BDFProxy
Patch Binaries via MITM: BackdoorFactory + mitmProxy. (by secretsquirrel)
the-backdoor-factory
Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors (by secretsquirrel)
Our great sponsors
| BDFProxy | the-backdoor-factory | |
|---|---|---|
| 2 | 1 | |
| 975 | 3,251 | |
| - | - | |
| 0.0 | 3.4 | |
| over 2 years ago | 6 months ago | |
| Python | Python | |
| - | BSD 3-clause "New" or "Revised" License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
BDFProxy
Posts with mentions or reviews of BDFProxy.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-02-26.
-
quicklisp security (or total lack of it)
for same sort of thing but not lisp, see backdoor factory that will backdoor any .exe you download over connection that attacker is MITMing. attacker doesn't need to know what specific library you will download from quicklisp, they write a mitmproxy script like that so for any download from quicklisp.org, it opens the .tar.gz, adds some malicious lisp to it (probably that just executes shell command to download and execute their normal malware, password stealer or whatever as I don't think they going to write full malware in lisp), repack it as .tar.gz you were requesting and serve it to you. It's not the same issue as phishing where they email saying please open and run attachment.exe and you click through all the warnings that you are doing something dangerous and about to run untrusted code. You just use quicklisp as you normally do, if you install any package, when an attacker can MITM your connection they can run code on your computer. Yes that is sometimes also possible with browser exploit but browsers have multiple layers of sandbox and protections against it, and when someone finds a vulnerability that gets through it is treated as a serious vulnerability to fix. some of this thread seems people saying well nothing is perfectly secure a sufficiently pacient, skilled, well-funded attacker can always get through somehow, so it doesn't matter raising the bar off the floor by not using http unverified to download code we run on people's computer
-
mitmproxy is a command-line tool for intercepting HTTPS traffic. Here is how you set up it.
Have you seen this mitmproxy plugin: https://github.com/secretsquirrel/BDFProxy They use mitmproxy to capture and replace software auto-updates.
the-backdoor-factory
Posts with mentions or reviews of the-backdoor-factory.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-09-20.
-
Nano98: Windows 98 that boots and runs under 5MB
I don't think this argument holds much substance. FOSS developers are absolutely not lost without the source - they just share the fruit of their labor under FOSS licenses. In fact there's a good chunk of work being done black-box style: WINE, many of the drivers, game modding, hell here's a random FOSS binary patcher[0]. So FOSS developers don't seem to be lost without the source.
[0] https://github.com/secretsquirrel/the-backdoor-factory
What are some alternatives?
When comparing BDFProxy and the-backdoor-factory you can also consider the following projects:
dit - DIT is a DTLS MitM proxy implemented in Python 3. It can intercept, manipulate and suppress datagrams between two DTLS endpoints and supports psk-based and certificate-based authentication schemes (RSA + ECC).
vmlinux-to-elf - A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)
ssh-mitm - SSH-MITM - ssh audits made simple
Cozette - A bitmap programming font optimized for coziness 💜
quicklisp-client - Quicklisp client.
LIEF - LIEF - Library to Instrument Executable Formats
quicklisp-https
Mypal - Web browser
mitm - 👨🏼💻 A customizable man-in-the-middle TCP intercepting proxy.
paschke - Paschke created images of Chicago, among other things. Hence the name.
ql-https - HTTPS support for Quicklisp via curl
shrinkwrap - A tool that embosses the needed dependencies on the top level executable
BDFProxy vs dit
the-backdoor-factory vs vmlinux-to-elf
BDFProxy vs ssh-mitm
the-backdoor-factory vs Cozette
BDFProxy vs quicklisp-client
the-backdoor-factory vs LIEF
BDFProxy vs quicklisp-https
the-backdoor-factory vs Mypal
BDFProxy vs mitm
the-backdoor-factory vs paschke
BDFProxy vs ql-https
the-backdoor-factory vs shrinkwrap