The pentester's Swiss knife

labs for Practical Malware Analysis

PMAT-labs: Labs for Practical Malware Analysis & Triage

PMAT-labs – The labs for Practical Malware Analysis & Triage This repository contains live malware samples for use in the Practical Malware Analysis & Triage course (PMAT). These samples are either written to emulate...

bincrypter: A Linux Binary Runtime Crypter

bincrypter – Pack/Encrypt/Obfuscate ELF + SHELL scripts A Linux Binary Runtime Crypter – in BASH! Features Obfuscates & encrypts any ELF binary or #!-script AV/EDR death: Morphing + different signature every time 100% in-memory. No temporary...

Cloud Privilege Escalation

cloudpeass: Cloud Privilege Escalation Awesome Script Suite

Cloud Privilege Escalation Awesome Script Suite The current goal of Cloud PEASS is simple: Once you manage to get some credentials to access Azure, GCP or AWS, use different techniques to get the permissions the principal has and highlight...

security assessments

secator: The pentester’s swiss knife

secator is a task and workflow runner used for security assessments. It supports dozens of well-known security tools and it is designed to improve productivity for pentesters and security researchers. Feature A curated list...

HTTP Parameter Discovery Suite

Arjun: HTTP parameter discovery suite

Arjun Arjun can find query parameters for URL endpoints. If you don’t get what that means, it’s okay, read along. Web applications use parameters (or queries) to accept user input, consider the following example...

Binary instrumentation framework

medusa: automates processes and techniques practised

medusa MEDUSA is an extensible and modularized framework that automates processes and techniques practiced during the dynamic analysis of Android and iOS Applications. Some of the framework’s features are the following: Tracing and instrumentation of API calls...

DLL Sideloading Scanner

DLL Sideloading Scanner: Catching Windows DLL Vulnerabilities

DLL Sideloading Scanner A lightweight PowerShell-based scanner designed to identify missing or unresolved DLLs, helping you detect potential DLL sideloading vulnerabilities on your Windows system. Features Dynamic Process Analysis ? Scans all running processes and...