IMSI-catcher
This program shows you IMSI numbers, country, brand and operator of cellphones around you.
/!\ This program was made to understand how GSM network work. Not for bad hacking !
github: https://github.com/Oros42/IMSI-catcher
📡@hackLabel
This program shows you IMSI numbers, country, brand and operator of cellphones around you.
/!\ This program was made to understand how GSM network work. Not for bad hacking !
github: https://github.com/Oros42/IMSI-catcher
📡@hackLabel
❤2🔥1😍1
Get persistent reverse shell from Android app without visible permissions to make device unusable
This blog will introduce you how it is possible to write a persistent reverse shell app on Android without any user requested and visible permissions. Since such application has no permissions, it shouldn't be able to perform any task. Well, that isn't true. We will take a quick look on how Android permissions system works, how it is possible for such permissions-less shell app to execute remote Denial-Of-Service (DoS), list installed apps, reboot device and others. Besides that, I will show you how to identify such established reverse shell connection from your Android device and get rid of it.
https://www.mobile-hacker.com/2023/09/27/get-persistent-reverse-shell-from-android-app-without-visible-permissions-to-make-device-unusable/
📡@hackLabel
This blog will introduce you how it is possible to write a persistent reverse shell app on Android without any user requested and visible permissions. Since such application has no permissions, it shouldn't be able to perform any task. Well, that isn't true. We will take a quick look on how Android permissions system works, how it is possible for such permissions-less shell app to execute remote Denial-Of-Service (DoS), list installed apps, reboot device and others. Besides that, I will show you how to identify such established reverse shell connection from your Android device and get rid of it.
https://www.mobile-hacker.com/2023/09/27/get-persistent-reverse-shell-from-android-app-without-visible-permissions-to-make-device-unusable/
📡@hackLabel
👍2❤1
Mobile Forensics Services
Recovering Data in a Secure, Efficient, & Lawful Manner
Empowering Police & Law Enforcement Agencies with Smart Forensics Services.
https://www.systoolsgroup.com/services/mobile-forensics.html
📡@hackLabel
Recovering Data in a Secure, Efficient, & Lawful Manner
Empowering Police & Law Enforcement Agencies with Smart Forensics Services.
https://www.systoolsgroup.com/services/mobile-forensics.html
📡@hackLabel
Systoolsgroup
Mobile Forensics Services – Cell Phone Investigations by Experts
SysTools Mobile Forensics Services provide the best cell phone forensics & smartphone forensic investigation. We help you extract cell phone data from Android, iOS, & other devices.
XML Security in Java
Java XML security issues and how to address them
• Parsing XML in Java
• XML-related attacks
• Exponential entity expansion
• XML External Entity Injection
• Researching security features
• Are people parsing XML securely in practice?
• Conclusion
blog: https://semgrep.dev/blog/2022/xml-security-in-java/
📡@hackLabel
Java XML security issues and how to address them
• Parsing XML in Java
• XML-related attacks
• Exponential entity expansion
• XML External Entity Injection
• Researching security features
• Are people parsing XML securely in practice?
• Conclusion
blog: https://semgrep.dev/blog/2022/xml-security-in-java/
📡@hackLabel
👍1
This media is not supported in your browser
VIEW IN TELEGRAM
reconFTW automates the entire process of reconnaissance for you. It outperforms the work of subdomain enumeration along with various vulnerability checks and obtaining maximum information about your target.
reconFTW uses a lot of techniques (passive, bruteforce, permutations, certificate transparency, source code scraping, analytics, DNS records...) for subdomain enumeration which helps you to get the maximum and the most interesting subdomains so that you be ahead of the competition.
It also performs various vulnerability checks like XSS, Open Redirects, SSRF, CRLF, LFI, SQLi, SSL tests, SSTI, DNS zone transfers, and much more. Along with these, it performs OSINT techniques, directory fuzzing, dorking, ports scanning, screenshots, nuclei scan on your target.
github: https://github.com/six2dez/reconftw
📡@hackLabel
reconFTW uses a lot of techniques (passive, bruteforce, permutations, certificate transparency, source code scraping, analytics, DNS records...) for subdomain enumeration which helps you to get the maximum and the most interesting subdomains so that you be ahead of the competition.
It also performs various vulnerability checks like XSS, Open Redirects, SSRF, CRLF, LFI, SQLi, SSL tests, SSTI, DNS zone transfers, and much more. Along with these, it performs OSINT techniques, directory fuzzing, dorking, ports scanning, screenshots, nuclei scan on your target.
github: https://github.com/six2dez/reconftw
📡@hackLabel
❤2👍1
An In-Depth Guide to Mobile Device Forensics.pdf
20.5 MB
An In-Depth Guide to Mobile Device Forensics
GSM . LTE . 5G . IMSI Catchers . SIM Cards . Jammers . iPhone Processor . ADB . Operating System Details . F2FS .
Oxygen Forensics . iCloud . JTAG . SQLite Forensic . Cell Tower . Steganography . Cryptographic Hash . Software Tracking . Smart Televisions ...
📡@hackLabel
GSM . LTE . 5G . IMSI Catchers . SIM Cards . Jammers . iPhone Processor . ADB . Operating System Details . F2FS .
Oxygen Forensics . iCloud . JTAG . SQLite Forensic . Cell Tower . Steganography . Cryptographic Hash . Software Tracking . Smart Televisions ...
📡@hackLabel
👍3
This media is not supported in your browser
VIEW IN TELEGRAM
• Using silent SMS to localize LTE users
• Route to RCE - Dissecting a cheap WiFi repeater
• MojoBox - yet another not so smartlock
projects: https://mandomat.github.io/
📡 t.me/HackLabel
• Route to RCE - Dissecting a cheap WiFi repeater
• MojoBox - yet another not so smartlock
projects: https://mandomat.github.io/
📡 t.me/HackLabel
⚀ Frequency : https://www.worldtimezone.com/gsm.html or https://en.wikipedia.org/wiki/GSM_frequency_bands
⚀ Sdr : https://en.wikipedia.org/wiki/Software-defined_radio
⚀ Sms : https://en.wikipedia.org/wiki/SMS#GSM
⚀ Imsi : https://fr.wikipedia.org/wiki/International_Mobile_Subscriber_Identity
⚀ Cell id : https://en.wikipedia.org/wiki/Cell_ID or https://unwiredlabs.com/
⚀ GSM : https://en.wikipedia.org/wiki/GSM
⚀ Frequency Calculator : https://www.cellmapper.net/arfcn
⚀ GR-GSM : https://github.com/ptrkrysik/gr-gsm
📡 t.me/HackLabel
⚀ Sdr : https://en.wikipedia.org/wiki/Software-defined_radio
⚀ Sms : https://en.wikipedia.org/wiki/SMS#GSM
⚀ Imsi : https://fr.wikipedia.org/wiki/International_Mobile_Subscriber_Identity
⚀ Cell id : https://en.wikipedia.org/wiki/Cell_ID or https://unwiredlabs.com/
⚀ GSM : https://en.wikipedia.org/wiki/GSM
⚀ Frequency Calculator : https://www.cellmapper.net/arfcn
⚀ GR-GSM : https://github.com/ptrkrysik/gr-gsm
📡 t.me/HackLabel
Mobile network hacking All over IP edition
https://deepsec.net/docs/Slides/2019/Mobile_Network_Hacking_Allover-IP_Edition_Luca_Melette_Sina_Yadzanmehr.pdf
📡 t.me/HackLabel
https://deepsec.net/docs/Slides/2019/Mobile_Network_Hacking_Allover-IP_Edition_Luca_Melette_Sina_Yadzanmehr.pdf
📡 t.me/HackLabel
❤🔥3👍2❤1
📡
Photo
Mobile Network Hacking, IP Edition
By Karsten Nohl, Luca Melette & Sina Yazdanmehr
youtube: https://www.youtube.com/watch?v=3XUo7UBn28o
📡 t.me/HackLabel
By Karsten Nohl, Luca Melette & Sina Yazdanmehr
youtube: https://www.youtube.com/watch?v=3XUo7UBn28o
📡 t.me/HackLabel
YouTube
Mobile Network Hacking, IP Edition
By Karsten Nohl, Luca Melette & Sina Yazdanmehr
We explore which protection measures are missing from the mobile network and discuss how to best bring them over from the IT security domain into mobile networks.
Full Abstract & Presentation Materials: …
We explore which protection measures are missing from the mobile network and discuss how to best bring them over from the IT security domain into mobile networks.
Full Abstract & Presentation Materials: …
🔥3👏1
Mobile Espionage in the Wild: Pegasus and Nation-State Level Attacks
This briefing will take an in-depth look at the technical capabilities of mobile attacks that are being leveraged against real targets for the purpose of espionage. We will focus on Pegasus, a lawful intercept product, and the features and exploit chain it used. We will describe how we discovered and tracked the developer’s infrastructure prior to the attack, and how we later caught a sample of the elusive malcode being used against a prominent human rights defender.
youtube: https://www.youtube.com/watch?v=Y6e_ctKqSqM&list=TLPQMDExMTIwMjPFzT6vDSW5Ng&index=2
📡 t.me/HackLabel
This briefing will take an in-depth look at the technical capabilities of mobile attacks that are being leveraged against real targets for the purpose of espionage. We will focus on Pegasus, a lawful intercept product, and the features and exploit chain it used. We will describe how we discovered and tracked the developer’s infrastructure prior to the attack, and how we later caught a sample of the elusive malcode being used against a prominent human rights defender.
youtube: https://www.youtube.com/watch?v=Y6e_ctKqSqM&list=TLPQMDExMTIwMjPFzT6vDSW5Ng&index=2
📡 t.me/HackLabel
YouTube
Mobile Espionage in the Wild: Pegasus and Nation-State Level Attacks
This briefing will take an in-depth look at the technical capabilities of mobile attacks that are being leveraged against real targets for the purpose of espionage. We will focus on Pegasus, a lawful intercept product, and the features and exploit chain it…
👍1