Tag: cybersecurity tools
-
Binary to Behavior: Decode Threats with the Unified “Malware-Check” Analysis Engine
malware-check Static and dynamic analysis tool for detecting malicious code, suspicious binaries, and privacy violations. Analyzes source code, compiled executables (.exe, .dll, .elf), macOS bundles (.app, .dmg, .pkg), mobile apps (.apk, .ipa), and application packages with YARA rules, Docker behavioral sandboxing, MobSF mobile analysis, payload deobfuscation, and multi-format reporting (JSON, HTML, SARIF). Features Static Analysis…
-
Beyond the Spreadsheet of Doom: Master Your Incident Response with KANVAS
KANVAS is an IR (incident response) case management tool with an intuitive desktop interface, built using Python. It provides a unified workspace for investigators working with SOD (Spreadsheet of Doom) or similar spreadsheets, enabling key workflows to be completed without switching between multiple applications. Key Features Case Management Built on the SOD (Spreadsheet of Doom): All…
-
Supply Chain Shield: How DepConfuse Proactively Stops Dependency Confusion Attacks
DepConfuse is a command-line tool that proactively detects dependency confusion vulnerabilities. It scans SBOMs or PURLs to identify internal package names that could be subject to public package takeover, providing actionable insights to secure your software supply chain. Features SBOM-First Approach: Built on CycloneDX SBOMs, DepConfuse detects dependency confusion risks across ecosystems, offering broader and more precise…
-
Beyond the Signature: Unveiling ThreatShield’s AI-Driven Malware Analysis Platform
ThreatShield is a robust and extensible malware analysis platform designed for security professionals, malware researchers, and system administrators. It combines static and dynamic analysis techniques with machine learning to detect, analyze, and report malicious behavior across a wide range of file formats. ThreatShield aims to simplify threat detection workflows while providing deep and explainable insights into suspicious files. Whether you are analyzing…
-
X-Ray for Your BIOS: Carnegie Mellon’s New Open-Source Tool Pulls Back the Curtain on UEFI
Deciphering BIOS and UEFI updates is an endeavor typically conducted in obscurity. These files comprise a labyrinthine confluence of firmware, drivers, containers, images, and executable modules, yet few instruments exist that provide a coherent architectural perspective of their contents. Addressing this deficit, the CERT team from Carnegie Mellon SEI has introduced the CERT UEFI Parser,…
-
Digital Archeology: GotMeta Unearths Hidden Data from Target Domains
GotMeta A Python tool for discovering, downloading, and extracting metadata from publicly available files on target domains. Useful for OSINT. Features File Finder – Find publicly available files on target domains Metadata Extraction – Extract all metadata using exiftool Multi-threaded Downloads – Fast concurrent file downloads (default 5 threads) Proxy Support – Route through Burp Suite or other proxies…
-
Kali Linux 2025.4 Final Release: GNOME is Now Wayland Exclusive, New Pentesting Tools Added
Kali Linux 2025.4 has been released—the final update of the year for the distribution relied upon by cybersecurity professionals and ethical hackers for penetration testing, security audits, and network research. As with every release, the developers have introduced new tools—three this time: bpf-linker, a lightweight static linker for BPF; evil-winrm-py, a Python utility for remote…
-
agneyastra: Firebase Misconfiguration Detection Toolkit
Firebase, a versatile platform by Google, powers countless web and mobile applications with its extensive suite of services including real-time databases, authentication, cloud storage, and hosting. Its ubiquity and ease of use make it a popular choice among developers, but also a prime target for misconfigurations that can lead to significant security vulnerabilities. Agneyastra, a…