nccgroup/DatajackProxy

Stars
100
Rank 340,703 (Top 7 %)
Language
JavaScript
License
MIT License
Created over 5 years ago
Updated about 5 years ago

nccgroup/DatajackProxy

nccgroup

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Datajack Proxy allows you to intercept TLS traffic in native x86 applications across platforms

Datajack Proxy

Datajack Proxy a tool to intercept non-HTTP traffic between a native application and a server. This would allow for communications interception and modification, even if encryption and certificate pinning were in use. This is done by hooking the application and intercepting calls to common socket and TLS libraries, and reading the data prior to encryption (for outbound) and after decryption (for inbound).

This is accomplished by injecting JavaScript into the native process using the Frida API.

Features

Inject into process
- Linux (Using OpenSSL SSL_Read and SSL_Write)
- Windows (Using schannel EncryptMessage [DecryptMessage todo])
Read/write data prior to outbound encryption on Linux
Read/write data after inbound decryption on Linux
Read data prior to outbound encryption on Windows (write is todo)

Note: Currently only Linux and Windows are supported. Linux supports the OpenSSL calls SSL_Write and SSL_Read.

Usage

Help

python DatajackProxy.py -h

Attach

Attach to existing process <pid>

python DatajackProxy.py -p <pid>

Attach to existing process with name <processName>

python DatajackProxy.py -n <processName>

Attach to Windows process with name OUTLOOK.EXE

python DatajackProxy.py -n OUTLOOK.EXE -o windows

Requirements and Installation

Python 3
Frida API

Assuming you have python 3, install Frida with pip pip3 install frida
Clone DataJack Proxy git clone [email protected]:cwatt/DatajackProxy.git

ScoutSuite

Multi-Cloud Security Auditing Tool

Scout2

Security auditing tool for AWS environments

sobelow

Security-focused static analysis for the Phoenix Framework

Winpayloads

Undetectable Windows Payload Generation

demiguise

HTA encryption tool for RedTeams

house

A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.

PMapper

A tool for quickly evaluating IAM permissions in AWS.

redsnarf

RedSnarf is a pen-testing / red-teaming tool for Windows environments

featherduster

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

SocksOverRDP

Socks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services / Citrix / XenApp / XenDesktop

singularity

A DNS rebinding attack framework.

exploit_mitigations

Knowledge base of exploit mitigations available across numerous operating systems, architectures and applications and versions.

AutoRepeater

Automated HTTP Request Repeating With Burp Suite

fuzzowski

the Network Protocol Fuzzer that we will want to use.

aws-inventory

Discover resources created in an AWS account.

BurpSuiteHTTPSmuggler

A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques

Sniffle

A sniffer for Bluetooth 5 and 4.x LE

sadcloud

A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure

TriforceAFL

AFL/QEMU fuzzing with full-system emulation.

nmap-nse-vulnerability-scripts

NMAP Vulnerability Scanning Scripts

LoggerPlusPlus

Advanced Burp Suite Logging Extension

nccfsas

Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.

freddy

Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans

phantap

Phantom Tap (PhanTap) - an ‘invisible’ network tap aimed at red teams

azucar

Security auditing tool for Azure environments

tracy

A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.

VCG

VisualCodeGrepper - Code security scanning tool.

Visual Basic .NET

Cyber-Defence

Information released publicly by NCC Group's Cyber Incident Response Team

scrying

A tool for collecting RDP, web and VNC screenshots all in one place

autochrome

This tool downloads, installs, and configures a shiny new copy of Chromium.

wssip

Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa.

blackboxprotobuf

Blackbox protobuf is a Burp Suite extension for decoding and modifying arbitrary protobuf messages without the protobuf type definition.

idahunt

idahunt is a framework to analyze binaries with IDA Pro and hunt for things in IDA Pro

autopwn

Specify targets and run sets of tools against them

CrossSiteContentHijacking

Content hijacking proof-of-concept using Flash, PDF and Silverlight

Solitude

Solitude is a privacy analysis tool that enables anyone to conduct their own privacy investigations. Whether a curious novice or a more advanced researcher, Solitude makes the process of evaluating user privacy within an app accessible for everyone.

vlan-hopping---frogger

Easy 802.1Q VLAN Hopping

shocker

A tool to find and exploit servers vulnerable to Shellshock

DriverBuddy

DriverBuddy is an IDA Python script to assist with the reverse engineering of Windows kernel drivers.

WMIcmd

A command shell wrapper using only WMI for Microsoft Windows

acCOMplice

Tools for discovery and abuse of COM hijacks

SusanRTTI

Another RTTI Parsing IDA plugin

umap

The USB host security assessment tool

metasploitavevasion

Metasploit AV Evasion Tool

keimpx

Check for valid credentials across a network over SMB

umap2

Umap2 is the second revision of NCC Group's python based USB host security assessment tool.

depthcharge

A U-Boot hacking toolkit for security researchers and tinkerers

UPnP-Pentest-Toolkit

UPnP Pentest Toolkit for Windows

GTFOBLookup

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Project/LOLBAS), WADComs (https://wadcoms.github.io), and HijackLibs (https://hijacklibs.net/).

G-Scout

Google Cloud Platform Security Tool

asatools

Main repository to pull all NCC Group Cisco ASA-related tool projects.

cisco-SNMP-enumeration

Automated Cisco SNMP Enumeration, Brute Force, Configuration Download and Password Cracking

thetick

A simple embedded Linux backdoor.

AWS-recipes

A number of Recipes for AWS

kube-auto-analyzer

Kubernetes Auto Analyzer

TPMGenie

TPM Genie is an I2C bus interposer for discrete Trusted Platform Modules

BinProxy

BinProxy is a proxy for arbitrary TCP connections. You can define custom message formats using the BinData gem.

TriforceLinuxSyscallFuzzer

A linux system call fuzzer using TriforceAFL

DetectWindowsCopyOnWriteForAPI

Enumerate various traits from Windows processes as an aid to threat hunting

pybeacon

A collection of scripts for dealing with Cobalt Strike beacons in Python

BKScan

BlueKeep scanner supporting NLA

typofinder

A finder of domain typos showing country of IP address

BLESuite

BLESuite is a Python package that provides an easier way to test Bluetooth Low Energy (BLE) device

SteppingStones

A Red Team Activity Hub

libslub

tcpprox

A small command-line TCP proxy utility written in Python

requests-racer

Small Python library that makes it easy to exploit race conditions in web apps with Requests.

LazyDroid

bash script to facilitate some aspects of an Android application assessment

chuckle

An automated SMB relay exploitation script.

whalescan

Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulnerable packages on the container

gitpwnd

GitPwnd is a network penetration tool that lets you use a git repo for command and control of compromised machines

Carnivore

Tool for assessing on-premises Microsoft servers authentication such as ADFS, Skype, Exchange, and RDWeb

CollaboratorPlusPlus

Change-Lockscreen

Offensive tool to trigger network authentications as SYSTEM

Decoder-Improved

Improved decoder for Burp Suite

OutlookLeakTest

The Outlook HTML Leak Test Project

Wubes

Qubes containerization on Windows

port-scan-automation

Automate NMAP Scans and Generate Custom Nessus Policies Automatically

Hodor

Hodor! Fuzzer..

Zulu

The Zulu fuzzer

WinShareEnum

Windows Share Enumerator

memscan

Searches for strings, regex, credit card numbers of magnetic stripe card tracks in a Windows process's memory space

ebpf

eBPF - extended Berkeley Packet Filter tooling

argumentinjectionhammer

A Burp Extension designed to identify argument injection vulnerabilities.

cq

DroppedConnection

SCOMDecrypt

SCOMDecrypt is a tool to decrypt stored RunAs credentials from SCOM servers

GOATCasino

This is an intentionally vulnerable smart contract truffle deployment aimed at allowing those interested in smart contract security to exploit a wide variety of issues in a safe environment.

OneLogicalMyth_Shell

A HTA shell to assist with breakout assessments.

BLE-Replay

BLE-Replay is a Bluetooth Low Energy (BLE) peripheral assessment tool

cloud_ip_ranges

Identify IP addresses owned by public cloud providers

web3-decoder

ccs

WindowsDACLEnumProject

A collection of tools to enumerate and analyse Windows DACLs

raccoon

Salesforce object access auditor

DIBF

Windows NT ioctl bruteforcer and modular fuzzer

go-pillage-registries

Pentester-focused Docker registry tool to enumerate and pull images

pcap-burp

Pcap importer for Burp

jwt-reauth

Berserko

Burp Suite extension to perform Kerberos authentication