Dismember – Scan Memory For Secrets And More
Dismember is a command-line toolkit for Linux that can be used to scan the memory of all processes (or particular...
Dismember is a command-line toolkit for Linux that can be used to scan the memory of all processes (or particular...
Download Unblob If you like the site, please consider joining the telegram channel or supporting us on Patreon using the...
Source Code Management Attack Toolkit - SCMKit is a toolkit that can be used to attack SCM systems. SCMKit allows...
autoSSRF is your best ally for identifying SSRF vulnerabilities at scale. Different from other ssrf automation tools, this one comes...
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts. See the TeamFiltration wiki page for...
 This can be achieved in the following steps: Create a new dataset (.csv) for upload in the following format...
Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking. With a valid access...
Combination of Once you have run setup.sh, the next steps are: Configure SMS message template. You will use Text only...
Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR Collect-MemoryDump.ps1 is Fig 3: Automated Creation of Windows Memory Snapshot...
Motivation During the forensic analysis of a Windows machine, you may find the name of a deleted prefetch file. While...
Appshark is a static taint analysis platform to scan vulnerabilities in an Android app. Prerequisites Appshark requires a specific version...
Vulnerable Client-Server Application Vulnerable client-server application (VuCSA) is made for learning/presenting how to perform penetration tests of non-http thick clients....
jscythe abuses the node.js inspector mechanism in order to force any node.js/electron/v8 based process to execute arbitrary javascript code, even...
Deliberately Download & Run There's no need to clone the repository. Linux & Mac curl -o cicd-goat/docker-compose.yaml --create-dirs https://raw.githubusercontent.com/cider-security-research/cicd-goat/main/docker-compose.yamlcd cicd-goat...
Want to use SSH for reverse shells? Now you can. Manage and connect to reverse shells with native SSH syntax...
Ermir is an Evil/Rogue RMI Registry, it public String list(): list() asks the registry for all the bound objects names,...
Threatest is a Go framework for testing threat detection end-to-end. Threatest allows you to detonate an attack technique, and verify...
Sandman is a backdoor that is meant to work on hardened networks during red team engagements. Sandman works as a...
What EDR with artifact collection driven by detection. The detection engine is built on top of a previous project NB:...
Script that wraps around multitude of packers, protectors, obfuscators, shellcode loaders, encoders, generators to produce complex protected Red Team implants....
Authored By Tyl0us Featured at Source Zero Con 2022 Mangle is a tool that manipulates aspects of compiled executables (.exe...
bomber is an application that scans SBOMs for security vulnerabilities. Overview So you've asked a vendor for an Software Bill...
ShoMon is a Shodan alert feeder for TheHive written in GoLang. With version 2.0, it is more powerful than ever!...
usbsas is a free and open source (GPLv3) tool and framework for securely reading untrusted USB mass storage devices. Description...