DARKHOUSE ENTERPRISES
Proof of Concept

STICK OF VIOLENCE

Your governance framework, meet reality.

155MB

Total image size

$3

USB stick cost

<60s

Boot to attack

A bootable USB toolkit demonstrating that policy documents are not security. Everything on this stick is freely available. We just packaged it.

The Arsenal

Everything fits on a 4GB USB stick. Your compliance audit cost more.

NETWORK

violence-scan

Automated network reconnaissance. Auto-detects network, scans hosts, enumerates services.

WIRELESS

violence-wifi

WPA/WPA2 cracking, deauth attacks, evil twin, WPS exploitation, probe capture.

BLUETOOTH

violence-bluetooth

BLE scanning, service enumeration, DoS attacks, MAC spoofing.

MITM

violence-mitm

ARP spoofing, DNS poisoning, SSL stripping, traffic interception.

CREDENTIALS

violence-creds

Sniff traffic, extract browser passwords, harvest WiFi keys, find SSH keys.

EXPLOITS

violence-exploit

SearchSploit integration, CVE lookup, EternalBlue, Shellshock, Log4j checks.

SHELLS

violence-shells

Reverse shells in every language. Bash, Python, Perl, PHP, PowerShell, Java, Node.

POST-EXPLOIT

violence-persist

LinPEAS integration, privilege escalation, persistence mechanisms, lateral movement.

SOCIAL

violence-social

Phishing pages, QR code attacks, OSINT, USB payload generation.

+ nmap, metasploit, aircrack-ng, hydra, john, hashcat, sqlmap, bettercap, wireshark...

+ Claude Code for AI-assisted penetration testing

The Attack Surface

Right-click menu. Point and shoot.

Reconnaissance

  • Auto-scan network
  • Service detection
  • Vulnerability scanning
  • OSINT (WHOIS, DNS, subdomains)
  • Email harvesting

Wireless

  • WiFi network scanning
  • WPA handshake capture
  • Deauthentication attacks
  • Evil twin AP
  • Bluetooth enumeration

Attacks

  • ARP spoofing / MITM
  • Credential sniffing
  • Password brute forcing
  • SQL injection
  • Known CVE exploitation

Post-Exploitation

  • Privilege escalation
  • Persistence mechanisms
  • Lateral movement
  • Data exfiltration
  • Reverse shells

The Demo

What happens when I plug this into an unlocked machine in your office.

violence@target:~$
$ violence-scan --quick
[+] Auto-detecting network...
[+] Detected network: 192.168.1.0/24
[+] Found 47 live hosts
[+] Scan complete in 23 seconds
$ violence-mitm arpspoof 192.168.1.1
[MITM] ARP spoofing entire subnet via gateway
[MITM] Intercepting traffic...
$ violence-creds sniff
[CRED] HTTP Basic: admin:Password123
[CRED] FTP USER: backup_user
[CRED] FTP PASS: Summer2024!
[CRED] SMTP Auth: mailuser@company.com
$ claude "Analyze results and suggest next steps"
[Claude] Based on the discovered credentials, I recommend:
1. The FTP credentials suggest a backup server at 192.168.1.15
2. Try the admin creds against the web portal at :8080
3. The SMTP creds could enable phishing from inside...
Time elapsed: 4 minutes. Your security team hasn't noticed.

What Could Go Wrong

If someone with actual malicious intent had this stick.

RANSOMWARE DEPLOYMENT

Map the network, find file servers, deploy ransomware across all accessible shares. Encrypt backups first.

Average ransom demand: $1.5M (2024)
DATA EXFILTRATION

Find sensitive data, compress it, tunnel it out over HTTPS (looks like normal traffic). Customer data, financials, IP.

Average breach cost: $4.45M (IBM 2024)
PERSISTENT ACCESS

Plant backdoors, add SSH keys, create service accounts. Come back anytime. Sell access to others.

Initial access broker market: $5K-$500K per target
SUPPLY CHAIN ATTACK

Compromise your build systems, inject malicious code into your products. Infect your customers.

See: SolarWinds, Codecov, ua-parser-js
CREDENTIAL HARVESTING

Capture credentials via MITM, responder, phishing. Use them for identity theft, account takeover, further attacks.

Stolen credentials fuel 80%+ of breaches
COMPETITIVE ESPIONAGE

Steal trade secrets, customer lists, pricing strategies, product roadmaps. Hand them to your competitor.

Economic espionage costs: $600B annually

The Defenses

Five things that might actually stop this.

01

Full Disk Encryption

BitLocker/FileVault with pre-boot PIN. Not just TPM. Attacker boots, sees encrypted garbage.

Stops 90% of USB boot attacks
02

BIOS Hardening

Password protect BIOS. Disable USB boot. Enable Secure Boot. Lock boot order.

Free. Do it Monday morning.
03

Network Segmentation

Zero trust. VLANs. Micro-segmentation. Unknown device? Quarantine network.

Limits blast radius dramatically
04

Network Monitoring

Detect scanning, ARP anomalies, new MACs, lateral movement. Alert and respond.

Know when you're being attacked
05

Physical Security

Screen locks. Cable locks. USB port blockers. Challenge strangers. Clean desk policy.

Prevent the opportunity
!!

Policy Documents

"Employees shall not plug in unauthorized USB devices" - written once, ignored forever.

This is not a defense

The Questions

If a USB stick this small can do this much, what does your security policy actually protect?

How many of your employees could build this in an afternoon with AI assistance?

What happens when this capability is assumed, not exceptional?

Is your security model based on capability restriction or threat assumption?

When's your next governance committee meeting?

The Challenge

This project doesn't create new capabilities. It packages existing ones in a way that makes the implications impossible to ignore.

Every tool here is freely available.

Every technique is documented. Every attack has been done before.

The only thing new is putting it on a stick small enough to fit on a keychain.

155MB

Total toolkit size

4,723

Lines of attack scripts

Governance documents rendered irrelevant

Your compliance audit cost more than this USB stick.

Sleep tight.

DARKHOUSE ENTERPRISES

Your governance framework, meet reality.