Suzaku is a threat hunting and fast forensics timeline generator for cloud logs. (Imagine Hayabusa but for cloud logs instead of Windows event logs.) It is currently under active development with basic native sigma detection support for AWS...
The post Suzaku: A sigma-based threat hunting and fast forensics timeline generator for cloud logs appeared first on Penetration Testing Tools.
MORF – Mobile Reconnaissance Framework Mobile Reconnaissance Framework is a powerful, lightweight, and platform-independent offensive mobile security tool designed to help hackers and developers identify and address sensitive information within mobile applications. It is...
The post MORF: Mobile Reconnaissance Framework appeared first on Penetration Testing Tools.
WinDiff WinDiff is an open-source web-based tool that allows browsing and comparing symbol and type information of Microsoft Windows binaries across different versions of the operating system. The binary database is automatically updated to...
The post WinDiff: allows browsing and comparing symbol and type information of Microsoft Windows binaries appeared first on Penetration Testing Tools.
Obfuscation Detection Obfuscation Detection is a Binary Ninja plugin to detect obfuscated code and interesting code constructs (e.g., state machines) in binaries. Given a binary, the plugin eases analysis by identifying code locations which might...
The post Obfuscation Detection: Detect obfuscated code and interesting code constructs appeared first on Penetration Testing Tools.
PSGumshoe PSGumshoe is a Windows PowerShell module for the collection of OS and domain artifacts for the purposes of performing live response, hunt, and forensics. The module focuses on being as forensically sound as...
The post PSGumshoe: Windows PowerShell module for the collection of OS and domain artifacts appeared first on Penetration Testing Tools.
openedr We at OpenEDR believe in creating a cybersecurity platform with its source code openly available to the public, where products and services can be provisioned and managed together. EDR is our starting point....
The post openedr: full blown endpoint detection and response capability appeared first on Penetration Testing Tools.
QuadraInspect The security of mobile devices has become a critical concern due to the increasing amount of sensitive data being stored on them. With the rise of Android OS as the most popular mobile...
The post QuadraInspect: powerful tool for analyzing the security of Android applications appeared first on Penetration Testing Tools.
b3acon is a mail based C2 that uses an in-memory, dynamically compiled C# IMAP client via PowerShell. It communicates entirely through standard email protocols, fetching commands from email drafts and sending execution results to the...
The post b3acon: In-Memory C# IMAP C2 over Email appeared first on Penetration Testing Tools.
GAP This is an evolution of the original getAllParams extension for Burp. Not only does it find more potential parameters for you to investigate, but it also finds potential links to try these parameters...
The post GAP-Burp-Extension: find more potential parameters and potential links appeared first on Penetration Testing Tools.
HAWK What Hawk is and isn’t Hawk provides a Limited analysis of the gathered data. This is by design! Hawk is here to help get all of the data in a single place it...
The post hawk: gathering information related to O365 intrusions and potential Breaches appeared first on Penetration Testing Tools.
Hobbits Hobbits is a software platform for analyzing, processing and visualizing bits. The Hobbits GUI is the central tool of the platform and will be the primary focus of this document. The Hobbits Runner...
The post hobbits: multi-platform GUI for bit-based analysis, processing, and visualization appeared first on Penetration Testing Tools.
Nemesis Nemesis is an offensive data enrichment pipeline and operator support system. Built on Kubernetes with scale in mind, our goal with Nemesis was to create a centralized data processing platform that ingests data...
The post Nemesis: An offensive data enrichment pipeline appeared first on Penetration Testing Tools.
Shellz A script for generating common reverse shells fast and easy. Especially nice when in need of PowerShell and Python reverse shells, which can be a PITA getting correctly formatted. PowerShell revshells Shows username@computer.(domain),...
The post shells: Script for generating reverse shells appeared first on Penetration Testing Tools.
ADMiner ADMiner is an Active Directory audit tool that leverages cypher queries to crunch data from the BloodHound graph database (neo4j) and gives you a global overview of existing weaknesses through a web-based static report, including...
The post AD_Miner: Active Directory audit tool appeared first on Penetration Testing Tools.
Threagile Agile Threat Modeling Toolkit Threagile is an open-source toolkit for agile threat modeling: It allows to model architecture with its assets in an agile fashion as a YAML file directly inside the IDE. Upon...
The post threagile: Agile Threat Modeling Toolkit appeared first on Penetration Testing Tools.
B(l)utter Flutter Mobile Application Reverse Engineering Tool by Compiling Dart AOT Runtime Currently, the application supports only Android libapp.so. Also, the application currently works only against recent Dart versions. Install This application uses the...
The post blutter: Flutter Mobile Application Reverse Engineering Tool appeared first on Penetration Testing Tools.
Supernova Supernova is an open-source tool that empowers users to securely encrypt and/or obfuscate their raw shellcode.Supernova supports various features beyond those typically found in a common shellcode encryptor tool. Features Supernova offers automatic...
The post Supernova: shellcode encryption tool appeared first on Penetration Testing Tools.
Kerbeus-BOF Beacon Object Files for Kerberos abuse. This is an implementation of some important features of the Rubeus project, written in C. The project features integration with the C2 frameworks Cobalt Strike and Havoc. Download git clone https://github.com/RalfHacker/Kerbeus-BOF.git Use...
The post Kerbeus-BOF: Beacon Object Files for Kerberos abuse appeared first on Penetration Testing Tools.
V’ger V’ger is an interactive command-line application for post-exploitation of authenticated Jupyter instances with a focus on AI/ML security operations. User Stories As a Red Teamer, you’ve found Jupyter credentials, but don’t know what you...
The post V’ger: AI/ML Security in Your Arsenal appeared first on Penetration Testing Tools.
blackpill A Linux kernel rootkit in Rust using a custom made type-2 hypervisor, eBPF XDP and TC programs Features The rootkit is composed of multiple modules (talking about Rust modules, not kernel modules): defense...
The post blackpill: A stealthy Linux rootkit made in Rust appeared first on Penetration Testing Tools.
