EDRSandblast-GodFault Integrates GodFault into EDR Sandblast, achieving the same result without the use of any vulnerable drivers. EDRSandBlast is a tool written in C that weaponizes a vulnerable signed driver to bypass EDR detections (Notify Routine callbacks, Object...
Flutter Spy Flutter Spy is a Bash-based command-line tool designed to provide insightful code analysis and data extraction capabilities from built Flutter apps with reverse engineering. It empowers developers, bug hunters, and security enthusiasts...
HTMLSmuggler HTMLSmuggler – JS payload generator for IDS bypass and payload delivery via HTML smuggling. The primary objective of HTML smuggling is to bypass network security controls, such as firewalls and intrusion detection systems,...
OSINT Toolkit OSINT Toolkit is a full-stack web application designed to assist security analysts in their work. It combines various functions and services into a single tool, making it easier for analysts to identify...
PySQLRecon PySQLRecon is a Python port of the awesome SQLRecon project by @sanjivkawa. See the commands section for a list of capabilities. Commands All of the main modules from SQLRecon have equivalent commands. Commands noted with [PRIV] require elevated...
Introducing the ROP ROCKET This new, advanced ROP framework made its debut at DEF CON 31 with some unprecedented capabilities. ROCKET generates several types of chains, and it provides new patterns or techniques. Please...
Damn Vulnerable RESTaurant An intentionally vulnerable API service designed for learning and training purposes dedicated to developers, ethical hackers, and security engineers. The idea of the project is to provide an environment that can...
go-secdump Package go-secdump is a tool built to remotely extract hashes from the SAM registry hive as well as LSA secrets and cached hashes from the SECURITY hive without any remote agent and without...
iMonitor iMonitor (Endpoint Behavior Analysis System – Then Open Source Procmon) is an endpoint behavior monitoring and analysis software based on iMonitorSDK. Provides monitoring of system behaviors such as processes, files, registry, and networks. Support...
Krueger Krueger is a Proof of Concept (PoC) .NET post-exploitation tool for remotely killing Endpoint Detection and Response (EDR) as apart of lateral movement procedures. Krueger accomplishes this task by utilizing Windows Defender Application...
ShellSweep “ShellSweep” is a PowerShell/Python/Lua tool designed to detect potential webshell files in a specified directory. ShellSheep and its suite of tools calculate the entropy of file contents to estimate the likelihood of a...
What is PurpleLab? This solution will allow you to easily deploy an entire lab to create/test your detection rules, simulate logs, play tests, download and run malware and mitre attack techniques, restore the sandbox,...
ShodanX ShodanX ⚡ is a versatile information gathering tool that harnesses the power of Shodan’s extensive database. it offers multiple modes and flexible queries to extract valuable insights for security assessments, reconnaissance, and threat...
AuthLogParser AuthLogParser is a powerful Digital Forensics and Incident Response tool designed specifically for analyzing Linux authentication logs, commonly known as auth.log. This tool serves as an invaluable asset for Incident Responders, streamlining the...
SecuSphere Welcome to SecuSphere, your one-stop solution for all DevSecOps needs. Our centralized platform is expertly designed to manage and optimize your vulnerability management, CI/CD pipeline integration, security assessments, and DevSecOps practices. SecuSphere is...
VolWeb VolWeb is a digital forensic memory analysis platform that leverages the power of the Volatility 3 framework. It is dedicated to aiding in investigations and incident responses. Objective The goal of VolWeb...
