WPProbe is a fast and efficient WordPress plugin scanner that leverages REST API enumeration (?rest_route) to detect installed plugins without brute-force. Unlike traditional scanners that hammer websites with requests, WPProbe takes a smarter approach by querying the exposed REST API....
Web Shell Analyzer Web shell analyzer is a cross-platform stand-alone binary built solely for the purpose of identifying, decoding, and tagging files that are suspected to be web shells. The web shell analyzer is...
Ghost Scheduled Task While using scheduled tasks as a means of persistence is not a novel approach, threat actors have employed various techniques to conceal their malicious tasks. A notable method involves removing the SD...
Stifle Nearly a year ago, Jonas Knudsen (@Jonas_B_K) over at SpecterOps published a blog titled “ADCS ESC14 Abuse Technique”, covering a previously known technique for leveraging Active Directory Certificate Services (ADCS) for multiple types...
SRUM-DUMP2 SRUM Dump extracts information from the System Resource Utilization Management Database and creates an Excel spreadsheet. The SRUM is one of the best sources for applications that have run on your system in...
Nebula Nebula is an AI-powered assistant specifically designed for the field of ethical hacking. It provides a unique capability for users to input commands using natural language processing, facilitating a seamless transition from intent...
OdinLdr Cobaltstrike UDRL for beacon and post-ex tools. Use NtApi call with synthetic stackframe to confuse EDR based on stackframe detection. Beacon Use BeaconUserData structure to give memory information to beacon and allocate memory...
pcfg_cracker This project uses machine learning to identify password creation habits of users. A PCFG model is generated by training on a list of disclosed plaintext/cracked passwords. In the context of this project, the...
Introduction “Forensic Image Analysis is the application of image science and domain expertise to interpret the content of an image and/or the image itself in legal matters. Major subdisciplines of Forensic Image Analysis with...
OWASP OFFAT OWASP OFFAT (OFFensive Api Tester) is created to automatically test API for common vulnerabilities after generating tests from the openapi specification file. It provides the feature to automatically fuzz inputs and use...
Invoke-ADEnum Active Directory Enumeration Invoke-ADEnum is an Active Directory enumeration tool designed to automate the process of gathering information from an Active Directory environment, leveraging the capabilities of PowerView. With Invoke-ADEnum, you can quickly...
PortexAnalyzerGUI Graphical interface for PortEx, a Portable Executable and Malware Analysis Library PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly...
Sunder Windows rootkit modeled after Lazarus Group’s FudModule rootkit. Reference this version of Sunder for an example of the appid.sys driver exploit, which was utilized by Lazarus Group FudModule rootkit. Sunder’s vulnerable driver in this GitHub repository...
HFish It is a cross-platform honeypot platform developed based on golang, which has been meticulously built for enterprise security Multi-function: Not just support HTTP(S) Pot,It also supports SSH、SFTP、Redis、Mysql、FTP、Telnet、Deep etc. Expansibility: Provide API Interface,Users can expand honeypot module at...
AutoPentest-DRL is an automated penetration testing framework based on Deep Reinforcement Learning (DRL) techniques. The framework determines the most appropriate attack path for a given network and can be used to execute a simulated...
CryptoTester A utility for playing with cryptography, geared toward ransomware analysis. Hex Views All hex views used in CryptoTester offer a few enhanced capabilities. Null bytes are colored a lighter gray Bytes representing ASCII...
