AlphaGolang is a collection of IDAPython scripts to help malware reverse engineers master Go binaries. The idea is to break the scripts into concrete steps, thus avoiding brittle monolithic scripts, and mimicking the methodology...
Basic Tutorial Here you will find privilege escalation tools for Windows and Linux/Unix* and MacOS. These tools search for possible local privilege escalation paths that you could exploit and print them to you with...
Linux CatScale is a bash script that uses live of the land tools to collect extensive data from Linux based hosts. The data aims to help DFIR professionals triage and scope incidents. An Elk...
AutomatedLab (AL) enables you to setup test and lab environments on Hyper-v or Azure with multiple products or just a single VM in a very short time. There are only two requirements you need...
Overworking of the great script of Ingo Karstein with GUI support. The GUI output and input is activated with one switch, real windows executables are generated. With Powershell 5.x support and graphical front end....
A PowerShell script has disclosed details about different types of data that are stolen by the Pysa ransomware group. It has a list of 123 keywords. Some of the keywords are aimed at stealing...
Cybercriminals are using shell scripts in various sophisticated evasion techniques. Security analysts published a report describing six ways hackers use malicious Linux shell scripts to hide their attacks. They strongly recommend the use of...
One of the first reported attacks involving AutoHotkey was a credential stealer written in AutoHotkey found in March 2018. It disguised itself as an Antivirus app and spread via infected USB devices. click here...
Automatically detect control-flow flattening and other state machines Author: Tim Blazytko Description: Scripts and binaries to automatically detect control-flow flattening and other state machines in binaries. Implementation is based on Binary Ninja. Check out the...
A collection of python apps and shell scripts to email an xlsx spreadsheet of new vulnerabilities in the NIST CVE database and their associated products on a daily schedule. The spreadsheet can then be...
PyBeacon is a collection of scripts for dealing with Cobalt Strike’s encrypted traffic. It can encrypt/decrypt beacon metadata, as well as parse symmetric encrypted taskings Scripts included There is a small library which includes...
Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code Especially malware reversers will find this useful, as COM Code is still regularly found in malware. ClassAndInterfaceToNames.py This IDAPython script scans...
Cross-Site Scripting (XSS) is a single of the most perfectly acknowledged website software vulnerabilities. It even has a focused chapter in the OWASP Prime 10 venture and it is a highly chased vulnerability in...
A collection of evidence-of-strategy supply code and scripts for executing remote commands more than WinRM working with the WSMan.Automation COM object. History For background information, please refer to the pursuing site write-up: WS-Administration COM:...
“”” What is this register used for? Hmm.. I’ll just rename it to veryuniquename, do a textual search, and find all references! Ok.. Waiting for the search to end.. any minute now.. Done! Now...
Powerglot encodes several kind of scripts using polyglots, for example, offensive powershell scripts. It is not needed a loader to run the payload. In red-team exercises or offensive tasks, masking of payloads is usually...
