PinguCrew PinguCrew is a web-based fuzzer platform that allows security researchers to test their software for vulnerabilities in a scalable and efficient manner. The tool is inspired by the ClusterFuzz tool but aims to remove any...
Cloud Offensive Breach and Risk Assessment (COBRA) Tool Cloud Offensive Breach and Risk Assessment (COBRA) is an open-source tool designed to empower users to simulate attacks within multi-cloud environments, offering a comprehensive evaluation of...
APIDetector APIDetector is a powerful and efficient tool designed for testing exposed Swagger endpoints in various subdomains with unique smart capabilities to detect false-positives. It’s particularly useful for security professionals and developers who are...
DA_Plugin_AntiDebugSeeker Through this tool, users can automatically extract potential anti-debugging methods used by malware, making it easier for analysts to take appropriate action. The main functionalities of this plugin are as follows: Extraction of...
Managed Kubernetes Auditing Toolkit (MKAT) MKAT is an all-in-one auditing toolkit for identifying common security issues within managed Kubernetes environments. It is focused on Amazon EKS at the moment, and will be extended to...
BadZure BadZure is a PowerShell script that leverages the Microsoft Graph SDK to orchestrate the setup of Azure Active Directory tenants, populating them with diverse entities while also introducing common security misconfigurations to create...
Frida-Jit-unPacker The Frida-Jit-unPacker aims to help researchers and analysts understand the behavior of malicious .NET packed samples in order to provide a mitigation. This tool uses the Frida instrumentation toolkit to inject scripts into the CLR...
IPPrint C2 A Proof-of-Concept for using Microsoft Windows printers for persistence/command and control via Internet Printing. Printing systems are an often overlooked target for attackers looking to establish command and control (C2) channels on...
ELFieScanner A C++ POC for advanced process memory scanning that attempts to detect many malicious techniques used by threat actors & those that have been incorporated into open-source user-mode rootkits. ELFieScanner inspects every running...
RWX MEMEORY HUNT AND INJECTION DV Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region. This technique is finding RWX region in already running processes...