All-in-One malware analysis tool for analyze many file types, from Windows binaries to E-Mail files. You can get: What DLL files are used. Functions and APIs. Sections and segments. URLs, IP addresses and emails....
Crawlector Crawlector (the name Crawlector is a combination of Crawler & Detector) is a threat hunting framework designed for scanning websites for malicious objects. Note-1: The framework was first presented at the No Hat conference in Bergamo, Italy on...
CRADLE is an open-source web application designed to empower Cyber Threat Intelligence (CTI) analysts. The platform streamlines threat analysis workflows through collaborative note-taking, visual relationship mapping, and comprehensive report generation. In today’s rapidly evolving...
Linux Security and Monitoring Scripts These are a collection of security and monitoring scripts you can use to monitor your Linux installation for security-related events or for an investigation. Each script works on its...
Draugr-Template CobaltStrike BOF Template to easily perform a synthetic stack frame in BOF. The spoofer is based on LoudSunRun. For each API call, a gadget is randomly used inside KERNELBASE.DLL. Nowadays, some EDRs analyze...
ZeusCloud is an open-source cloud security platform. Discover, prioritize, and remediate your risks in the cloud. Build an asset inventory of your AWS accounts. Continuously monitor your environments for misconfigurations and attack paths. Customize...
SubCat is a powerful subdomain discovery tool that passively aggregates data from a variety of online sources to identify valid subdomains for websites. Designed with a modular and efficient architecture, SubCat is ideal for...
StackRox Kubernetes Security Platform The StackRox Kubernetes Security Platform performs a risk analysis of the container environment, delivers visibility and runtime alerts, and provides recommendations to proactively improve security by hardening the environment. StackRox...
RouterOS configuration analyzer to find security misconfigurations and vulnerabilities. Sara does not bypass authentication, exploit vulnerabilities, or alter RouterOS configurations. It works in read-only mode, requiring no administrative privileges. If you are unsure about the interpretation...
ulexecve This Python tool is called ulexecve and it stands for userland execve. It helps you execute arbitrary ELF binaries on Linux systems from userland without ever calling the execve() systemcall. In other words: you can execute...
PPL Exploit PoC (Proof of Concept) This repository contains a C++ Proof of Concept (PoC) demonstrating the exploitation of Windows Protected Process Light (PPL) using COM-to-.NET redirection and reflection techniques for code injection. The...
Gato (Github Attack TOolkit) Gato, or GitHub Attack Toolkit, is an enumeration and attack tool that allows both blue teamers and offensive security practitioners to evaluate the blast radius of a compromised personal access...
