Android

Security profiling for blackbox Android

android-ssl-bypass

Black box tool to bypass SSL verification on Android, even when pinning is used.

yontma-mac

You'll Never Take Me Alive!

ssl-conservatory

Sample SSL client code for correct endpoint validation.

Introspy-Analyzer

LibTech-Auditing-Cheatsheet

nano-ecc

A very small ECC implementation for 8-bit microcontrollers

Android-OpenDebug

Make any application debuggable

tlspretense

A test framework for testing SSL/TLS client certificate validation.

yontma

You'll never take me alive.

Android-KillPermAndSigChecks

Bypass signature and permission checks for IPCs

publications

iSEC Partners' research publications

RtspFuzzer

RTSP network protocol fuzzer

femtocatcher

manifest-explorer

A tool for viewing Android application Manifests.

fuzzbox

A multi-codec media fuzzing tool.

scout

AWS EC2 and S3 Security Auditing Tool

dnsRedir

R2B2

A brute-forcing delta robot

PeachFarmer

A log collector for Peach fuzzing in the cloud

vtfinder

pykd script to dynamically find vtables on heap (windows x86/x64)

sqlperms

A tool for calculating necessary SQL Server permissions

package-play

Tool for viewing Android package details, including permissions, services, activities, and more.

libshambles

A library for efficient interception of established TCP connections

hiccupy

Jython binding for Burp to facilitate realtime traffic analysis and modification using simple plugins.

ZigTools

ccs-testing-tool

samlpummel

A BeanShell plugin for WebScarab to automate SAML auditing.

gizmo

A graphical web proxy written in Java. It is designed to be speedy, with the user interfaced centered around keyboard use. It should do what you want, and then get out of your way.

extractparam

SecureNSCoder

NSKeyed(Un)ArchiverDelegate implementation to encrypt state prior to preservation and decrypt it when restoring.