Tools
WaiLin
What is WaiLin? An affordable GPS location/time spoofing detection suite for the masses Purpose After a recent discussion with some colleagues about some GPS spoofing mysteries in Shanghai, it was noted that there is no way for an average human to detect when GPS...
Peirates
What is Peirates? What is Peirates? Peirates is a penetration testing tool for Kubernetes, focused on privilege escalation and lateral movement. It has an interactive interface, wherein the penetration tester chooses actions from the techniques that Peirates encodes....
Invoke-Clipboard
By Adam Crompton, Senior Security Consultant, InGuardians Invoke-Cliboard is a powershell tool for acquiring clipboard data on Windows machines as well as creation of command and control through the clipboard. Invoke-Clipboard is written in PowerShell to use the...
Vapor Trail – The First FM Radio Data Exfiltration Tool
As red team members and even "evil attackers", we've been finding numerous ways to exfiltrate data from networks with inexpensive hardware: Ethernet, WiFi and cellular (2G, 3G and LTE). The first two are highly detectable, while the latter is expensive and both leave...
ServifyThis
InGuardians’ ServifyThis program takes any Windows executable and converts it into a form suitable for use as a Windows service. Read more about this on the ServifyThis page. GitHub: https://github.com/inguardians/ServifyThis
Yokoso
Yokoso is a project focused on creating fingerprinting code that is deliverable through some form of client attack. This can be used during penetration tests that combine network and web applications. One of the most common questions we hear is “so what can you do...
Microsoft’s Wlsample tool for Windows Vista
Microsoft included a tool called “wlsample.exe” with the Windows Software Development Kit (SDK) for Windows Server 2008. This program allows a penetration tester to connect to a network without generating a saved profile. Microsoft has released source code for this...
nm2lp (NetMon to LibPcap)
While the NetMon UI has powerful features for analyzing packet captures, few attack tools include the ability to natively read from the NetMon stored capture file format. In order to leverage tools such as Aircrack-ng, coWPAtty and Cain for wireless analysis, the...
VistaRFMON
Monitor mode is a valued feature for both the wireless penetration tester and security analyst. It allows the penetration tester to disconnect from a network and capture all frames in the network with full IEEE 802.11 headers and associated detail. By cycling through...
Wlan2eth
Wlan2eth is a simple tool to convert packet captures in 802.11 format to Ethernet format. Lots of tools can only understand Ethernet link types, so I wrote this tool to convert captures to a format that they can understand. For each packet in an input 802.11 capture...