A new tool, DonPwner, has been released publicly — a utility for credential analysis and the automation of attacks against role-based Active Directory environments, built atop the DonPAPI database and designed to streamline authorized...
A new open-source project named NoMoreStealers has just debuted on GitHub. Presented as a proof-of-concept defense for Windows systems against data-stealing malware, it is authored by a developer using the pseudonym EvilBytecode. The solution...
SigmaOptimizer is a End-to-End Sigma rule generation and optimization tool that automatically creates, tests, and improves Sigma rules based on real-world logs using LLM. It is implemented as a PowerShell script and integrates log analysis, rule evaluation, and iterative...
MAD-CAT (Meow Attack Data Corruption Automation Tool) is a comprehensive security tool designed to simulate data corruption attacks against multiple database systems. The tool supports both single-target attacks and bulk CSV-based attack campaigns, with...
GDIOCSpider is an open-source, configurable, Python Incident Response (IR) and Security Research tool specifically catered around IOC extraction and identification in GDrives with poor data context. Taken as an end-to-end application, this tool crawls through...
ELFSPIRIT is a comprehensive static analysis and injection framework designed to parse, manipulate, patch, and camouflage ELF files. With elfspirit, you can explore the intricacies of the ELF format and have the freedom to...
Behavioral User-driven Deceptive Activities Framework (BUDA) is a cutting-edge solution designed to enhance deception operations in cybersecurity by automating the simulation of realistic user behaviors within decoy environments. By integrating strategic narratives, dynamic user...
Luminaut is a utility to scope cloud environment exposure for triage. The goal is to quickly identify exposed resources and collect information to start an investigation. Starting from the public IP addresses of AWS...
Frogy 2.0 is an automated external reconnaissance and Attack Surface Management (ASM) toolkit designed to map out an organization’s entire internet presence. It identifies assets, IP addresses, web applications, and other metadata across the public...
DNSForge is a network pentesting tool for responding to name resolution requests made to the authoritative DNS server in an internal network landscape, achieving interception and reuse of system credentials without user interaction. This...
AzDevRecon is a web-based enumeration tool designed for offensive security professionals, red teamers, and penetration testers targeting Azure DevOps. It helps identify misconfigurations, exposed secrets, and security gaps by leveraging token-based authentication for reconnaissance and data extraction. Features Token-Based Enumeration –...
SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the process of constructing and utilizing structures, assigning variables, and making system calls. With this tool,...
