There are no reviews yet. Be the first to send feedback to the community and the maintainers!
drozer
The Leading Security Assessment Framework for Android.chainsaw
Rapidly Search and Hunt through Windows Forensic ArtefactsC3
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.needle
The iOS Security Testing Frameworkdoublepulsar-detection-script
A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.awspx
A graph-based tool for visualizing effective access and resource relationships in AWS environments.python-exe-unpacker
A helper script for unpacking and decompiling EXEs compiled from python code.leonidas
Automated Attack Simulation in the Cloud, complete with detection use cases.android-keystore-audit
physmem2profit
Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotelyJandroid
CallStackSpoofer
A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)bitlocker-spi-toolkit
Tools for decoding TPM SPI transaction and extracting the BitLocker key from them.captcha22
CAPTCHA22 is a toolset for building, and training, CAPTCHA cracking models using neural networks.doublepulsar-c2-traffic-decryptor
A python2 script for processing a PCAP file to decrypt C2 traffic sent to DOUBLEPULSAR implantsnake
snake - a malware storage zooJamf-Attack-Toolkit
Suite of tools to facilitate attacks against the Jamf macOS management platform.IAMSpy
damn-vulnerable-llm-agent
LinuxCatScale
Incident Response collection and processing scripts with automated reporting scriptsIceKube
peas
PEAS is a Python 2 library and command line application for running commands on an ActiveSync server e.g. Microsoft Exchange.ppid-spoofing
Scripts for performing and detecting parent PID spoofingdetectree
Data visualization for blue teamsGarbageMan
GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.drozer-agent
The Android Agent for the Mercury Security Assessment Framework.doublepulsar-usermode-injector
A utility to use the usermode shellcode from the DOUBLEPULSAR payload to reflectively load an arbitrary DLL into another process, for use in testing detection techniques or other security research.TickTock
ModuleStomping
https://blog.f-secure.com/hiding-malicious-code-with-module-stomping/dotnet-gargoyle
A spiritual .NET equivalent to the Gargoyle memory scanning evasion techniquecloud-wiki
A public cloud security knowledgebase - https://www.secwiki.cloud/AMSIDetection
AMSI detection PoCtau-engine
A document tagging libraryradare2-scripts
A collection of useful radare2 scripts!CVE-2021-25374_Samsung-Account-Access
This script can be used to gain access to a victim's Samsung Account if they have a specific version of Samsung Members installed on their Samsung Device, and if the victim's device is from the US or Korea region.ESFang
ESF modular ingestion tool for development and research.macOSTriageCollectionScript
A triage data collection script for macOSlazarus-sigma-rules
RemotePSpy
RemotePSpy provides live monitoring of remote PowerShell sessions, which is particularly useful for older (pre-5.0) versions of PowerShell which do not have comprehensive logging facilities built in.FLAIR
F-Secure Lightweight Acqusition for Incident Response (FLAIR)mongo-rs
A higher-level wrapper on top of the official bson & mongodb crates.llm-vulnerable-recruitment-app
An example vulnerable app that integrates an LLMvolatility-plugins
FixerUpper
A Burp extension to enable modification of FIX messages when relayed from MitM_Relaysnake-core
snake-core - the real snakedeject
Memory dump and Sample analysis toolmemory-carving-scripts
Scripts for extracting useful information from infected memory dumpsshadowhammer
Tools related to 'shadowhammer' attack, https://securelist.com/operation-shadowhammer/89992keywe-tooling
Tools that can be used to interact with the KeyWe Smart Lock device.datamate
usb-ninja-detection-poc
USB Ninja Detection PoCiocs
snake-scales
snake-scales - the default repository of snake scalesdreamer
Easier cloud infrastructure with Terraform and Ansiblesnake-skin
snake-skin - the web ui for snakeboops-boops-android-agent
snake-tail
snake-tail - the command line ui for snakeslide-decks
Love Open Source and this site? Check out how you can help us