I've been using Scapy for years and one thing that's always bothered me was it's performace, especially when it comes to sending packets, to give you an idea:
from scapy.all import *
for i in range(0, 10):
send(ARP(pdst='192.168.1.88',
psrc='192.168.1.11 …
While I was re-writing the Spoof plugin for MITMf I came across the "pythonic" way of using Nfqueue with python.
Previously the plugin was using code from dnspoof.py for DNS tampering, which used the nfqueue-bindings python library from here.
Problem was that it was a pain to setup: you …
When I successfully extract a file system from the firmware of an embedded system, the first thing that I do is run grep or strings looking for low hanging fruit or even potential command injection vulns.
What I wanted though is something that recursively checked all files of a directory …
Now I'm pretty sure there was a talk at BlackHat a couple of years ago about doing this, so this might not be anything new but I'll write about it anyway.
This is a great way to exfiltrate data from a network: it's stealthy (who looks at traffic going to …