all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Sh4D0Wup - Signing-key Abuse And Update Exploitation Framework

Add to bookmarks
April 30, 2023, 12:30 p.m. | noreply@blogger.com (Unknown)

KitPloit - PenTest Tools! www.kitploit.com


Signing-key abuse and update exploitation framework.

% docker run -it --rm ghcr.io/kpcyrd/sh4d0wup:edge -h
Usage: sh4d0wup [OPTIONS] <COMMAND>

Commands:
  bait         Start a malicious update server
  front        Bind a http/https server but forward everything unmodified
  infect       High level tampering, inject additional commands into a package
  tamper       Low level tampering, patch a package database to add malicious packages, cause updates or influence dependency resolution
  keygen       Generate signing keys with the given parameters
  sign         Use signing keys to generate signatures
  hsm          Interact with hardware …

abuse bind command database docker edge exploitation forward framework high http https infect inject key low malicious options package patch penetration testing redteaming run server sh4d0wup signing start supply chain security tampering update

Visit resource

More from www.kitploit.com / KitPloit - PenTest Tools!

PingRAT - Secretly Passes C2 Traffic Through Firewalls Using ICMP Payloads 4 hours ago | www.kitploit.com
firewall bypass fud rat hacking tools penetration testing +3
LOLSpoof - An Interactive Shell To Spoof Some LOLBins Command Line 1 day, 4 hours ago | www.kitploit.com
call clear command command line +15
SQLMC - Check All Urls Of A Domain For SQL Injections 2 days, 4 hours ago | www.kitploit.com
pentesting pentest tool python3 sqlinjection +1
BadExclusionsNWBO - An Evolution From BadExclusions To Identify Folder Custom Or Undocumented Exclusions On AV/EDR 3 days, 4 hours ago | www.kitploit.com
badexclusionsnwbo edr evasion pentesting redteam
Ioctlance - A Tool That Is Used To Hunt Vulnerabilities In X64 WDM Drivers 4 days, 4 hours ago | www.kitploit.com
analysis blue code detect +18
NTLM Relay Gat - Powerful Tool Designed To Automate The Exploitation Of NTLM Relays 4 days, 13 hours ago | www.kitploit.com
ntlm relay gat ntlm_relay_gat
Gftrace - A Command Line Windows API Tracing Tool For Golang Binaries 6 days, 4 hours ago | www.kitploit.com
api command command line deimosc2 +17
HardeningMeter - Open-Source Python Tool Carefully Designed To Comprehensively Assess The Security Hardening Of Binaries … 1 week ago | www.kitploit.com
hardeningmeter protection python python3 +2
JS-Tap - JavaScript Payload And Supporting Software To Be Used As XSS Payload Or Post … 1 week, 1 day ago | www.kitploit.com
js-tap multithreaded taken traffic +3

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

GCP Incident Response Engineer

@ Publicis Groupe | Dallas, Texas, United States
View on infosec-jobs.com

DevSecOps Engineer - CL - Santiago

@ Globant | Santiago de Chile, Santiago, CL
View on infosec-jobs.com

IT Security Analyst - State Government & Healthcare

@ NTT DATA | Little Rock, AR, US
View on infosec-jobs.com

Exploit Developer

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com

Senior Manager, Response Analytics & Insights (Fraud Threat Management)

@ Scotiabank | Toronto, ON, CA, M3C0N5
View on infosec-jobs.com

Cybersecurity Risk Analyst IV

@ Computer Task Group, Inc | Buffalo, NY, United States
View on infosec-jobs.com
View more jobs