Vault 7: CIA Hacking Tools Revealed
Releases ▼ (../index.html) Documents ▼ (index.html)
Navigation:
Directory Departments / Branches / Groups
Embedded Development Branch (EDB) (space_753667.html)
USB Emulation Evaluation (page_20873528.html)
2014-01-09 Retrospective for SparrowHawk 2.0 orig (page_7995763.html)
Hive (page_5341256.html) empty
Pterodactyl Tips (page_2064613.html)
SQRL (page_524393.html) 2013-04-16 - Meeting Notes (page_524311.html)
EDB Home (page_524301.html) incomplete
Virtualized Development / Test Environment (page_3375474.html)
How-To Articles (page_9535828.html)
EFI/UEFI Information (page_26968080.html)
EFI Program Testing Considerations (page_29851664.html)
Setting Up a Linux Build Environment for EFI (page_27262984.html)
ExitBootServices Hooking (page_36896783.html)
Active EFI/UEFI Projects (page_26968082.html)
EFI Basics: NVRAM Variables (page_26968084.html)
EDK2 Compiler Information and CI Concerns (page_27721733.html)
Cross-compile for Linux/TILE-GX (page_22642706.html)
Use the EDB Domain Server on DEVLAN (page_9535829.html)
Building PolarSSL for Solaris x86 and SPARC (page_13763116.html)
Create a Solaris Boot Server for a Subnetwork (page_11628869.html)
Use the Solaris Automated Install Server (page_11628618.html)
Enable debug output on PolarSSL (page_13763104.html)
Triage SOHO device (page_42991653.html)
Projects (page_524313.html) DerStarke (page_3375125.html)
Updating DerStarke v1.4 to Yosemite (page_12353573.html)
Creating new Unlock files future firmwares (page_9535555.html)
DerStarke 2.0 (page_13763800.html)
YarnBall (page_3375460.html)
SnowyOwl (page_29229088.html)
HarpyEagle (page_14588150.html)
Airport Extreme and Time Capsule Port Analysis (page_15728902.html)
Test Infrastructure (page_17072220.html)
Facedancer21 UserGuide (Linux) (page_20873552.html)
Airport Utility Analysis (page_15728654.html)
Firmware Reverse Engineering (page_15728683.html)
GZBoot Assembly Program Flow (page_22052902.html)
USB Emulation Evaluation (page_20873532.html)
GreenPacket (page_9535526.html)
Generic_Filter compile defines (page_9536030.html)
Release Files (page_9535899.html)
File Lists (page_9535529.html)
Transfering files to/from GreenPacket (page_9535920.html) Python Scripts (page_9535551.html)
HTTP Proxy (page_9535552.html)
PCAP List (page_9535530.html)
QuarkMatter (page_21561431.html)
Weeping Angel (Extending) Engineering Notes (page_12353643.html)
Weeping Angel -- Things you might do (page_13762801.html)
Detailed Notes regarding Samsung F8000 Smart TV networking (page_13205592.html)
Weeping Angel DR | Approach and Developer Testing Notes (page_13205617.html)
Network Related Strings in EXTENDING | Building a WiFi interface watchdog (page_13205615.html)
Weeping Angel Research Ideas & Next Steps (page_13762785.html)
Weeping Angel Testing Ideas (page_13205608.html)
Weeping Angel Time Research (page_13762682.html) SECRET
SOLDER- DS&T Exploration Fund (EF 1617), A Mesh Networking Development Proposal (page_36405256.html)
Pterodactyl (page_1179700.html)
Cotton Candy (page_3375278.html) sontaran (page_524426.html)
Sontaran Status Update 1 (page_2621481.html) SECRET
Status Update 2 (page_3375260.html) SECRET
Gyrfalcon (page_9535842.html) CRUCIBLE (page_46399499.html)
Hive (page_7995396.html)
Sparrowhawk (page_524321.html)
MaddeningWhispers (page_11628893.html)
BaldEagle (page_9535850.html)
Bee Sting - Proxy with iFrame injection (page_11629027.html)
Development Devices and Hosts (page_3375401.html)
Working with MikroTik RouterOS 6.X (page_44957707.html)
IBM AIX Power7 740 PowerPC PPC 64-bit (page_44957710.html)
Mission and Vision Statement (page_524308.html)
Meeting Notes (page_524310.html)
2014-10-23 Branch Direction Meeting notes (page_13763790.html)
Future Project Ideas (page_3375431.html)
Embedded Devices Order Status (page_3375248.html)
Retrospectives (page_7995762.html)
2014-01-09 Retrospective for Sparrowhawk (page_7995785.html)
Product Requirements (page_1179685.html)
Pterodactyl Requirements (page_1179686.html)
Personnel (page_524306.html) Small Routers (page_11628738.html)
Remote Development Branch (RDB) (space_753668.html)
Personnel (page_2621658.html)
RDB Home (page_524348.html)
Personnel (page_524361.html)
Including 3rd party python libraries for DART remote testing (page_15728808.html)
Mission and Vision Statement (page_524357.html)
Umbrage (page_2621751.html) empty
PIQUE Assessments (page_14587718.html) empty
Hacking Team Source Dump Map (page_22642800.html)
Component Library (page_2621753.html)
Data Collection (page_3375169.html)
Webcam Capture (page_3375226.html)
Windows API Keyloggers (page_3375215.html)
DirectInput Keylogger (page_3375220.html)
SetWindowsHookEx WH_KEYBOARD and WH_KEYBOARD_LL Key Logger (page_3375222.html)
Internet Explorer Password Collection (page_3375171.html)
Privilege Escalation (page_3375229.html)
Elevated COM Object UAC Bypass (WIN 7) (page_3375231.html) Data Destruction (page_2621849.html)
Wiped Locked Files (page_3375106.html)
Persistence (page_2621841.html)
Image File Execution Options (page_2621770.html)
Windows FAX DLL Injection (page_2621760.html)
Shell Extension Persistence (page_2621765.html)
OCI.DLL Service Persistence (page_2621767.html)
VBR Persistence (page_9535670.html)
Kernel Land (page_7995517.html)
Kernel to User land: APC injection (page_7995519.html)
PSP/Debugger/RE Avoidance (page_2621845.html)
Run Out The Clock (PSP Avoidance) (page_3375582.html)
Anti-Sandboxing: Wait for Mouse Click (page_2621847.html)
Process Hollowing (page_3375167.html)
Debug Print Debugger Detection (page_2621828.html)
API Memcpy (page_2621772.html)
MBR File Handle (page_2621757.html)
Stealth (page_3375325.html)
DLL Injection using SetWindowsHookEx (page_3375332.html) CreateRemoteThread DLL Injection (page_3375330.html)
Kaspersky "heapgrd" DLL Inject (page_3375327.html)
ShoulderSurfer (page_524353.html)
Reforge (page_9535630.html)
Reforge bytecode specification (page_9535822.html)
Archive Grammer notes (page_11629013.html)
Projects (page_2621680.html)
Operational Support Branch (OSB) (space_1736706.html)
Duqu 2.0 Kaspersky Write-Up (page_17760498.html)
Time Stomper (page_15729432.html) empty
Munge Payload (page_15729430.html) empty
Fight Club (page_15729428.html) empty
Rain Maker Temp User Guide (page_15729171.html)
Rain Maker Version Archive (page_15729107.html) empty
System Monitoring and Manipulation (page_13763366.html) SECRET
Dancefloor - Linux (page_4849817.html) empty
Jukebox - Mac (page_4849815.html) empty
Bartender - Windows (page_4849813.html) empty
Margarita v1.6 User Guide (page_2064603.html) OSBTest (page_1179759.html)
OSB Home (page_1179757.html)
Retrospectives (page_52920342.html)
Personnel (page_2621660.html)
Mission and Vision Statement (page_2621683.html) empty
New Developer Exercises (page_11629033.html) SECRET
3. Visual Studio (page_11629039.html) SECRET
10. Verbiage and Acronyms (page_13205641.html) SECRET
11. Issues and Documentation (page_16385435.html) SECRET
12. Bonus: Capture The Flag (page_16385438.html) SECRET
2. Source Control (page_11629037.html) SECRET
OSB Workflow In Git (page_13205694.html)
9. Tradecraft (page_11629053.html)
8. Bamboo And Dart (page_11629050.html) SECRET
4. Introduction to Win32 Programming. (page_11629041.html) SECRET
5. Win32 Programming Gotchas (page_11629043.html) SECRET
6. Basic Forensics (page_11629046.html) SECRET
7. The Art of Unit Tests (page_11629048.html) SECRET
1. Setting Up Your Development Environment. (page_11629035.html) SECRET OSB's ESXi Server (page_13763491.html)
Shellterm 2.10 Test Server (page_17760555.html) SECRET
Shellterm v3.0.1 Test Server (page_17760564.html) SECRET
2015 Top bits (page_23134361.html)
Payload Deployment Unit Tests Issue Tracker (page_14588332.html) SECRET
Projects (page_2621693.html)
HyenasHurdle BSOD (page_17072478.html)
Flash Bang (page_16384077.html) SECRET
Flash Bang Supporting Documents (page_16384081.html) empty
Flash Bang v1.1 (Current Version) (page_16384212.html) SECRET
Flash Bang Archived Versions (page_16384079.html) empty
Flash Bang v1.0 (page_16384083.html) SECRET
Magical Mutt (page_51183635.html) SECRET
Magical Mutt v1.0 (page_51183653.html) SECRET
Magical Mutt v1.0 Sprint 2 Retrospective 2016-02-24 (page_52920343.html)
Magical Mutt v1.0 Sprint 1 Retrospective 2016-02-16 (page_51183631.html)
Melomy DriveIn (page_16385063.html) SECRET
Melomy DriveIn v1.0 (page_16385073.html) SECRET
RickyBobby (page_15728810.html) SECRET RickyBobby Automated Testing (page_15728863.html)
Fight Club (page_15729451.html) SECRET
Fight Club Archived Versions (page_15729454.html) empty
Fight Club v1.0 (page_15729461.html) SECRET
Fight Club Supporting Documents (page_15729457.html) empty
Fight Club v1.1 (Current Version) (page_16385046.html) SECRET
Taxman (page_7995725.html)
Rain Maker (page_15728775.html) SECRET
Rain Maker Supporting Documents (page_15728832.html)
Rain Maker v1.0 Developer Notes (page_15729220.html) SECRET
Rain Maker v1.0 User Guide (page_15729131.html)
Rain Maker v1.0 Unclassified User Guide (page_15729236.html)
Rain Maker v1.0 (Current Version) (page_15729066.html) SECRET
Rain Maker Archived Versions (page_15728829.html)
Improvise (page_4849785.html)
User Guide (page_8847390.html) empty
Developer Guide (page_8847392.html) empty
Basic Bit (page_20251016.html) SECRET
Basic Bit v1.1 (page_51183648.html) SECRET Basic Bit Archived Versions (page_51183641.html)
Basic Bit v1.0 (page_20251018.html) SECRET
ConnectifyMe Research (page_16385111.html) SECRET
Fine Dining (page_20251096.html)
Fine Dining (Case Officer Toolset) Concepts (page_20251099.html)
Infector Config XML Schema (page_45940748.html)
Fine Dining Tool Module Lists (page_20251107.html)
Thunderbird Portable DLL Hijack (page_27263015.html)
Chrome Portable DLL Hijack (page_27492385.html)
LBreakout2 Game Portable DLL Hijack (page_27721750.html)
2048 Game DLL Hijack (page_27721747.html)
FoxitReader Portable DLL Hijack (page_27263006.html)
Sophos Virus Removal Tool DLL Hijack (page_27263043.html)
Kaspersky TDSS Killer Portable DLL Hijack (page_27492393.html)
ClamWin Portable DLL Hijack (page_27262995.html)
Iperius Backup DLL Hijack (page_27263039.html)
OperaMail DLL Hijack (page_27492415.html)
Sandisk Secure Access v2 DLL Hijack (page_27721754.html)
LibreOffice Portable DLL Hijack (page_27492410.html) BabelPad Portable Hijack (page_27263025.html)
Notepad++ DLL Hijack (page_26968090.html)
McAfee Stinger Portable DLL Hijack (page_27492400.html)
Skype Portable DLL Hijack (page_27492396.html)
Opera Portable DLL Hijack (page_27263030.html)
Fine Dining Process, Training, and Approval (page_20251105.html) empty
HammerDrill v2.0 (page_17072172.html) SECRET
HammerDrill v2.0 Developer Notes (page_17072186.html) SECRET
How-to articles (page_13762999.html)
Doxygen Documentation (page_17072139.html)
OSB Passwords (page_14587529.html) SECRET
Helpful Tools (page_15729436.html)
Time Stomper (page_15729502.html) SECRET
Munge Payload (page_16384996.html) SECRET
Error Munger (page_16384988.html) SECRET
Mobile Development Branch (MDB) (space_3276804.html)
MDB Home (page_2621631.html)
Projects (page_2621654.html) empty
Tomahawk (page_11628760.html) Personnel (page_2621650.html)
Mission and Vision Statement (page_2621652.html)
Automated Implant Branch (AIB) (space_3276805.html)
Frog Prince Releases (page_22052944.html)
User Guide (page_13763830.html) empty
Grasshopper Requirements (page_12353654.html)
Tools (page_3375536.html) empty
AIB Home (page_2621633.html)
Personnel (page_2621636.html)
Mission and Vision Statement (page_2621639.html) empty
Projects (page_2621641.html)
CandyMountain (page_16384638.html) empty
CandyMountain Releases (page_16384639.html)
Grasshopper (page_12353652.html) empty
Grasshopper Design (page_12353656.html)
Grasshopper OS/PSP Characterization (page_14587218.html)
Grasshopper Developer Guide (page_17072532.html)
Grasshopper Releases (page_12353659.html)
Grasshopper Persistence Techniques (page_51478543.html) MagicVikings (page_14587523.html) empty
MagicVikings Releases (page_14587524.html)
AntHill (page_3375538.html)
AntHill 2.0 (page_23134221.html)
Galleon (page_13205631.html)
The Seven Seas Transport (page_13205635.html)
Assassin (page_12353661.html) empty
Assassin Design (page_12353663.html) empty
Assassin Releases (page_12353668.html)
HercBeetle (page_17760570.html)
Frog Prince (page_13763509.html)
Frog Prince Execute Command Test (page_13763571.html)
Frog Prince Set Command (page_13763596.html)
Frog Prince Put Command Test (page_13763538.html)
Frog Prince Install Test (page_13763523.html)
Frog Prince Memory Load Command (page_13763575.html)
Frog Prince Get Command Test (page_13763535.html)
Frog Prince De-Install Tests (page_13763526.html)
Frog Prince Memory Unload Command (page_13763578.html) Hornet (page_18382864.html) empty
Hornet Releases (page_18382865.html)
The Gibson (page_9535963.html)
Queue (page_9535972.html)
Queue Tar File Format (page_9535978.html)
Queue Proxy (page_9535968.html)
Proxy JSON Outputs (page_9536015.html)
Cascade (page_7995598.html)
MacAfee Virus Scan blocking injection into svchost (page_11628714.html)
ESET firewall blocking for udp, tcp, and icmp (page_11628710.html)
Caterpillar (page_9535855.html)
Post Processor Redesign (page_16384268.html)
Caterpillar Releases (page_13205520.html)
Test PCAPs (page_16385222.html)
Project Requirements (page_9536011.html) empty
Medusa v2.0 (page_9536013.html) empty
Port Existing Collide-Compatible Tasker to Generic Python Application (page_9536021.html)
File lists (page_12353658.html)
Product Requirements (page_9536020.html) Network Devices Branch (NDB) (space_15204355.html)
asdf (page_17072554.html) empty
DNS Checkin - BIND (page_17072307.html)
Perseus Testing Status (page_16385364.html)
JIRA reports (page_16385363.html)
vSphere Web Client Slow to Open Consoles (page_16384391.html)
VMware - Workaround for OVF Deployment Failed (page_16384261.html)
Configure Wireshark on Ubuntu (page_15728950.html)
test (page_14588638.html) empty
User #71462's Task List (page_14588502.html)
What is User #71490's nickname going to be? (page_14588483.html)
Decision log (page_14588482.html)
NetApp FAS2552 Layout (page_14588170.html)
File lists (page_14588169.html)
Network Devices Branch (page_14587805.html)
Meeting notes (page_15728824.html)
Archive (page_16384599.html) empty
Test Range Notes (page_15729041.html)
PackGen Issue with 32-bit Libraries (page_17760672.html) [Xetron] Create new NDB custom JIRA project (page_16385235.html)
Cloning a VM Checklist - Linux (page_15728952.html)
Install Fluxwire v2.3 (page_15729326.html)
COG ICON VM Modifications (page_17072354.html)
New Test Preparation Checklist (page_16384011.html)
Listening Post (LP) Creation (page_17760568.html)
NS1 - DNS (BIND) Server (page_15729043.html)
NS2 - DNS (BIND) Server (page_15729266.html)
Setup Ubuntu Web Server for HTTPS (page_15729311.html)
RSPAN with VMware (page_16384007.html)
How to Create a New swindle.crt file for Blot (page_17760679.html) [Xetron]
CentOS 6.6 VM (Blot) (page_17760436.html)
Ubuntu Base VM Configuration (page_15729106.html)
CT - ICON1 (page_15729046.html)
Tool Quick Start Guides (page_16384601.html) empty
Windex 5.3 (page_49414161.html)
Chimay Red, TinyShell, and BusyBox Quick Start Guide (page_16384604.html)
NDB Test Range Task Report (page_16385344.html)
Lab Infrastructure (page_14587810.html) Obselete VMs - Pruned from Inventory (page_14588371.html)
VMware Servers (page_14587831.html)
Console Servers (page_14587820.html)
NDB Lab SAN Switch Port Mapping (page_14588734.html)
Lab Demonstrations (page_14587860.html)
Push-up Tracker (page_16385149.html)
Operations/Testing (page_14588814.html)
Cannoli v2.0 (page_42762242.html)
JQJPRIZE - ASUS AC68U (page_48398338.html)
cppcheck analysis (page_42762245.html)
JQJCALIBAR - ZXHN-F660 (page_52920322.html)
JQJSLASHER (page_20873390.html)
JQJSlasher - Ops Testing (page_20873397.html)
JQJDRAGONSEED - Earl Grey (page_28049426.html)
Earl Grey v1.0.2 cppcheck analysis (page_28377109.html)
Earl Grey Testing (page_28049430.html)
JQJTHRESHER (page_15728825.html)
Aquaman-5h HG 3.3.1 - Full Test (page_16384727.html) [Xetron]
JQJTHRESHER Command Notes (page_15729228.html) Aquaman-5h Test Notes (page_15728967.html) TOP SECRET [Xetron]
Aquaman-5h-Without-Snooping Test Notes (page_16384369.html) [Xetron]
New Operation Requirements (page_14588816.html)
JQJSTEPCHILD (page_18383044.html) empty
JQJSTEPCHILD - Op2 (page_18383036.html)
JQJSTEPCHILD - Op1 (page_18383046.html)
Perseus (page_16384510.html) empty
Perseus 1.1.0b1 (Beta 1) (page_19660819.html)
Perseus 1.1.0b1 Mikrotik RB450G - Test 2 Notes (page_16385338.html)
Perseus 1.1.0b1 Mikrotik RB493G - Test 1 Notes (page_16384512.html)
Perseus 1.1.0 (page_19660823.html)
DUT5 - x86 VM - Notes (page_20251241.html)
DUT2 - RB450G - General Info (page_20250778.html)
Baseline Resource Measurements (page_20250850.html)
Test Notes (page_20250857.html)
DUT4 - RB1100AH - v1.1.0 Notes (page_20251203.html)
DUT1 - RB493G - Notes (page_19660859.html)
DUT3 - RB450G - Long Term Test (page_20250630.html)
Perseus 1.3.0 (page_50331656.html) empty DUT6 - RB800 - v1.3.0 Notes (page_50495490.html)
Perseus 1.2.0 (page_30113807.html)
DUT6 - RB800 - v1.2.0 Notes (page_30113829.html)
DUT4 - RB1100AH - v1.2.0 Notes (page_30113813.html)
MikroTik (page_28049428.html)
MikroTik Hotspot / Paywall Analysis (page_28049422.html)
JQJSECONDCUT (page_17760462.html)
Cinnamon 5.0.1 cppcheck analysis (page_20873235.html)
Cinnamon Cisco881 Testing (page_17760464.html) [Xetron]
Bumble (page_18382911.html)
Bumble - Device Configuration (page_18382915.html)
Bumble 3.1 Test Notes (page_31227911.html)
Config Explanation (page_21725191.html)
HP CLI Cheatsheet (page_20251073.html)
Bumble 3.2.1 Test Notes (page_45940750.html)
Bumble Test Timeline (page_18382913.html)
Bumble 3.0.0/3.1Beta Test Notes (page_23134282.html)
HP MSR Performance Baseline (page_31227914.html) empty
JQJFIRESHOT (page_25788427.html) empty BuzFuz Testing (page_27492367.html)
Testing Notes (page_25788461.html)
JQJHAIRPIECE (page_20250770.html)
JQJHAIRPIECE - HG Testing (page_22052988.html) [Xetron]
JQJHAIRPIECE - ROCEM TESTING (page_20250772.html) [Xetron]
JQJDISRUPT - WAG200G (page_37945350.html)
JQJADVERSE (page_17760325.html)
Powerman-1r Testing (page_17760327.html) [Xetron]
HG v3.1.3-Adverse-01 Testing (page_23134373.html) [Xetron]
ROCEM v1.2-Adverse-1r Testing (page_24969226.html) [Xetron]
Felix (page_35389448.html) empty
Felix v1.0 Test Notes (page_35389450.html)
Felix Automation Test Coverage (page_47382533.html)
Build Felix LP (page_52625416.html)
Felix 1.1 Test Notes - MikroTik MIPS-BE (page_49610756.html)
Cytolysis (page_29851650.html) [Xetron]
Cytolysis CONOP Notes (page_33685521.html) [Xetron]
Cytolysis-1h HG v3.1.6 Delivery (page_43941900.html)
Cytolysis-1h Testing (page_29851652.html) [Xetron] Cytolysis-1h HG v3.1.6 Test Plan (page_43941902.html) [Xetron]
Felix v1.0 (page_31227906.html)
Test Range Infrastructure (page_14588163.html)
Network (page_15368210.html) empty
VTP Configuration (page_14588695.html)
Training (page_17760490.html) empty
HunGrrr Training (page_17760492.html)
Storage (page_15368213.html) empty
NetApp FAS2552 Layout (page_14588176.html)
NetApp Build Document (page_14588511.html)
Test Range NetApp Licenses (page_14588160.html)
Servers (page_15368208.html) empty
Active Directory / DHCP / DNS (page_15368204.html)
Authenticate vCenter with AD (page_14588624.html)
RANCID - Test Range (page_16384248.html)
vRealize Orchestrator (page_17072239.html)
Solarwinds (page_16384653.html)
AAA Server (page_16384717.html)
vRealize Operations Manager (page_17072237.html) IXIA (page_16384649.html)
Lab Notes (page_14588014.html)
Asterisk Service Run Level (page_15728704.html)
BIND (DNS) Server (page_14588524.html)
PowerShell Notes (page_14588201.html)
Configure SNMP for ESXi (page_14588532.html)
Ubuntu Server VM Template Creation Checklist (page_14588156.html)
RANCID - NDB Lab (page_14588019.html)
How-to articles (page_16384603.html)
TC Qdisk network delay (page_31227920.html)
Setup Fluxwire v3.3 (page_17072174.html)
SOHO Triage (page_16385241.html)
Add vCenter Tester Account With Limited Permissions (page_35061778.html)
Install ia32-libs on Debian 8.1 (page_20250820.html)
Technical Advisory Council (TAC) (space_15204361.html)
Technical Advisory Council (TAC) (page_14588798.html)
Discussion Corner (page_14588806.html)
What did Equation do wrong, and how can we avoid doing the same? (page_14588809.html)
Maslow's Hierarchy of Code Review (page_15368262.html) Meeting Minutes (page_14588804.html) empty
Charter (page_14588800.html) empty
Topics (page_14588802.html) empty
CCI Europe Engineering (space_20807681.html)
CCI Europe Engineering (page_20251151.html)
EDG Familiarization TDY (page_26607630.html)
Projects
JQJHENDRICK (space_9076737.html)
JQJHENDRICK (page_8847375.html)
JQJHENDRICK Home (page_8847374.html)
Improvise (space_9076739.html)
IMPROVISE (page_8847403.html)
2. User Guide (page_8847412.html) empty
1. Project Status (page_8847416.html) empty
3. Developer Guide (page_8847414.html) empty
IMPROVISE Home (page_8847402.html)
GreenPacket (space_9797633.html)
HTTP (page_9535532.html)
HTTP Tunnel (page_9535531.html) GreenPacket Home (page_9535525.html)
AfterMidnight (space_11763716.html)
AfterMidnight (page_11628743.html)
My First Gremlin (page_11628940.html)
Deployment Interface (page_11629072.html)
Gremlin Interface (page_11628747.html)
Tools Overview (page_11628752.html)
Test Overview (page_11628754.html)
Developer Instructions (page_11628756.html)
Master Interface (page_11628750.html)
AfterMidnight Home (page_11628742.html)
Packrat (space_11763717.html)
Packrat Documentation Home (page_11628774.html)
About Packrat (page_11628788.html)
Developer Quickstart (page_11628824.html)
Ansible Playbooks (page_11628853.html) empty
Baseline Hardened OS (page_11628840.html)
Packer Configurations (page_11628814.html)
RoidRage (space_11763718.html) RoidRage (page_15729003.html)
Uninstalling (page_20250829.html)
Getting started (page_11628944.html)
Making a template (page_11628945.html)
RoidRage (page_11628943.html)
RoidRage Home (page_11628942.html)
Cocoon (space_14385154.html)
Cocoon (page_13763707.html)
New Metaconnection Protocol Commands (page_14587663.html)
The.Net (page_13763911.html)
The.Net Node Statuses (page_14588754.html)
tinc (page_13763714.html)
tinc Security (page_13763743.html)
tinc Networking (page_13763739.html)
tinc Connectivity (page_13763737.html)
tinc by example (page_13763718.html)
tinc Protocol List (page_13763769.html)
tinc Protocol (page_13763741.html)
Building tinc on Linux (page_13763749.html) Pupa Configurations (page_13763937.html)
Cacoon Home (page_13763706.html)
Philosoraptor (space_15204353.html)
Philosoraptor Home (page_14587339.html)
Retrospectives (page_14587517.html)
Sprint 1 Retrospective (page_14587518.html)
Documentation (page_14587543.html)
Developer Guide (page_14587561.html)
Tool Pedigree (page_14587566.html)
User Guide (page_14587551.html)
Current Build Status (page_14587365.html)
Meeting notes (page_14587355.html)
2014-12-01 Meeting notes (page_14587356.html)
Sprint 2 Retrospective (page_14587673.html)
Marble Framework (space_15204359.html)
Marble Framework Home (page_14588467.html) SECRET
Setting Up Marble Manually (page_16384859.html) SECRET
Marble Descriptions (page_16384862.html) SECRET
Component Diagram and Description (page_16384855.html) SECRET Setting Up Marble With The EDG Project Wizard (page_16384857.html) SECRET
Kraken (space_31653889.html)
kraken Home (page_31522822.html)
Testing (page_41648146.html)
Research (page_42205204.html)
Unit test Project Setup (page_42762251.html)
Project Overview (page_31522827.html)
Not Used Retrospectives (page_33521668.html)
Database (page_39714844.html)
LP Configuration (page_54493189.html)
2015-11-23 Retrospective (page_35880964.html)
2016-02-01 Retrospective (page_48594954.html)
Infrastructure (page_31883288.html)
Development VMs (page_31883291.html)
2016-01-11 Retrospective (page_43941898.html)
2015-12-07 Retrospective (page_37945360.html)
Retrospectives (page_33685541.html)
2015-12-29 Retrospective (page_41943047.html)
2016-02-16 Retrospective (page_51183626.html) 2015-11-09 Retrospective (page_33685542.html)
Tremor (space_39059457.html)
TREMOR_Docs (page_38862858.html)
Tremor Weekly Report (page_38862862.html)
2015-12-11 Meeting notes (page_38862876.html)
Getting started (page_38862859.html)
Making a template (page_38862860.html)
Meeting notes (page_38862875.html)
File lists (page_38862871.html)
TREMOR Archive (page_38862872.html)
Operating Systems / Platforms
iOS (space_2359301.html)
HACKME (page_13762833.html)
iOS (page_2064548.html)
Analyzing a New Shared Cache With PensiveTrace 1.5.1 (page_23134293.html)
NGINX proxy/redirector (page_14587296.html)
ARM64 Addressing Modes (page_53215243.html)
NightSkies/Mcnugget iOS version support matrix (page_10453042.html)
Device Out of Space? (page_34832403.html) iOS Builds (page_16384313.html)
Hamr Testing With WildTurkey (page_29032469.html)
Reflash Device Procedure (page_7995682.html) TOP SECRET
Reflash Log (page_7995684.html) CONFIDENTIAL
Reflash iOS Device (page_7995702.html) iOS Exploits (page_13205587.html) [NSA] [FBI] [GCHQ] [MI5]
Ghidra (page_9536070.html)
DTO Logging (page_7995708.html)
Captive Portal (page_22052981.html)
SOT RAM Size Per Model (page_39550984.html)
Pairing Records (page_13762948.html)
SMG (page_26345496.html)
Rebooter Testing Herd (page_44269605.html)
How-to articles (page_17760517.html)
iOS Debugging (page_20251048.html)
Create New Repository (Project) (page_20250971.html)
Workshops (page_14588064.html)
TRICLOPS FALL 2014 (page_14588066.html)
Workshop Stuff (page_14588270.html) (TS//SI//REL US, UK, CAN) TRICLOPS Summer 2015 - Ottawa (page_24969246.html)
Design Notes (page_7995409.html)
Bootstrapper (FURTIVESYRINGE) Design (page_49119259.html)
Devices On Loan (page_13763863.html) iPad Air 2 and iPhone 4 Devices (page_33685523.html)
File Lists (page_2064552.html)
Releases (page_2064553.html)
Binary Verifier (page_9536072.html)
IOS cc_fips_test cleanup (page_27263020.html) iOS relay and web inspector (page_11628733.html)
MDF Issues (page_35618818.html) iOS Developer Setup Guide - New Developers Click Here (page_7995412.html)
iOS Development Process (page_20251003.html)
Building Nightskies (crunchylimeskies) (page_9535718.html)
Tips & Tricks (page_11629111.html)
Random bits of knowledge (page_13762936.html)
Generating and Installing Provisioning Profiles for Xcode (page_13762573.html)
DRBOOM (page_16384967.html)
End to End Nightskies 3.x Install with Poseidon (page_15729001.html) iOS Team Acronyms and Terms (page_20250978.html) SECRET
Development Resources (page_13762713.html)
PyPi (page_32145443.html)
Homebrew (page_13762905.html) iOS Servers (page_15368230.html)
Tools / Software Transfer Procedure (page_22642759.html) iOS Triage Process (page_17760518.html)
Notes from iOS 8.4.1 Triage (page_20251051.html)
iOS Firmware Updating to latest procedure / Adding Exploit Support For New Devices (page_13763133.html)
Software Licenses (page_25264134.html)
Sublime License (page_9535650.html)
Omnigraffle License Keys (page_25264141.html)
SoT v 1.1 Tests (page_44269576.html)
SOL v 1.1 Test Results (page_44269581.html)
MCNUGGET (page_12353696.html)
Mcnugget 3 QuickRef (page_13762586.html)
Mcnugget Test Checklist (page_13762594.html)
EVE_EARTH String Obfuscation (page_14587373.html)
pycrypto (page_13205603.html) Testing Different Network Connectivity States Using Network Link Conditioner (page_14587209.html)
Research (page_25264138.html) empty
iOS 9 Research (page_17760527.html)
IOKit (page_7995672.html)
Unactivated Device Exploit Research (page_46399517.html)
iOS 8 Research (page_11629112.html)
Reverse Engineering (page_24281099.html)
User Agent samples (page_14587257.html)
Interesting Files on Devices (page_22052966.html)
MacOS X (space_3506183.html)
Ghidra 6.0.10 on OSX/El Capitan (page_23593064.html)
Nope (page_3375387.html)
Mach-O Symbol and Entitlement Tools (page_22642757.html)
OS X Security Product Paths (page_7995729.html)
Enabling OS X Updates on Devlan (page_38633491.html)
Making Make Suck Less (page_16385140.html)
Mac OS Kernel Debugging (page_17760389.html)
Why POSIX Daemonization is Complicated (page_33128479.html)
OS X Kext Development Tips (page_17760468.html) OS X NetInstall Images (page_23134352.html)
Mac (space_9797636.html)
Mac Development (page_9535748.html)
How-To Articles (page_9535753.html)
Write to protected directories by using filenames in rootless_whitelist (page_46628894.html)
Troubleshooting articles (page_23593136.html)
SDK-Based Development (page_9535754.html)
VMWare Fusion Keys (page_13762756.html)
OSX 10.11 El Capitan Changes (page_23593137.html)
Mac Development Home (page_9535747.html)
Android (space_11763721.html)
Android (page_11629089.html)
General Android Info, Tips and Tricks (page_28049443.html) empty
adb shell commands (page_15729203.html)
Android USB reverse tethering (page_13762950.html)
selinux (page_17072543.html)
Installing APK (page_13763559.html)
Hamrtoe Test Harness (page_41648137.html)
MDB Coding Convesions (page_28049416.html) empty Python Coding Conventions (page_26345508.html)
C Coding Conventions (page_26607644.html)
Lab Configuration (page_20251175.html)
Simulating Packet Delay / Dropped Packets (page_22052974.html)
NGinx Redirector Configuration (page_22052952.html)
Getting started (page_11629090.html)
Making a template (page_11629091.html)
RoidRage (page_28049413.html)
RoidRage Bootstrap Methods (page_28049453.html)
RoidRage Debuggerd Startup (kitkat) (page_28049455.html)
Sysmon Startup Method (page_28049459.html)
RoidRage Debuggerd Startup (ICS/JB) (page_28049457.html)
Anger Management / RoidRage ICD (page_26345504.html)
Droid Bamboo Agent (page_42991650.html)
Mobile Tiger MDB (page_52002821.html)
Remote Debugging Chrome On Android (page_30900234.html)
AngerManagement (page_18382897.html)
AngerManagement_Legacy (page_15728936.html)
AMSupported (page_22642803.html) Compiling Busybox for android (page_50036745.html)
Operations Support (page_15728800.html)
JQJGUNSHY: Samsung Galaxy Tab 2 GT-P3100 (page_15729036.html)
HeliosYolo (page_16384123.html)
JQJGUNSHY: how to build tools (page_15728892.html)
Current Ops Requests (page_34832386.html)
Android Exploits and Techniques (page_11629096.html) [NSA] [FBI] [GCHQ] [MI5]
Cobalt (redacted.html)
Remote Code Execution (RCE) Exploits - Helios (redacted.html)
Flameskimmer (FS2) Porting (redacted.html)
BaronSamedi (redacted.html)
Chronos (redacted.html)
Spottsroide Development Setup (page_30474252.html)
New Developers Guide for MDB (page_20873357.html)
How-to articles (page_16384122.html)
Configuring the Font for the sidebar in Sublime (page_49610754.html)
Android Developer Setup (page_13762898.html)
MDB DNS Entries (page_35880967.html)
Using Poseidon and the NSX LP (used for NightSkies and RoidRage) (page_23134238.html) Android Home (page_11629088.html)
Linux (space_16941058.html)
Linux Home (page_16384678.html)
How-to articles (page_18382872.html)
SSH PortForwarding (page_16384684.html)
Key-Based SSH Login (page_16384682.html)
Install WANem to hard drive (page_18382873.html)
CactiEZ Syslog Fix (page_17072145.html)
Install Ubuntu on Mac Hardware (page_36896790.html)
Wireshark on Ubuntu (page_16384719.html)
Create Squid Proxy Server (page_16384708.html)
VMware (space_17301505.html)
VMware (page_17072151.html)
Modify Web Client Timeout (page_20873388.html)
Workaround for OVF Deployment Failed (page_17072156.html)
Enable Copy/Paste for VMs (page_24674311.html)
How-to articles (page_17072153.html)
vSphere Web Client Slow to Open VM Consoles (page_17072154.html)
Development / Tools Git Distributed Version Control (space_1736707.html)
Git Distributed Version Control Home (page_1179767.html)
How-to articles (page_15728749.html)
Remove Binary Files from a Git Repository (page_41123851.html)
Use Git Submodules to Manage Libraries (page_17072477.html)
Creating an empty commit in a new project (page_18382994.html)
Merge Git Repositories? (page_15729348.html)
Convert a Mercurial Repository to Git on Windows (page_15728750.html)
Change Author Details of All Commits in a Git Repository (page_15729260.html)
Git Workflows (page_3375428.html)
Git Tutorials (page_1179771.html)
Git For Visual Studio Users (page_4849779.html)
Git Tools (page_1179775.html)
Repo (page_2621623.html)
Git Reference (page_1179933.html)
Git Tips & Tricks (page_1179773.html)
Playground (space_2359297.html)
Funny Code 2013a (page_3375301.html)
User #71474's Wiki Page (page_3375297.html) Diagram (page_2621549.html)
Git Tutorials (page_2064484.html)
Playground Home (page_2064412.html)
Testing how to make a decision (page_17072513.html)
Decision log (page_17072512.html)
2015-11-09 Retrospective (page_33685507.html)
Retrospectives (page_33685506.html)
Collaboration and Partnership (space_3276808.html)
Collaboration and Partnership Efforts (page_7995549.html)
NERDS (Networking, Engineering, Research, and Development Symposium) (page_2621788.html)
Past Presentations (page_9535799.html)
AED Development Tradecraft (space_3506177.html)
Port windows-based Medusa builder to Linux/python (page_9536004.html)
Product Requirements (page_9536003.html)
AED Development Tradecraft Home (page_3375113.html)
Development Tradecraft DOs and DON'Ts (page_14587109.html) SECRET
AED Development Workflow (page_16384316.html)
Code Review (page_16384331.html)
Delivery & Deployment (page_16384324.html) Integration & Acceptance Testing (page_16384326.html)
Project Planning (page_16384329.html)
Documentation (page_16384322.html)
Developer Testing (page_16384333.html)
Source Control (page_16384318.html)
Persistent storage option (page_31227915.html)
Specific Tradecraft Techniques (page_16384750.html)
Detecting and Bypassing Personal Security Products (PSPs) (page_7995642.html)
AVG Fake Installer Trick (page_7995646.html)
AVG Catches a Payload Dropped to Disk and Launched via Link File Well After Execution (page_14588112.html)
SECRET
Bitdefender Resource Defeat (page_7995651.html)
PSPs vs. DLL Injection (page_20873229.html) SECRET
Rising Thinks You're Signed (page_14587436.html)
F-Secure Entropy Defeat (page_7995657.html)
Comodo 6.X Gaping Hole of DOOM (page_7995653.html)
Avira Entropy Defeat (page_7995649.html)
Comodo Recycle Bin Defeat (page_7995655.html)
Anti-Sandboxing: Wait for Mouse Click (page_20873368.html)
Process Enumeration (page_52920353.html) WMI Process Watcher (page_52920355.html)
DNS Resolvers (space_3506179.html)
DNS Resolvers Home (page_3375132.html)
EDG Tools of the Trade (space_3506180.html)
EDG Tools of the Trade Home (page_3375335.html)
SourceTree (page_52625432.html)
Sublime Text (page_9535740.html)
anaconda_sublime (page_35061764.html)
DashDoc (page_48889871.html)
Make (page_13762724.html)
VMWare Fusion Professional (page_52002832.html)
010 Editor (page_13205531.html)
Compound File Binary File Format Template (Microsoft Office Word) (page_13205535.html)
SweetScape Binary Template Archive (page_13205537.html)
Link File Template (page_13205533.html)
VMware Workstation (page_39714826.html)
KMS Keys (page_46628880.html)
Docker (page_20873463.html)
Cuckoo Sandbox (page_14587086.html) Google Mock (page_4849799.html)
Vim (page_3375350.html)
Vimrc Tips (page_4849889.html)
Vim Editing Tips (page_7995535.html)
Winhex (page_52920332.html)
Ghidra (page_51183656.html)
Dia (page_16384228.html)
Visual Assist (page_47579143.html)
Google Test Library (page_4849793.html)
Incandescent Mind (page_50495524.html)
EDG Tricks of the Trade (space_3506181.html)
EDG Tricks of the Trade Home (page_3375338.html)
Creating a Winshell Test Environment (page_11628871.html)
How-To Articles (page_9535535.html)
Updating the Windows Symbol share via the Internet (page_22642765.html)
Debugging a VMWare Guest (page_14588580.html)
Grab Windows Symbols From The Share (page_14588347.html)
How-To: Configure a non-domain-joined Windows workstation to use DevLAN's WSUS (Windows Server Update Services) host (page_13762930.html)
Shell Scripting Tricks (page_17760512.html) Strings-GUI: A quick and easy way for Windows developers to examine strings, in binaries for delivery (without even launching CMD!) (page_9535536.html)
How-To: Install old versions of the .NET Framework on Windows 8.1 (page_13762919.html)
DEVLAN Resources (space_5144577.html)
Internet Relay Chat (page_4849704.html)
DEVLAN Resources (page_4849677.html)
Partial OpenBSD Mirror (page_17072429.html)
Chrome Plugins (page_13763093.html)
DEVLAN Domain Controller Certificate Authority (page_4849725.html)
Internet Relay Chat (IRC) (page_4849711.html)
Solaris Automated Install Server (page_11628723.html)
Linux Package Repository Mirrors setup (page_14587255.html)
Old Wiki (page_8847429.html)
DART (space_8224769.html)
Watch For PSP Popups (page_13763143.html)
Dart Home (page_7995431.html)
How-to articles (page_11628766.html)
Throw GoogleTest Executables Against Dart via Bamboo (Alternatively, How to Stop Testing on User #1179751’s Build Agents) (page_45383697.html)
Remote Commit to a New Tyrant Server (page_35618837.html) Run GoogleTest Executables in DART (The Easy Way) (page_45383684.html)
Manually Add a Computer to Tyrant (page_37617673.html)
How to click controls (page_14587620.html)
Get database information about VM's (or fun with db_admin) (page_14587705.html)
Check for PSP Detection (page_14587919.html)
How to click controls and send text, alternate method (page_14587626.html)
Making life less painful with PyCharm (page_11628767.html)
DART Resource Naming Standards (page_49872909.html)
Common Issues (page_7995512.html)
Client functions of DART listing (page_13763518.html)
Getting Started with DART (page_7995433.html)
How to DART your executable (page_12353689.html)
What is What in DART (page_41648131.html)
My First DART Test (page_7995476.html)
Running undermine tests in PyCharm (page_20250984.html)
Setting up new DART tester VM (Fedora 20) (page_17072509.html)
LoggedLeaf (page_14588691.html)
DART may be sporadically up and down this afternoon after 2p (page_14588818.html)
NSA Tools (space_9797635.html) NSA Tools Home (page_9535708.html)
Knowledge Base (space_11763715.html)
Bypassing Windows User Account Control (UAC) and ways of mitigation (GreyHatHacker.net - reddit.com/r/netsec) (page_14587649.html)
Modify ACL Code Snippet (System Volume Information - OSB Module) (page_13763063.html)
Removable Media Link File Execution (EVRemovableMediaLink_EZC - EZCheese) (page_13762639.html) SECRET
Test Files (page_11628642.html)
File lists (page_11628641.html)
Code Sample (page_11628608.html)
test troubleshooting article (page_11628606.html)
Testing A How-To Article (page_11628602.html)
Tech Topics and Techniques Knowledge Base (page_11628597.html)
EDG Code Libraries (page_13205556.html)
Concepts and Conventions (page_13763000.html)
Concepts: EDG Project Wizard (page_13763006.html)
Concepts: Git/Stash/Submodules (page_13763013.html)
Concepts: High Level (page_13763004.html)
Survey Library (page_13763158.html) SECRET
Re-signature Guidelines and Signature Documentation (page_14587493.html) SECRET
System Monitoring and Manipulation Library (page_13762674.html) SECRET Data Transfer Library (page_13763152.html) SECRET
Buffers Library (page_13763156.html) SECRET
Core Library (CoreLib) (page_13763406.html) SECRET
Data Packager Library (page_14587763.html) SECRET
GoogleTest (page_13205558.html)
Privilege Escalation Library (page_13763154.html) SECRET
Execution Vectors Library (page_13762590.html) SECRET
Payload Deployment Library (page_13762647.html) SECRET
Miscellaneous Library (page_13763162.html) SECRET
Persistence Library (page_13763160.html) SECRET
File Collection Library (page_13762944.html) SECRET
Troubleshooting articles (page_11628605.html)
How-to articles (page_11628601.html)
Use Visual Studio as GIT diff/merge tool (page_11628895.html)
Python (page_15728814.html)
Python List Comprehensions (page_15728817.html)
Build Python 2.7 for Shellterm (page_16384850.html)
Build Python 3.4 on Debian/Ubuntu (page_16384528.html)
Build Python 3.4 on RHEL/CentOS/Fedora (page_17760625.html) Browsers (page_22052992.html)
Firefox (page_22052996.html)
Firefox Credential Storage (page_22053003.html)
Chrome (page_22052999.html)
Chrome Credential Storage (page_22053006.html)
Microsoft Edge (page_22642733.html)
Microsoft Edge Credential Storage (page_22642735.html)
InternetExplorer (page_22052994.html)
Internet Explorer Credential Storage (page_22053001.html)
File lists (page_15729245.html)
Standards and Specifications (page_15729244.html)
CCDF Data Standard (page_15729255.html)
OXF Data Standard (page_15729253.html)
NOD Cryptographic Requirements (page_15729247.html)
Galleon Specification (page_35618828.html)
NOD Persistence Specification (page_15729252.html)
NOD In-memory Code Execution Specifications (page_15729246.html)
NOD Kernel Execution Specification (page_15729251.html)
CODEX Data Standard (page_35618833.html) AED Liaison Libraries (page_13763531.html)
Multiple Platforms (page_11628637.html)
Shellcode (page_11628639.html)
Shellcode Database (page_11628644.html)
Windows (page_11628612.html)
Windows Concepts (page_38371344.html) SECRET
Opportunistic Locks (page_38371356.html) SECRET
Interesting Microsoft Files (page_13763375.html)
Windows Theme Files (.theme) (page_13763384.html)
MUM Files (.mum) (page_14587260.html) empty
Local files (.local) (page_13763454.html) empty
PIF Files (.pif) (page_13763470.html) empty
Autorun.inf (page_13763379.html) empty
Control Panel Files (.cpl) (page_13763468.html)
Desktop.ini (page_13763377.html) empty
Windows Library Files (.library-ms) (page_13763381.html)
Manifest files (.manifest) (page_13763456.html) empty
NTFS Alternate Data Streams (ADS) (page_13763461.html)
Windows symbol server (page_16384568.html) Component Object Model (page_13763371.html)
CLSIDs and Junction Folders (Persistence and then some) (page_13763373.html) SECRET
Windows Code Snippets (page_11628873.html)
Machine Information (Windows) (page_13763631.html)
WMI in C++ via WbemScripting (page_13763881.html)
File Information (page_14587124.html)
Get File Major/Minor Version Numbers (MISCFileVersion_WIN32) (page_14587126.html) SECRET
User Information (page_13763646.html)
Verify User is in the Administrator Group via Net User API (MISCIsUserInAdminGroup_NET) (page_14587303.html) SECRET
Get Current User And Domain (MISCUserAndDomain_TOK) (page_13763648.html) SECRET
Registry Information (page_13763638.html)
Create, Delete, and Write Registry Values (MISCCreateRegistryEntries_WIN32) (page_13763644.html)
SECRET
Windows Network Adapter Information (page_11628921.html)
Windows MAC Address Whitelisting Snippet (page_11628923.html)
Update Information (Windows Updates) (page_14587265.html)
List Installed Windows Updates via WMI (MISCEnumerateUpdatesWMI_QFE) (page_14587276.html)
SECRET
List Installed Windows Updates (MISCEnumerateUpdatesCOM_OFF) (page_14587270.html) SECRET List Installed Window Updates on WSUS Connected Machines (MISCEnumerateUpdatesCOM_WSUS) (page_14587272.html) SECRET
UAC (User Account Control) (page_14587262.html)
Get User Account Control (UAC) Level (MISCUserAccountControlLevel_WIN32) (page_14587267.html)
SECRET
Drive Information (page_13763633.html)
Volume to Drive Partition (MISCGetActiveDrivePartition_IOCTL) (page_13763635.html) SECRET
File Typing (page_13763174.html)
Text File Typing - Determing Encoding (MISCTextFileTyper_ENC) (page_13763176.html) SECRET
Execution Vector Modules (KB) (page_13762636.html)
Link File Execution Utilizing .library-ms (EVLink_RVRJ - RiverJack) (redacted.html) SECRET
Link File Execution Utilizing Desktop.ini (EVLink_BOOM - Boomslang) (redacted.html) SECRET
Removable Media Link File Execution (EVRemovableMediaLink_EZC - EZCheese) (redacted.html) SECRET
Removable Media Link File Exploitation with Autorun.inf (EVRemovableMediaLink_LACH - Lachesis) (redacted.html) SECRET
Persistence Modules (KB) (page_13763650.html)
WMI Event Persistence (PSEDWMIEvent_SU - SystemUptime) (page_14587204.html) SECRET
Service Persistence (PSEDService_CF - Constant Flow) (page_14587909.html) SECRET
Group Policy Startup Script (PSEDStartupScript_LDGR - Ledger) (page_14587573.html) SECRET
Run and RunOnce Registry Key Persistence (PSEDRunKey_QW - Quick Work) (page_13763758.html) SECRET COM + Junction Folder User Persistence (PSDComJunction_HCLS - HighClass) (page_13763662.html) SECRET
Scheduled Task Persistence (PSEDSchedTask_TP - TrickPlay) (page_13763652.html) SECRET
Survey Modules (KB) (page_32374833.html)
Windows File/Folder Manipulation (page_13763168.html)
Capture and Reset File State (MISCFileStateCapture_WIN) (page_13763170.html) SECRET
Create Directory With Attributes and Create Parent Directories (MISCDirectoryCreator_NTV) (page_13763190.html) SECRET
Path Manipulation (page_13763192.html)
Relative Path Generation (MISCRelativePathGenerator_CUST) (page_13763194.html) SECRET
Windows String Manipulation Snippets (page_11628911.html)
Expanding Environment Variables Windows Snippet (page_11628913.html)
Convert to UTF-8 (String Encoding Class - MISCStringEncoder_WIN32) (page_13763166.html) SECRET
Windows Process Functions (page_11628901.html)
Windows Process List Snippets (page_11628916.html)
Windows Process Blacklist Snippet (page_11628918.html)
Windows Process Creation Snippets (page_11628903.html)
Create Process With WMI (page_11628905.html)
Use COM to Create a 32-bit Process on 64-bit Windows (MISC32Surrogate_COM) (page_13763855.html) SECRET
Payload Deployment Modules (KB) (page_13763975.html) Payload Deployment Modules: On Disk Executables (page_14587408.html)
Create Process And Choose A User To Run As Via The Task Scheduler (TaskSchedulerRun_SPKL - Speckled) (page_13763993.html) SECRET
Create Process As Current User +Admin (CreateProcessAsUser_LEP - Leopard) (page_13763985.html)
SECRET
Create Process Using Temp Directory (LoadFromDisk_GHR - Gharial) (page_14587468.html) SECRET
Create Process Using WMI (CreateProcessWMI_TIG - Tiger) (page_13763989.html) SECRET
Create Process (CreateProcess_SPF - Spadefoot) (page_13763982.html) SECRET
Create A Process Via COM Class Creation (COMLocalServerRun_SHTA - Shasta) (page_13763995.html) SECRET
Create Process And Pipe The Results (CreateProcessPipe_GHRN - Greenhorn) (page_13763987.html)
SECRET
Create Process Via ShellExecute (ShellExecute_CRS - Chorus) (page_13763991.html) SECRET
Payload Deployment Modules: In-Memory Dll Execution (page_14587413.html)
Load Library From Memory (LoadLibraryFromMemory_INTD - Intradermal) (page_14587422.html) SECRET
Load ICE Dll In-Memory (LoadICEFromMemory_INTD - Intradermal) (page_14587427.html) SECRET
Inject Dll From Memory Into A Remote Process (InjectLibraryFromMemory_NCPT - Inception) LIAISON Releasable (page_16385092.html) SECRET
Inject Fire and Forget Dll From Memory Into Remote Process (InjectFireAndForgetFromMemory_HYPD - Hypodermic) (page_14587437.html) SECRET Load Fire and Forget Dll In-Memory (LoadFireAndForgetFromMemory_INTD - Intradermal) (page_14587425.html) SECRET
Inject Dll From Memory Into A Remote Process (InjectLibraryFromMemory_HYPD - Hypodermic) (page_14587434.html) SECRET
Payload Deployment Modules: In-Memory Executables (page_14587417.html)
Payload Deployment Modules: On Disk Dll Loading (page_14587415.html)
Load Library From Disk Using Temp Directory (LoadLibraryFromDisk_CMN - Caiman) (page_14587464.html) SECRET
Windows Shortcut Files (Link Files) (page_13763180.html)
Giraffe Link Files (MISCLinkWriter_GRF) (page_13763182.html) SECRET
Data Transfer Modules (KB) (page_13763234.html)
Data Transfer Via Data File (DTFile_GLPH - GLYPH) (page_13763242.html) SECRET
Transferring Data Using NTFS Alternate Data Streams (DTNtfsAds_BK - Brutal Kangaroo) (page_13763236.html) SECRET
Transfer Data By Appending To An Existing File (DTFile_PICT - PICTOGRAM) (page_13763247.html) SECRET
Windows List Snippets (page_11628875.html)
Windows Linked List Snippet (page_11628883.html)
Windows Array List Snippet (page_11628878.html) SECRET
Windows Registry Snippets (page_11628927.html)
Searching (page_13763184.html) Memory Searching - Naive Sequence Search (MISCMemorySearch_NSS) (page_13763186.html) SECRET
Windows Access Control Snippets (page_13763061.html)
Lock and Unlock System Volume Information (MISCFolderAccessControl_SVI) (page_13763164.html) SECRET
Windows Function Hooking (page_16385270.html)
Hook Functions by Replacing References (MISCHookFunctions_RPRF_NTRN) (page_16385276.html) SECRET
Hook Functions via Export Address Table (MISCHookFunctions_EAT_NTRN) (page_17072425.html) SECRET
Hook Functions via Import Address Table (MISCHookFunctions_IAT_NTRN) (page_16385273.html) SECRET
Hook Functions via Microsoft Detours (MISCHookFunctions_DTRS) (page_17072423.html) SECRET
Privilege Escalation Modules (KB) (page_13763850.html)
Calvary UAC Bypass (PEUCalvary_x86x64) (redacted.html) SECRET
LinkedIn User Mode LPE (PEULinkedIn_x86x64) (redacted.html) SECRET
Artillery UAC Bypass (PEUArtillery_x86x64) (redacted.html) SECRET
SandWorm INF File Install (PEUSandWorm_x86x64) (redacted.html) SECRET
LinkedOut User Mode LPE (PEULinkedOut_x86x64) (redacted.html) SECRET
Vanguard LPE (redacted.html) SECRET
Junction Folders (page_13763465.html) empty
Windows Configuration and Logging Storage (page_46628873.html)
Interesting Log/Data Locations (page_46628875.html) SECRET
Exploitation Articles (page_14587644.html) UAC Bypass Articles (page_14587646.html)
Bypassing Windows User Account Control (UAC) and ways of mitigation (GreyHatHacker.net - reddit.com/r/netsec) (page_14587654.html)
Windows Debugging (page_13762774.html)
WinDbg (page_13762776.html)
WinDbg Cheat Sheet (page_13762778.html)
Windows Registriy Information (page_11628929.html)
CLSIDs (Class IDs) (page_13762780.html)
CLSIDs Windows 8 Enterprise x86 Office 2013 (page_13762811.html)
CLSIDs Windows 7 Professional x86 With Office 2010 (page_13762803.html)
CLSIDs Windows 7 Ultimate SP1 x64 Office 2010 (page_13762809.html)
CLSIDs Windows 8.1 Enterprise x64 with Office 2013 (page_13762818.html)
Interesting and Useful Registry Keys (page_11628931.html)
Personal Security Products (PSPs) (page_13762910.html)
ClamAV (page_14587879.html) SECRET
Articles On Bypassing PSPs (page_13762912.html)
Norton (page_14587895.html) SECRET
Kaspersky (page_14587885.html) SECRET
Avira (page_14587874.html) SECRET
Zone Alarm (page_14587905.html) SECRET Rising (page_14587899.html) SECRET
Articles on Exploiting PSPs (page_13762914.html)
PSP Process Names from DART (page_17760686.html)
F-Secure (page_14587956.html) SECRET
Zemana Antilogger (page_14587954.html) empty
EMET (Enhanced Mitigation Experience Toolkit) (page_14587891.html) SECRET
Malwarebytes Anti-Malware (page_14587893.html) SECRET
Bitdefender (page_14587876.html) SECRET
Panda Security (page_14587897.html) SECRET
Trend Micro (page_14587903.html) SECRET
ESET (page_14587881.html) SECRET
Avast (page_14587958.html)
AVG (page_14587872.html) SECRET
Symantec (page_14587901.html) SECRET
McAfee (page_14587887.html) SECRET
Comodo (page_17760702.html) SECRET
Microsoft Security Essentials (page_14587889.html) SECRET
GDATA (page_14587883.html) SECRET
User #71471's Knowledge Base Home (page_11628596.html) EDG Mobile (space_14385153.html)
EDG Mobile (page_13763240.html)
Mobile Ops Status/Priority (page_13763254.html)
Android Exploit/Tool Coverage (page_21561399.html)
Shared links (page_13763244.html)
Android (page_13763246.html)
Aquarius Stash Project (page_13763248.html)
MDB (page_13763245.html)
MDB static leases (page_22642852.html)
IOS Projects (MDB) (page_13763250.html)
Poseidon Web Application (page_13763251.html)
Android Projects (MDB) (page_13763249.html)
MDB AngerManagement Op Delivery (page_20250955.html)
EDG Mobile Home (page_13763239.html)
Joint Development Workshop (space_23822337.html)
JDW (page_23592979.html)
JDW 18 (2015) (page_23592983.html)
JDW 18 Lessons Learned (page_23592985.html)
JDW 18 Results (page_23592981.html) JDW 19 (2016) (page_23592987.html)
JDW 19 Planning Notes (page_23592991.html) empty
Users
User #524297 (space_753666.html)
Home (page_524296.html)
Engineering Log (page_524334.html)
Single Bus Theory (page_524341.html)
Idea Box (page_2621463.html)
User #71384 (space_753669.html)
User #71384's Home (page_524367.html)
SSL / TLS Certificates (page_35061770.html)
Eclipse User Notes (page_4849776.html)
Remote Debugging with Eclipse (page_17760482.html)
Linux ARP Options (page_13763784.html)
Git Notes (page_32145424.html)
MIPS Cross-compile of ngrep (open source) (page_13762578.html)
Building Cross Compilers with Crosstool-NG (page_39714850.html)
User #1179751 (space_1736705.html)
User #1179751's Home (page_1179750.html) Test Page (page_14587772.html)
New Confluence Plugins (page_53215240.html)
User #71489 (space_2359303.html)
testing (page_20873471.html)
User #71489's Home (page_2064618.html)
User #71473 (space_3276809.html)
Retrospectives (page_51183630.html)
Wait, didn't I just securely delete that file? (page_14588102.html) SECRET
User #71473's Home (page_2621798.html)
File lists (page_13205548.html)
TODO: Something (page_14588098.html) SECRET
User #71472's awesome tool names page (page_14588652.html)
HammerDrill (page_17072170.html) SECRET
User #71473 Home (page_2064506.html)
Test Files (page_13205549.html)
AV Defeats (page_2064514.html)
Comodo Recycle Bin Defeat (page_5341269.html)
F-Secure Entropy Defeat (page_2621470.html)
Bitdefender Resource Defeat (page_7995639.html) Avira Entropy Defeat (page_2621467.html)
AVG Fake Installer Trick (page_5341263.html)
Comodo 6.X Gaping Hole of DOOM (page_5341272.html)
List of ideas for fun and interesting ways to kill/crash a process (WreckingCrew) (page_14588670.html)
User #71488 (space_3506178.html)
User #71488's Home (page_3375129.html)
SOLDER (page_42205198.html)
User #71466 (space_3506182.html)
User #71463's Wiki Page (page_3375373.html)
Funny Code 2010 (page_3375552.html)
Funny Code 2014 (page_11628804.html)
Funny Code 2013 (page_3375384.html)
Funny Code 2011 (page_5341186.html)
Funny Code 2015 (page_14588685.html)
Funny Code 2009 (page_4849827.html)
Funny Code 2012 (page_7995622.html)
User #? (space_3506184.html)
User #?'s Home (page_3375502.html)
User #71487 (space_5144578.html) User #71487’s Home (page_4849737.html)
User #? (space_5767170.html)
User #?’s Home (page_5341225.html)
Strategic Projects (page_5341230.html)
User #? (space_8224772.html)
User #?’s Home (page_7995630.html)
Reading list (page_7995633.html)
regsvr32 (page_18382968.html)
User #71484 (space_9797634.html)
User #71484’s Home (page_9535643.html)
User #71464's Tool Name Ideas (page_16384578.html)
User #71480 (space_11763719.html)
User #71480’s Home (page_11628961.html)
Practices of an Agile Developer (page_16384427.html)
User #71475 (space_11763722.html)
User #71475’s Home (page_11629155.html)
Faces of the Internet (page_17072568.html)
Sideways Faces (page_17760282.html)
Multiline Faces (page_17760286.html) Weird right to left faces (page_17760288.html)
One Line Faces (page_17760272.html)
Japanese style Faces (page_17760284.html)
Scratch pad (page_16385172.html)
Using pyenv on devlan (page_17760294.html)
Devlan simple pip index (page_11629160.html)
How-to articles (page_17760293.html)
User #71476 (space_14385155.html)
User #71476.’s Home (page_13763860.html)
Images (page_39321619.html)
File lists (page_39321618.html)
User #71483 (space_15204356.html)
Misc (page_17760456.html)
User #71483’s Personal Space (page_14588053.html)
Product requirements (page_14588109.html)
DriftingShadows 1.10 Requirements (page_14588130.html) SECRET
StrawHat 1.0 Requirements (page_14588125.html) SECRET
DriftingShadows 1.9 Requirements (page_14588367.html) SECRET
TheIronBank 1.0 Requirements (page_14588110.html) SECRET File lists (page_14588056.html)
DriftingShadows 1.10 (page_14588675.html)
Test (page_34308128.html)
DriftingShadows 1.9 (page_14588057.html)
JQJSNICKER (page_41123853.html)
Update (page_15729285.html)
User #71478.. User #71468 (space_15204357.html)
User #71478.. User #71468’s Home (page_14588322.html)
User #71482 (space_15204360.html)
User #71482’s Home (page_14588743.html)
User #71467 (space_15204362.html)
User #71467’s Home (page_14588838.html)
User #71467's Task List (page_14588821.html)
User #71465 (space_15859713.html)
User #71470’s Home (page_15728647.html)
User #71495 (space_16941059.html)
User #71495’s Home (page_16385189.html)
User #1179751 F. (space_17301506.html)
User #71481’s Home (page_17072266.html) User #20251227 (space_20807682.html)
Notes on Browser-Based Credential Stealing (page_20873428.html)
User #20251227’s Home (page_20251226.html)
Page of Holding (page_20873221.html)
Welcome (page_20873270.html)
Scratch Pad (page_22642751.html)
User #71469 (space_21168129.html)
User #71469 Home (page_20873282.html)
User #71485 (space_21168130.html)
User #71485’s Home (page_20873325.html)
How-to articles (page_20873329.html)
Router Exploitation (page_20873327.html)
SOHO ROM Exploitation (page_20873330.html)
Installing VS2013 Update 5 on Windows 10 (page_44597270.html)
User #71486 (space_21168131.html)
User #71486.’s Home (page_20873594.html)
User #?'s Test (page_20873597.html)
User #71493 (space_22544385.html)
User #71493’s Home (page_22053031.html) User #71479 (space_27131905.html)
User #71479’s Home (page_26968068.html)
Ubuntu-Foo (page_26968071.html)
User #71491 (space_29556737.html)
User #71491’s Home (page_29491203.html)
User #71477 (space_40861697.html)
User #71477’s Home (page_40828930.html)
DTO Transfer Log (page_40828933.html)
XYLOPHAGE Research (page_46399511.html)
User #71494 (space_45056001.html)
User #71494’s Home (page_44957699.html)
Caterpillar ICE Command-Line Documentation (page_45678594.html)
User #71492 (space_52527105.html)
User #71492’s Home (page_52330504.html)
Top WL Research Community - Tor is an encrypted Tails is a live operating The Courage Foundation is Bitcoin uses peer-to-peer user contributed research anonymising network that system, that you can start an international technology to operate with based on documents makes it harder to intercept on almost any computer organisation that supports no central authority or published by WikiLeaks. internet communications, or from a DVD, USB stick, or those who risk life or liberty banks; managing see where communications SD card. It aims at to make significant transactions and the issuing (https://our.wikileaks.org) are coming from or going preserving your privacy and contributions to the of bitcoins is carried out to. anonymity. historical record. collectively by the network.
(https://www.torproject.org/) (https://tails.boum.org/) (https://www.couragefound.org/)(https://www.bitcoin.org/)
(https://www.facebook.com/wikileaks) (https://twitter.com/wikileaks)