Category Our Tools

So I started working on a wiki to drop occasional oneliners and examples that I’ve come across that are useful. It’s a work in progress and any suggestions are welcome.
bhafsec.com/wiki/

rcrypt is a Windows PE binary crypter (a type of packer) written by Rage that has a bunch of features and makes use of timelock techniques to cause a delay in execution. This delay can cause analysis to fail on time constrained systems such as on disk scanners. rcrypt can pack exes and dll files. It bypasses KAV and many other Avs.
Writeup
Release

Utilite Pro is a quad core ARM cortex-A9 machine with up to 4 GB of RAM, up to 512 GB mSATA SSD, HDMI and DVI-D output, dual (2x) 1GB nics, a built in wireless card and 4 USB ports. The guys from OffSec show you how to build your Arm image to run on it. Not too bad for a $200 dropbox that you can use on site during pentests.

This is a program illwill made in assembly that does a reverse Caller ID lookup. Just type or paste the number in the box and press ‘lookup’, if it finds any data it’ll display it on the screen above. Works with some cell phone numbers too.
Download it ::HERE::

Added a program I made a few years ago that simulates phone box tones
(DTMF, Blue, red,orange,silver,etc…)
Download it our ::files section::

RobinHood is a simple program in assembler that steal’s the victim’s BitCoin wallet.dat and uploads it to an FTP server. You need to assemble the source yourself, get it ::HERE::

Programmable embedded devices have the capability of being detected as a HID device , just like a keyboard or mouse. So if you have physical access and a minute alone you can basically own a system with something the size of your thumb. The possibilities are endless, HTTP/FTP download, injecting binaries into debug or Powershell etc....