TimeSync Tool to obtain hash using MS-SNTP for user accounts Requirements Python 3.x ldap3 library for LDAP operations Installations Clone the repository: git clone https://github.com/yourusername/timeroast.git cd timeroast Install the required Python packages: pip install ....
Ligolo-mp Ligolo-mp is a more specialized version of Ligolo-ng, with client-server architecture, enabling pentesters to play with multiple concurrent tunnels collaboratively. Also, with a sprinkle of less important bells and whistles. Features Everything that you...
vmlinux-to-elf This tool allows to obtain a fully analyzable .ELF file from a vmlinux/vmlinuz/bzImage/zImage kernel image (either a raw binary blob or a preexisting but stripped .ELF file), with recovered function and variable symbols....
smugglo An easy-to-use script for wrapping files into self-dropping HTML payloads to bypass content filters. Features One-file payload: Wrap any file into a single self-contained HTML file Automatic extraction: The generated HTML auto-extracts and downloads the...
NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into Windows APIs to dynamically manipulate the Windows internals on the go. This allows...
PMAT-labs – The labs for Practical Malware Analysis & Triage This repository contains live malware samples for use in the Practical Malware Analysis & Triage course (PMAT). These samples are either written to emulate...
bincrypter – Pack/Encrypt/Obfuscate ELF + SHELL scripts A Linux Binary Runtime Crypter – in BASH! Features Obfuscates & encrypts any ELF binary or #!-script AV/EDR death: Morphing + different signature every time 100% in-memory. No temporary...
Cloud Privilege Escalation Awesome Script Suite The current goal of Cloud PEASS is simple: Once you manage to get some credentials to access Azure, GCP or AWS, use different techniques to get the permissions the principal has and highlight...
Shelter Shelter is a completely weaponized sleep obfuscation technique that allows you to fully encrypt your in-memory payload making extensive use of ROP. This crate comes with the following characteristics: AES-128 encryption. Whole PE...
PortEx PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at...
landrun A lightweight, secure sandbox for running Linux processes using Landlock LSM. Think firejail, but with kernel-level security and minimal overhead. Linux Landlock is a kernel-native security module that lets unprivileged processes sandbox themselves...
secator is a task and workflow runner used for security assessments. It supports dozens of well-known security tools and it is designed to improve productivity for pentesters and security researchers. Feature A curated list...
EVILRDP – More control over RDP The evil twin of aardwolfgui using the aardwolf RDP client library that gives you extended control over the target and additional scripting capabilities from the command line. Features Control the mouse...
CAPE is a malware sandbox. It is derived from Cuckoo and is designed to automate the process of malware analysis with the goal of extracting payloads and configuration from malware. This allows CAPE to...
It’s a modern and stealthy process injection technique was discovered by Outflank that involves injecting and executing code in the early stages of process creation before loading EDRs for their user mode detection measures. EarlyCascade technique...
Arjun Arjun can find query parameters for URL endpoints. If you don’t get what that means, it’s okay, read along. Web applications use parameters (or queries) to accept user input, consider the following example...
