Sunder Windows rootkit modeled after Lazarus Group’s FudModule rootkit. Reference this version of Sunder for an example of the appid.sys driver exploit, which was utilized by Lazarus Group FudModule rootkit. Sunder’s vulnerable driver in this GitHub repository...
HFish It is a cross-platform honeypot platform developed based on golang, which has been meticulously built for enterprise security Multi-function: Not just support HTTP(S) Pot,It also supports SSH、SFTP、Redis、Mysql、FTP、Telnet、Deep etc. Expansibility: Provide API Interface,Users can expand honeypot module at...
AutoPentest-DRL is an automated penetration testing framework based on Deep Reinforcement Learning (DRL) techniques. The framework determines the most appropriate attack path for a given network and can be used to execute a simulated...
CryptoTester A utility for playing with cryptography, geared toward ransomware analysis. Hex Views All hex views used in CryptoTester offer a few enhanced capabilities. Null bytes are colored a lighter gray Bytes representing ASCII...
WAF-A-MoLE A guided mutation-based fuzzer for ML-based Web Application Firewalls, inspired by AFL and based on the FuzzingBook by Andreas Zeller et al. Given an input SQL injection query, it tries to produce a semantic invariant query that is able...
GitAlerts GitHub repositories created under any organization can be controlled by the GitHub administrators. However, any repository created under an organization’s user account is not controllable unless the organization has adopted the GitHub enterprise-managed...
HashDB IDA Plugin Malware string hash lookup plugin for IDA Pro. This plugin connects to the OALABS HashDB Lookup Service. Adding New Hash Algorithms The hash algorithm database is open source and new algorithms can...
Baitroute A web honeypot project that serves realistic, vulnerable-looking endpoints to detect vulnerability scans and mislead attackers by providing false positive results. It can be imported as a library into your project and is...
APKDeepLens APKDeepLens is a Python-based tool designed to scan Android applications (APK files) for security vulnerabilities. It specifically targets the OWASP Top 10 mobile vulnerabilities, providing an easy and efficient way for developers, penetration...
Mobile Audit MobileAudit – SAST and Malware Analysis for Android Mobile APKs Django Web application for performing Static Analysis and detecting malware in Android APKs. In each of the scans, it would have the following...
SQLMap Command Generator is a web-based application designed to assist penetration testers and security enthusiasts in generating SQLMap commands with various options for testing SQL injection vulnerabilities. It provides an easy-to-use interface where users...
unblob is an accurate, fast, and easy-to-use extraction suite. It parses unknown binary blobs for more than 30 different archive, compression, and file-system formats, extracts their content recursively, and carves out unknown chunks that have not been accounted for. How does it work? unblob...
VectorKernel PoCs for Kernelmode rootkit techniques research or education. Currently focusing on Windows OS. All modules support 64-bit OS only. NOTE Some modules use ExAllocatePool2 API to allocate kernel pool memory. ExAllocatePool2 API is not...
ESXi Testing Toolkit A command-line utility designed to help security teams test detections deployed in ESXi environments. It takes heavy inspiration from Atomic Red Team but provides ESXi-specific enhancements and a simpler user experience....
The Damne Vulnerable Android Components – DVAC Damn Vulnerable Android Components (DVAC) is an educational Android application intentionally designed to expose and demonstrate vulnerabilities related to various Android components such as Activities, Intents, Content...
ELFEN: Linux Malware Analysis Sandbox ELFEN is a dockerized sandbox for analyzing Linux (file type: ELF) malware. It leverages an array of open-source technologies to perform both static and dynamic analysis. Results are available...
