JS-Tap JS-Tap is a generic JavaScript payload and supporting software to help red teamers attack webapps. The JS-Tap payload can be used as an XSS payload or as a post-exploitation implant. The payload does...
IPED Digital Forensic Tool IPED is open-source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners....
XnlReveal This is a Chrome Extension that can do the following: Show an alert for any query parameters that are reflected. Show the Wayback Archive endpoints for the path visited Show any hidden elements on the...
MultiDump MultiDump is a post-exploitation tool written in C for dumping and extracting LSASS memory discreetly, without triggering Defender alerts, with a handler written in Python. MultiDump supports LSASS dump via ProcDump.exe or comsvc.dll, it offers...
DFIR-O365RC The DFIR-O365RC PowerShell module is a set of functions that allow the DFIR analyst to collect logs relevant for Office 365 Business Email Compromise investigations. The logs are generated in JSON format and...
Suzaku is a threat hunting and fast forensics timeline generator for cloud logs. (Imagine Hayabusa but for cloud logs instead of Windows event logs.) It is currently under active development with basic native sigma detection support for AWS...
MORF – Mobile Reconnaissance Framework Mobile Reconnaissance Framework is a powerful, lightweight, and platform-independent offensive mobile security tool designed to help hackers and developers identify and address sensitive information within mobile applications. It is...
WinDiff WinDiff is an open-source web-based tool that allows browsing and comparing symbol and type information of Microsoft Windows binaries across different versions of the operating system. The binary database is automatically updated to...
Obfuscation Detection Obfuscation Detection is a Binary Ninja plugin to detect obfuscated code and interesting code constructs (e.g., state machines) in binaries. Given a binary, the plugin eases analysis by identifying code locations which might...
PSGumshoe PSGumshoe is a Windows PowerShell module for the collection of OS and domain artifacts for the purposes of performing live response, hunt, and forensics. The module focuses on being as forensically sound as...
openedr We at OpenEDR believe in creating a cybersecurity platform with its source code openly available to the public, where products and services can be provisioned and managed together. EDR is our starting point....
QuadraInspect The security of mobile devices has become a critical concern due to the increasing amount of sensitive data being stored on them. With the rise of Android OS as the most popular mobile...
