Kaonashi Project
Date: 05/2019
Conference: RootedCon 2019
Research/Talk: I know your p4$$w0rd (and if I don't, I will guess it)
This repository contains several directories:
- Sorted Masks for hashcat
- Advanced Rules for hashcat
- Links to download the Kaonishi's Wordlists
- Slides used in our talk I know your p4$$w0rd (and if I don't, I will guess it... at RootedCON (2019)
Repo at GitHub: https://github.com/kaonashi-passwords/Kaonashi
WhatsApp < v2.11.7 Remote Crash
Product: WhatsApp
Vendor Homepage: http://www.whatsapp.com
Vulnerable Version(s): 2.11.7 and prior on iOS
Tested on: WhatsApp v2.11.7 on iPhone 5 running iOS 7.0.4
Solution Status: Fixed by Vendor on v2.11.8
Date: 04/2014
Research/Talk: WhatsApp: mentiras y cintas de vídeo
Custom message with non-printable characters will crash any WhatsApp client < v2.11.7 for iOS.
Repo at GitHub: https://github.com/segofensiva/WhatsAppRemoteCrash
WhatsApp Privacy Guard
Product: WhatsApp
Vendor Homepage: http://www.whatsapp.com
Tested on: WhatsApp v2.11.7 on iPhone 5 running iOS 7.0.4
Date: 12/2013
Press Article: Dos ingenieros españoles burlan la seguridad de WhatsApp
Research/Talk: WhatsApp: mentiras y cintas de vídeo
The main objective of the research is to add new layers of security and privacy to ensure that in the exchange of information between members of a conversation both the integrity and confidentiality cannot be affected by an external attacker. This is achieved through a system to anonymize and encrypt conversations and data sent via WhatsApp, so that when they reach the servers they are not in "plain text" and only readable to the rightful owners.
WhatsApp Privacy Guard is a tool completely transparent to the users and we will show how this technique can be used against other IM protocols and apps.
OSfooler
Date: 08/2013
Conference: Blackhat USA 2013
Research/Talk: Arsenal
Using commercial tools to secure your network is recommended, but it is necessary to be one step further to keep the system secure. With this technique you can give that step in order defend your servers against the first phase of all attacks Fingerprinting. This is done by intercepting all traffic that your box is sending in order to camouflage and modify in real time the flags in TCP/IP packets that discover your system.
This tool is a practical approach for detecting and defeating:
- Active remote OS fingerprinting: like Nmap or Xprobe
- Passive remote OS fingeprinting: like p0f or pfsense
- Commercial engines like Sourcefire's FireSiGHT OS fingerprinting
Repo at GitHub: https://github.com/segofensiva/OSfooler