Skip to content

freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 

Repository files navigation

image

Java Android Magisk Burp Objection Root Emulator Easy (JAMBOREE)

JAMBOREE, originally an Android Testing Suite, has expanded into a comprehensive suite of InfoSec tools. Check out the screenshots and support table below!

Get a working portable Python/Git/Java environment on Windows in SECONDS without having local administrator, regardless of your broken Python or other environment variables. Our open-source script downloads directly from proper sources without any binaries. While the code may not be perfect, it includes many useful PowerShell tricks.

  • Run Android apps and pentest without the adware and malware of BlueStacks or NOX.

Features / Request

Core Status
RMS:Runtime Mobile Security ✔️
Brida, Burp to Frida bridge
SaftyNet+ Bypass
Burp Suite Pro / CloudFlare UserAgent Workaround-ish ✔️
ZAP Using Burp ✔️
Google Play ✔️
Java ✔️
Android 11 API 30 ✔️
Magisk ✔️
Burp ✔️
Objection ✔️
Root ✔️
Python ✔️
Frida ✔️
Certs ✔️
AUTOMATIC1111 ✔️
SD.Next Stable Diffusion implementation with advanced features ✔️
AutoGPT ✔️
Bloodhound ✔️
PyCharm ✔️
OracleLinux WSL ✔️
Ubuntu/Olamma WSL ✔️
Postgres No admin ✔️
SillyTavern ✔️
Volatility 3 ✔️
Arduino IDE / Duck2Spark ✔️
Youtube Downloader Yt-dlp ✔️
SOCFortress CoPilot / Velociraptor / Wazuh WSL ✔️

How it works:

  • Temporarily resets your windows $PATH environment variable to fix any issues with existing python/java installation
  • Build a working Python environment in seconds using a tiny 16 meg nuget.org Python binary and portable PortableGit. Our solution doesn't require a package manager like Anaconda.

I would like to make it even easier to use but I don't want to spend more time developing it if nobody is going to use it! Please let me know if you like it and open bugs/suggestions/feature request etc! you can contact me at https://rmccurdy.com !

Installation/Requirements ( For Android AVD Emulator) :

WSL or just "virtual machine platform"

OR

  • Local admin just to install Android AVD Driver or :

HAXM Intel driver ( https://github.com/intel/haxm )

OR

AMD ( https://github.com/google/android-emulator-hypervisor-driver-for-amd-processors )

Usage:

Put ps1 file in a folder
Rightclick Run with PowerShell

OR

From command prompt

powershell -ExecutionPolicy Bypass -Command "[scriptblock]::Create((Invoke-WebRequest "https://raw.githubusercontent.com/freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy/main/JAMBOREE.ps1").Content).Invoke();"

More infomation on bypass Root Detection and SafeNet https://www.droidwin.com/how-to-hide-root-from-apps-via-magisk-denylist/

( Watch the Video Tutorial below it's a 3-5 min process. You only have to setup once. After that it's start burp then start AVD )

Burp/Android Emulator (Video Tutorial )

Update Video with 7minsec Podcast!

https://youtu.be/XdXleap0BiM

name

(Video Tutorial)

https://youtu.be/pYv4UwP3BaU

name

USB Rubber Ducky Scripts & Payloads Python 3 Arduino DigiSpark

https://youtu.be/e8tKhFS0Tow

name

Old payloads: https://github.com/hak5/usbrubberducky-payloads/tree/1d3e9be7ba3f80cdb008885fac49be2ba926649d/payloads

PhreakNIC 24: Java Android Magisk Burp Objection Root Emulator Easy (JAMBOREE)

https://www.youtube.com/watch?v=R1eu2Ui1ZLU

name

ScreenShots

GUI-ish

image

SOCFortress CoPilot / Velociraptor / Wazuh

name

image

Postgres (no admin ) and RockyLinks OracleLinux WSL !

image

RMS

image

Debloat

image

Burp Proxy/ZAP Proxy

image

Burp Crawl Config

Included %USERPROFILE%\AppData\Roaming\BurpSuite\ConfigLibrary_JAMBOREE_Crawl_Level_01.json the "Headed" Browser is no longer supported

Example Objection / Frida

image

Credit

Rogdham/python-xz#4 for xz extraction in Python!!!

https://github.com/newbit1/rootAVD RootAVD

Bloodhound-Portable Bloodhound Portable

Six Degrees of Domain Admin

image

Useful cypher queries and links

https://www.youtube.com/@specterops/videos

https://posts.specterops.io/cypher-queries-in-bloodhound-enterprise-c7221a0d4bb3

The BloodHound 4.3 Release Get Global Admin More Often.mp4 20230418

https://www.google.com/search?q=%22shortestPath%22+%22bloodhound%22+site:github.com

https://github.com/drak3hft7/Cheat-Sheet---Active-Directory

https://gist.github.com/jeffmcjunkin/7b4a67bb7dd0cfbfbd83768f3aa6eb12

https://hausec.com/2019/09/09/bloodhound-cypher-cheatsheet/

https://github.com/BloodHoundAD/BloodHound/wiki/Cypher-Query-Gallery

https://risky.biz/soapbox74/

Slack

https://bloodhoundhq.slack.com ( not sure how to get invite )

BloodHound Portable for Windows (You can run this without local admin. No Administrator required)

Presentation

Usage

  1. Download the .ps1 script
  2. Click the SharpHound button as a normal domain user Alternatively you can use Runas.exe inside of a VM under domain user context with runas /netonly /user:"US.COMPANY.DOMAIN.COM\UESERNAME@COMPANY.COM" cmd or try /user:"DOMAIN\USERNAME" to run SharpHound.exe
  3. Click Neo4j to start the database
  4. Change the default Neo4j password. Wait for Neo4j You must change password at http://localhost:7474
  5. Click Bloodhound button to start bloodhound
  6. Import the .zip of JSON files from the output of SharpHound.exe -s --CollectionMethods All --prettyprint true

Parse Sharphound Output Pretty_Bloodhound.py ( not needed they fixed it )

** You may need to whitelist or disable Bloodhound/Sharphound in your Endpoint Security Software ( Or just obfucate it if your lucky... Resource Hacker or echo '' >> Sharphound.exe etc ... ) **

** Last tested Bloodhound 4.1.0 **

image

Credit: https://bloodhound.readthedocs.io/en/latest/_images/SharpHoundCheatSheet.png

image

About

Java Android Magisk Burp Objection Root Emulator Easy (JAMBOREE)

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published