Our fork of the esp-link firmware with a built in VNC server for passing input events to an AVR. Part of our Universal Serial aBUSe project.
A rudimentary remote desktop tool for the X11 protocol exploiting unauthenticated x11 sessions
Checks X11 and outputs a screenshot to of the display if allowed and the display is active
A tool to abuse Exchange services
Automated DLL Enumerator
Universal Serial aBUSe is a project to demonstrate the risks of hardware bypasses of software security by Rogan Dawes at SensePost.
Miscellaneous projects related to attacking Windows.
Python script to inject existing Android applications with a Meterpreter payload.
A websocket proxy
The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
Big Iron Recon & Pwnage
DNS-Shell is an interactive Shell over DNS channel
Drag and Drop ClickJacking PoC development assistance tool.
(extensible) Data Exfiltration Toolkit (DET)
Wadi Fuzzing Harness
SensePost's patches to hostapd for rogue access points. First presented at Defcon 22
Local Transform Wrapper for Maltego
Our mana toolkit for wifi rogue AP attacks and MitM - see hostapd-mana too
Quick python script to automatically load NTLM hashes from Responder logs and fires up Hashcat to crack them
A set of local skype transforms for Maltego to utilise Skype and search the directory
Snoopy v2.0 - modular digital terrestrial tracking framework