SilentMoonwalk – PoC Implementation Of A Fully Dynamic Call Stack Spoofer
PoC Implementation of a fully dynamic call stack spoofer TL;DR SilentMoonwalk is a PoC implementation of a fully dynamic call...
Security
WindowSpy – A Cobalt Strike Beacon Object File Meant For Targetted User Surveillance
WindowSpy is a Cobalt Strike Beacon Object File meant for targetted user surveillance. The goal of this project was to...
Seekr – A Multi-Purpose OSINT Toolkit With A Neat Web-Interface
A multi-purpose toolkit for gathering and managing OSINT-Data with a neat web-interface. Introduction Seekr is a multi-purpose toolkit for gathering...
Grepmarx – A Source Code Static Analysis Platform For AppSec Enthusiasts
Grepmarx is a web application providing a single platform to quickly understand, analyze and identify vulnerabilities in possibly large and...
Shoggoth – Asmjit Based Polymorphic Encryptor
Shoggoth is an open-source project based on C++ and asmjit library used to encrypt given shellcode, PE, and COFF files...
RedditC2 – Abusing Reddit API To Host The C2 Traffic, Since Most Of The Blue-Team Members Use Reddit, It Might Be A Great Way To Make The Traffic Look Legit
Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a...
QRExfiltrate – Tool That Allows You To Convert Any Binary File Into A QRcode Movie. The Data Can Then Be Reassembled Visually Allowing Exfiltration Of Data In Air Gapped Systems
This tool is a command line utility that allows you to convert any binary file into a QRcode GIF. The...
Noseyparker – A Command-Line Program That Finds Secrets And Sensitive Information In Textual Data And Git History
Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data. It is useful both for...
Apk.Sh – Makes Reverse Engineering Android Apps Easier, Automating Some Repetitive Tasks Like Pulling, Decoding, Rebuilding And Patching An APK
apk.sh is a Bash script that makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding...
ThunderCloud – Cloud Exploit Framework
Cloud Exploit Framework Usage python3 tc.py -h _______ _ _ _____ _ _ |__ __| | | | / ____|...
CMLoot – Find Interesting Files Stored On (System Center) Configuration Manager (SCCM/CM) SMB Shares
CMLoot was created to easily find interesting files stored on System Center Configuration Manager (SCCM/CM) SMB shares. The shares are...
Fingerprintx – Standalone Utility For Service Discovery On Open Ports!
fingerprintx is a utility similar to httpx that also supports fingerprinting services like as RDP, SSH, MySQL, PostgreSQL, Kafka, etc....
Waf-Bypass – Check Your WAF Before An Attacker Does
WAF bypass Tool is an open source tool to analyze the security of any WAF for False Positives and False...
MSI Dump – A Tool That Analyzes Malicious MSI Installation Packages, Extracts Files, Streams, Binary Data And Incorporates YARA Scanner
MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner....
Decider – A Web Application That Assists Network Defenders, Analysts, And Researcher In The Process Of Mapping Adversary Behaviors To The MITRE ATT&CK Framework
What is it? The Short A web application that assists network defenders, analysts, and researchers in the process of mapping...
Malware Analysis – djvu – 8c17dca7ea605fc37a624331ac72e65e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: 8c17dca7ea605fc37a624331ac72e65eSHA1: 71ca72354c3d42866992a9b6620067cf898909eeANALYSIS DATE: 2023-04-01T15:01:35ZTTPS: T1053, T1005, T1081, T1012,...
Malware Analysis – evasion – e0db5819c325375bfde35df5b1463e51
Score: 6 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: e0db5819c325375bfde35df5b1463e51SHA1: 265663bb1ce19366ea1695f40d9e028ddde14528ANALYSIS DATE: 2023-04-01T15:36:05ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – redline – 4265a75ed0df6c5675761d1e1d2a5e26
Score: 10 MALWARE FAMILY: redlineTAGS:family:redline, discovery, infostealer, persistence, ransomware, spyware, stealer, upxMD5: 4265a75ed0df6c5675761d1e1d2a5e26SHA1: 345bab81cfe571f9505c52ca001dc015c66b09bdANALYSIS DATE: 2023-04-01T15:29:17ZTTPS: T1060, T1005, T1081, T1112,...
Malware Analysis – – b63528fb75da0e9e5ea042dd8608610a
Score: 1 MALWARE FAMILY: TAGS:MD5: b63528fb75da0e9e5ea042dd8608610aSHA1: 86357bf32d32aaab48d28d331a0798aa377ba258ANALYSIS DATE: 2023-04-01T15:49:47ZTTPS: T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – evasion – fd31bb7ea1ad81b4570011952008d009
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: fd31bb7ea1ad81b4570011952008d009SHA1: 2ab1014b079df5c4507d69d41b92fbc574156811ANALYSIS DATE: 2023-04-01T15:53:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – djvu – c84ad96950dc9a5ccab4ad204c46e359
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: c84ad96950dc9a5ccab4ad204c46e359SHA1: d4672aad001462d79ec1719faa87593a26383926ANALYSIS DATE: 2023-04-01T16:08:42ZTTPS: T1053, T1005, T1081, T1012,...
Malware Analysis – djvu – cf9172551150d9e54626a48bc4d7a196
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: cf9172551150d9e54626a48bc4d7a196SHA1: 21f10d5aa693242d354a49a4b55f99ccbc9c3c82ANALYSIS DATE: 2023-04-01T16:02:19ZTTPS: T1060, T1112, T1082, T1053,...
Malware Analysis – smokeloader – 98c02acb0401448098dc6c09911c7053
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 98c02acb0401448098dc6c09911c7053SHA1: 5611794292c3214d0ffb0491c23377e866ccbd46ANALYSIS DATE: 2023-04-01T16:10:41ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – f1a4fadf22886ea65120de4d9a227d78
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: f1a4fadf22886ea65120de4d9a227d78SHA1: f6fa9b1c2010638a4a939774d2b0090d03e08d8eANALYSIS DATE: 2023-04-01T16:40:50ZTTPS: T1012, T1082, T1005, T1081,...
