STRIDE GPT STRIDE GPT is an AI-powered threat modeling tool that leverages OpenAI’s GPT models to generate threat models and attack trees for a given application based on the STRIDE methodology. Users provide application...
EDRaser EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual. Automated Mode In automated...
Deepfake Offensive Toolkit dot (aka Deepfake Offensive Toolkit) makes real-time, controllable deepfakes ready for virtual camera injection. dot is created for performing penetration testing against e.g. identity verification and video conferencing systems, for the use by...
WPProbe is a fast and efficient WordPress plugin scanner that leverages REST API enumeration (?rest_route) to detect installed plugins without brute-force. Unlike traditional scanners that hammer websites with requests, WPProbe takes a smarter approach by querying the exposed REST API....
Web Shell Analyzer Web shell analyzer is a cross-platform stand-alone binary built solely for the purpose of identifying, decoding, and tagging files that are suspected to be web shells. The web shell analyzer is...
Ghost Scheduled Task While using scheduled tasks as a means of persistence is not a novel approach, threat actors have employed various techniques to conceal their malicious tasks. A notable method involves removing the SD...
Stifle Nearly a year ago, Jonas Knudsen (@Jonas_B_K) over at SpecterOps published a blog titled “ADCS ESC14 Abuse Technique”, covering a previously known technique for leveraging Active Directory Certificate Services (ADCS) for multiple types...
SRUM-DUMP2 SRUM Dump extracts information from the System Resource Utilization Management Database and creates an Excel spreadsheet. The SRUM is one of the best sources for applications that have run on your system in...
Nebula Nebula is an AI-powered assistant specifically designed for the field of ethical hacking. It provides a unique capability for users to input commands using natural language processing, facilitating a seamless transition from intent...
OdinLdr Cobaltstrike UDRL for beacon and post-ex tools. Use NtApi call with synthetic stackframe to confuse EDR based on stackframe detection. Beacon Use BeaconUserData structure to give memory information to beacon and allocate memory...
pcfg_cracker This project uses machine learning to identify password creation habits of users. A PCFG model is generated by training on a list of disclosed plaintext/cracked passwords. In the context of this project, the...
Introduction “Forensic Image Analysis is the application of image science and domain expertise to interpret the content of an image and/or the image itself in legal matters. Major subdisciplines of Forensic Image Analysis with...
OWASP OFFAT OWASP OFFAT (OFFensive Api Tester) is created to automatically test API for common vulnerabilities after generating tests from the openapi specification file. It provides the feature to automatically fuzz inputs and use...
Invoke-ADEnum Active Directory Enumeration Invoke-ADEnum is an Active Directory enumeration tool designed to automate the process of gathering information from an Active Directory environment, leveraging the capabilities of PowerView. With Invoke-ADEnum, you can quickly...
PortexAnalyzerGUI Graphical interface for PortEx, a Portable Executable and Malware Analysis Library PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly...
Sunder Windows rootkit modeled after Lazarus Group’s FudModule rootkit. Reference this version of Sunder for an example of the appid.sys driver exploit, which was utilized by Lazarus Group FudModule rootkit. Sunder’s vulnerable driver in this GitHub repository...
