The pentester's Swiss knife

Linux Process Discovery

xpid: Linux Process Discovery

xpid It’s nmap but for pids. xpid gives a user the ability to “investigate” for process details on a Linux system. For example, a sleeping thread will have a directory /proc/[pid] that can be navigated to,...

attack MLOps platforms

MLOKit: MLOps Attack Toolkit

MLOps Attack Toolkit – MLOKit is a toolkit that can be used to attack MLOps platforms by taking advantage of the available REST API. This tool allows the user to specify an attack module,...

Linux Evidence Acquisition

LEAF: Linux Evidence Acquisition Framework

Linux Evidence Acquisition Framework (LEAF) Linux Evidence Acquisition Framework (LEAF) acquires artifacts and evidence from Linux EXT4 systems, accepting user input to customize the functionality of the tool for easier scalability. Offering several modules...

Windows Event Log Analyzer

WELA: Windows Event Log Analyzer

WELA (Windows Event Log Analyzer) Yamato Security’s WELA(Windows Event Log Analyzer) aims to be the Swiss Army knife for Windows event logs. Currently, WELA’s greatest functionality is creating an easy-to-analyze logon timeline in order...

Linux kernel rootkit

KoviD: Red-Team Linux kernel rootkit

KoviD is a Loadable Kernel Module (LKM) designed for Linux Kernel version 5 and later. Key features include: Self-hiding from SysFS. Provides reverse shell backdoors. Conceals processes from the proc file system. Handles child...

Pentest Reporting

pecoret: A Pentest Collaboration and Reporting Tool

PeCoReT PeCoReT (Pentest Collaboration and Reporting Tool) is an open-source application to manage your pentest projects. PeCoReT allows pentesters to focus on testing instead of writing the report. It can be customized and once...