all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Sh4D0Wup - Signing-key Abuse And Update Exploitation Framework

Add to bookmarks
April 30, 2023, 12:30 p.m. | noreply@blogger.com (Unknown)

KitPloit - PenTest Tools! www.kitploit.com


Signing-key abuse and update exploitation framework.

% docker run -it --rm ghcr.io/kpcyrd/sh4d0wup:edge -h
Usage: sh4d0wup [OPTIONS] <COMMAND>

Commands:
  bait         Start a malicious update server
  front        Bind a http/https server but forward everything unmodified
  infect       High level tampering, inject additional commands into a package
  tamper       Low level tampering, patch a package database to add malicious packages, cause updates or influence dependency resolution
  keygen       Generate signing keys with the given parameters
  sign         Use signing keys to generate signatures
  hsm          Interact with hardware …

abuse bind command database docker edge exploitation forward framework high http https infect inject key low malicious options package patch penetration testing redteaming run server sh4d0wup signing start supply chain security tampering update

Visit resource

More from www.kitploit.com / KitPloit - PenTest Tools!

PingRAT - Secretly Passes C2 Traffic Through Firewalls Using ICMP Payloads 1 day ago | www.kitploit.com
firewall bypass fud rat hacking tools penetration testing +3
LOLSpoof - An Interactive Shell To Spoof Some LOLBins Command Line 2 days ago | www.kitploit.com
call clear command command line +15
SQLMC - Check All Urls Of A Domain For SQL Injections 3 days ago | www.kitploit.com
pentesting pentest tool python3 sqlinjection +1
BadExclusionsNWBO - An Evolution From BadExclusions To Identify Folder Custom Or Undocumented Exclusions On AV/EDR 4 days ago | www.kitploit.com
badexclusionsnwbo edr evasion pentesting redteam
Ioctlance - A Tool That Is Used To Hunt Vulnerabilities In X64 WDM Drivers 5 days ago | www.kitploit.com
analysis blue code detect +18
NTLM Relay Gat - Powerful Tool Designed To Automate The Exploitation Of NTLM Relays 5 days, 9 hours ago | www.kitploit.com
ntlm relay gat ntlm_relay_gat
Gftrace - A Command Line Windows API Tracing Tool For Golang Binaries 1 week ago | www.kitploit.com
api command command line deimosc2 +17
HardeningMeter - Open-Source Python Tool Carefully Designed To Comprehensively Assess The Security Hardening Of Binaries … 1 week, 1 day ago | www.kitploit.com
hardeningmeter protection python python3 +2
JS-Tap - JavaScript Payload And Supporting Software To Be Used As XSS Payload Or Post … 1 week, 2 days ago | www.kitploit.com
js-tap multithreaded taken traffic +3

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Engineer

@ LiquidX | Singapore, Central Singapore, Singapore
View on infosec-jobs.com

Application Security Engineer

@ Solidigm | Zapopan, Mexico
View on infosec-jobs.com

Application Security Engineer

@ Yassir | worldwide
View on infosec-jobs.com

Senior Windows Threat & Detection Security Researcher (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

MDR Security Analyst

@ SentinelOne | Israel
View on infosec-jobs.com

Principal Security Research Engineer (Prisma Cloud)

@ Palo Alto Networks | Bengaluru, India
View on infosec-jobs.com
View more jobs