Lets go through an exploit module I built for Metasploit Framework. In a nutshell, the exploit contains only a couple of key elements – a HTTP Client and Server and a generated malicious payload. I needed an easy way to abuse a Remote Command Execution vulnerability. A full exploit module that would generate the selected payload […]

How to intercept and proxy HTTP(S) requests from a mobile device without having to root the device.

First post of the RoT Team Blog.