seonar22

## Empire and Metasploit 101 - BookClub
Empire and Metasploit 101


Goal: Use Empire and metasploit in example situation of network exploitation and post-exploitation host enumeration. We will exploit a network service on a Windows 7 VM, and then use our low-privilege shell to then execute an empire powershell stager, which will create an Empire agent on the local Windows 7 VM. After this, we will look through the various options available as an Empire agent.
Following this, we will generate a DLL stager within Empire, and then use our existing meterpreter session on the Windows 7 VM to perform a DLL injection attack, to inject another Empire agent, directly into memory.

Pre-Stuff: Empire is not just for windows. It has python based agents that can run on OS X and Linux. It's communication profile between agents and listeners is configurable, similar to CobaltStrikes. You can use pre-built or custom-made ones to employ such functionality. Empire is designed to stay off disk and in memory as much as possible. Empire does contain modules that will

## XCTestAndNil.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                seonar22
                / XCTestAndNil.md
            
            
              Created
              December 2, 2023 13:48
                — forked from KingOfBrian/XCTestAndNil.md
            
              
                XCTest and nil assertions
              
          
    XCTest and Optional Unwrapping

XCTest is the default test harness on iOS an Apple’s other platforms. It provides support for organizing test cases and asserting expectations in your application code, and reporting the status of those expectations. It's not as fancy as some of the BDD frameworks like Quick and Cedar, but it has gotten much better than it used to be, and is my preferred test framework these days.
The Problem

One place where the XCTest assertion utilities fall a bit short has been with managing Optional variables in swift. The default use of XCTAssertNotNil don't provide any mechanism for unwrapping, easily leading to assertion checks like this:
class TestCaseDefault: XCTestCase {

  
## TNT’s certificate.md

      
              1 file
            
          
              0 forks
            
          
              1 comment
            
          
              0 stars
            
          
                seonar22
                / TNT’s certificate.md
            
            
              Created
              March 1, 2024 04:15
                — forked from rampfox/TNT’s certificate.md
            
              
                If Crashes when opening Mac Cracked Apps
              
          
    Apple removed TNT’s certificate, so the app will crash after July 12th. The current solution is to sign it yourself.
Run in Terminal
codesign --force --deep --sign - /Applications/name.app
if Permission denied don't forget to add sudo
example:

  
## GraphQL URLSession Example
import Foundation

struct Post: Decodable {
    let id: String
    let title: String
    let body: String
}

struct GraphQLResult<T: Decodable>: Decodable {
    let object: T?

## LearningGraphQLAPI.swift
func addMeasurement(id: String, measurement: ClientMeasurementRequest) -> Future<GraphQLResult<AddMeasurementMutation.Data>, Error> {
        let promise = Promise<GraphQLResult<AddMeasurementMutation.Data>, Error>()
        Network.shared.apollo.perform(mutation: AddMeasurementMutation(client_id: id, measurementsRequest: measurement)) { response in
            switch response.result {
                case .success(let graphqlResult):
                    promise.success(graphqlResult)
                case .failure(let error):
                    promise.failure(error)
            }
        }

## Apollo+Rx.swift
import Foundation
import RxSwift
import RxRelay
import Apollo

// MARK: - Apollo Support

enum ApolloError: Error {
  case genericError(String)
  case graphqlErrors([GraphQLError])
	Empire and Metasploit 101




	Goal: Use Empire and metasploit in example situation of network exploitation and post-exploitation host enumeration. We will exploit a network service on a Windows 7 VM, and then use our low-privilege shell to then execute an empire powershell stager, which will create an Empire agent on the local Windows 7 VM. After this, we will look through the various options available as an Empire agent.
	Following this, we will generate a DLL stager within Empire, and then use our existing meterpreter session on the Windows 7 VM to perform a DLL injection attack, to inject another Empire agent, directly into memory.

	Pre-Stuff: Empire is not just for windows. It has python based agents that can run on OS X and Linux. It's communication profile between agents and listeners is configurable, similar to CobaltStrikes. You can use pre-built or custom-made ones to employ such functionality. Empire is designed to stay off disk and in memory as much as possible. Empire does contain modules that will
	import Foundation

	struct Post: Decodable {
	let id: String
	let title: String
	let body: String
	}

	struct GraphQLResult<T: Decodable>: Decodable {
	let object: T?
	func addMeasurement(id: String, measurement: ClientMeasurementRequest) -> Future<GraphQLResult<AddMeasurementMutation.Data>, Error> {
	let promise = Promise<GraphQLResult<AddMeasurementMutation.Data>, Error>()
	Network.shared.apollo.perform(mutation: AddMeasurementMutation(client_id: id, measurementsRequest: measurement)) { response in
	switch response.result {
	case .success(let graphqlResult):
	promise.success(graphqlResult)
	case .failure(let error):
	promise.failure(error)
	}
	}
	import Foundation
	import RxSwift
	import RxRelay
	import Apollo

	// MARK: - Apollo Support

	enum ApolloError: Error {
	case genericError(String)
	case graphqlErrors([GraphQLError])