nccgroup/blackboxprotobuf

Stars
380
Rank 112,766 (Top 3 %)
Language
Python
License
MIT License
Created over 6 years ago
Updated over 1 year ago

nccgroup/blackboxprotobuf

nccgroup

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Blackbox protobuf is a Burp Suite extension for decoding and modifying arbitrary protobuf messages without the protobuf type definition.

Blackbox Protobuf

Blackbox Protobuf now has an official package on PyPi under the name bbpb. The blackboxprotobuf package is an older fork

Description

Blackbox Protobuf is a set of tools for working with encoded Protocol Buffers (protobuf) without the matching protobuf definition.

Protobuf is a binary serialization format from Google which can be used as a more efficient alternative to formats like JSON or XML. Developers can define the message format in a .proto file and use the protobuf compiler to geneerate message handlers in their language of choice. The protobuf encoding is binary, and unlike json/xml not human readable or easy to modify by hand. The format also takes advantage of both sides having the message definition and strips out much of the type information. This is good for efficiency, but increases the difficulty analyzing or modifying the network traffic.

Blackbox protobuf is designed to allow working with protocol buffers without the message definition. It was originally implemented as a Burp extension for decoding and modifying messages during mobile pentests, but has also been used for reverse engineering and forensics tooling.

Tools

This repository contains two applications for working with protocol buffers:

A jython burp extension in burp/
A python library that can be used in other applications in lib/

Future Tools

Some tooling that may be built on top of blackboxprotobuf in the future:

mitmproxy addon
command line interface
protobuf type discovery tool

ScoutSuite

Multi-Cloud Security Auditing Tool

Scout2

Security auditing tool for AWS environments

sobelow

Security-focused static analysis for the Phoenix Framework

Winpayloads

Undetectable Windows Payload Generation

demiguise

HTA encryption tool for RedTeams

house

A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.

PMapper

A tool for quickly evaluating IAM permissions in AWS.

redsnarf

RedSnarf is a pen-testing / red-teaming tool for Windows environments

featherduster

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

SocksOverRDP

Socks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services / Citrix / XenApp / XenDesktop

singularity

A DNS rebinding attack framework.

exploit_mitigations

Knowledge base of exploit mitigations available across numerous operating systems, architectures and applications and versions.

AutoRepeater

Automated HTTP Request Repeating With Burp Suite

fuzzowski

the Network Protocol Fuzzer that we will want to use.

aws-inventory

Discover resources created in an AWS account.

BurpSuiteHTTPSmuggler

A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques

Sniffle

A sniffer for Bluetooth 5 and 4.x LE

sadcloud

A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure

TriforceAFL

AFL/QEMU fuzzing with full-system emulation.

nmap-nse-vulnerability-scripts

NMAP Vulnerability Scanning Scripts

LoggerPlusPlus

Advanced Burp Suite Logging Extension

nccfsas

Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.

freddy

Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans

phantap

Phantom Tap (PhanTap) - an ‘invisible’ network tap aimed at red teams

azucar

Security auditing tool for Azure environments

tracy

A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.

VCG

VisualCodeGrepper - Code security scanning tool.

Visual Basic .NET

Cyber-Defence

Information released publicly by NCC Group's Cyber Incident Response Team

scrying

A tool for collecting RDP, web and VNC screenshots all in one place

autochrome

This tool downloads, installs, and configures a shiny new copy of Chromium.

wssip

Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa.

idahunt

idahunt is a framework to analyze binaries with IDA Pro and hunt for things in IDA Pro

autopwn

Specify targets and run sets of tools against them

CrossSiteContentHijacking

Content hijacking proof-of-concept using Flash, PDF and Silverlight

Solitude

Solitude is a privacy analysis tool that enables anyone to conduct their own privacy investigations. Whether a curious novice or a more advanced researcher, Solitude makes the process of evaluating user privacy within an app accessible for everyone.

vlan-hopping---frogger

Easy 802.1Q VLAN Hopping

shocker

A tool to find and exploit servers vulnerable to Shellshock

DriverBuddy

DriverBuddy is an IDA Python script to assist with the reverse engineering of Windows kernel drivers.

WMIcmd

A command shell wrapper using only WMI for Microsoft Windows

acCOMplice

Tools for discovery and abuse of COM hijacks

SusanRTTI

Another RTTI Parsing IDA plugin

umap

The USB host security assessment tool

metasploitavevasion

Metasploit AV Evasion Tool

keimpx

Check for valid credentials across a network over SMB

umap2

Umap2 is the second revision of NCC Group's python based USB host security assessment tool.

depthcharge

A U-Boot hacking toolkit for security researchers and tinkerers

UPnP-Pentest-Toolkit

UPnP Pentest Toolkit for Windows

GTFOBLookup

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Project/LOLBAS), WADComs (https://wadcoms.github.io), and HijackLibs (https://hijacklibs.net/).

G-Scout

Google Cloud Platform Security Tool

asatools

Main repository to pull all NCC Group Cisco ASA-related tool projects.

cisco-SNMP-enumeration

Automated Cisco SNMP Enumeration, Brute Force, Configuration Download and Password Cracking

thetick

A simple embedded Linux backdoor.

AWS-recipes

A number of Recipes for AWS

kube-auto-analyzer

Kubernetes Auto Analyzer

TPMGenie

TPM Genie is an I2C bus interposer for discrete Trusted Platform Modules

BinProxy

BinProxy is a proxy for arbitrary TCP connections. You can define custom message formats using the BinData gem.

TriforceLinuxSyscallFuzzer

A linux system call fuzzer using TriforceAFL

DetectWindowsCopyOnWriteForAPI

Enumerate various traits from Windows processes as an aid to threat hunting

pybeacon

A collection of scripts for dealing with Cobalt Strike beacons in Python

BKScan

BlueKeep scanner supporting NLA

typofinder

A finder of domain typos showing country of IP address

BLESuite

BLESuite is a Python package that provides an easier way to test Bluetooth Low Energy (BLE) device

SteppingStones

A Red Team Activity Hub

libslub

tcpprox

A small command-line TCP proxy utility written in Python

requests-racer

Small Python library that makes it easy to exploit race conditions in web apps with Requests.

LazyDroid

bash script to facilitate some aspects of an Android application assessment

chuckle

An automated SMB relay exploitation script.

whalescan

Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulnerable packages on the container

gitpwnd

GitPwnd is a network penetration tool that lets you use a git repo for command and control of compromised machines

Carnivore

Tool for assessing on-premises Microsoft servers authentication such as ADFS, Skype, Exchange, and RDWeb

CollaboratorPlusPlus

Change-Lockscreen

Offensive tool to trigger network authentications as SYSTEM

Decoder-Improved

Improved decoder for Burp Suite

OutlookLeakTest

The Outlook HTML Leak Test Project

Wubes

Qubes containerization on Windows

port-scan-automation

Automate NMAP Scans and Generate Custom Nessus Policies Automatically

Hodor

Hodor! Fuzzer..

Zulu

The Zulu fuzzer

WinShareEnum

Windows Share Enumerator

memscan

Searches for strings, regex, credit card numbers of magnetic stripe card tracks in a Windows process's memory space

ebpf

eBPF - extended Berkeley Packet Filter tooling

argumentinjectionhammer

A Burp Extension designed to identify argument injection vulnerabilities.

cq

DroppedConnection

SCOMDecrypt

SCOMDecrypt is a tool to decrypt stored RunAs credentials from SCOM servers

GOATCasino

This is an intentionally vulnerable smart contract truffle deployment aimed at allowing those interested in smart contract security to exploit a wide variety of issues in a safe environment.

OneLogicalMyth_Shell

A HTA shell to assist with breakout assessments.

BLE-Replay

BLE-Replay is a Bluetooth Low Energy (BLE) peripheral assessment tool

cloud_ip_ranges

Identify IP addresses owned by public cloud providers

web3-decoder

ccs

WindowsDACLEnumProject

A collection of tools to enumerate and analyse Windows DACLs

raccoon

Salesforce object access auditor

DIBF

Windows NT ioctl bruteforcer and modular fuzzer

go-pillage-registries

Pentester-focused Docker registry tool to enumerate and pull images

DatajackProxy

Datajack Proxy allows you to intercept TLS traffic in native x86 applications across platforms

pcap-burp

Pcap importer for Burp

jwt-reauth

Berserko

Burp Suite extension to perform Kerberos authentication