Clik here to view.
ProcessHacker – multi-purpose tool that helps you monitor system resources,...
Changelog build v3.0.972: [2017-10-06] Enable KPH for Win10 insider previews (dmex) [2017-10-06] Move DbgHelp code into appsup, Improve mainwnd linking (dmex) [2017-10-06] Improve KPH error messsages...
View ArticleClik here to view.
dnsdiag – DNS Diagnostics and Performance Measurement Tools.
Ever been wondering if your ISP is hijacking your DNS traffic? Ever observed any misbehavior with your DNS responses? Ever been redirected to wrong address and suspected something is wrong with your...
View ArticleClik here to view.
aumfor – automatic memory forensics.
AUMFOR is Automated Memory Forensic is GUI based Tool for helping Forensic Investigator by performing all complex and tedious work automatically, it also analyzes and gives final accurate reports about...
View ArticleClik here to view.
IPBan – an security audit in Windows Event Viewer and bans ip addresses using...
IPBan Monitors failed security audit in Windows Event Viewer and bans ip addresses using netsh. Wide range of customization and unlimited ip address ban count. Features: – Unlimited number of ip...
View ArticleClik here to view.
chopshop – Protocols Analysis/Decoder Framework.
ChopShop is a MITRE developed framework to aid analysts in the creation and execution of pynids based decoders and detectors of APT tradecraft. Note that ChopShop is still in perpetual beta and is...
View ArticleClik here to view.
Sickle is a shellcode development tool.
Sickle is a shellcode development tool, created to speed up the various steps needed to create functioning shellcode. Sickle can aid in the following: – Identifying instructions resulting in bad...
View ArticleClik here to view.
Pip3line – raw byte manipulation and interception framework.
Pip3line is a raw bytes manipulation utility, able to apply well known and less well known transformations from anywhere to anywhere (almost). Its main usefulness lies in pentesting and...
View ArticleClik here to view.
DumsterFire – Security Incidents In A Box!
The DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and...
View ArticleClik here to view.
WindowsSpyBlocker – Block spying and tracking on Windows.
WindowsSpyBlocker is delivered in a single executable that embeds the data located in the data directory of the repository. It allows to apply the rules to the Windows firewall, to modify the NCSI and...
View ArticleClik here to view.
krackdetector – Detect and prevent KRACK attacks in your network.
KRACK Detector is a Python script to detect possible KRACK attacks (https://www.krackattacks.com/) against client devices on your network. The script is meant to be run on the Access Point rather than...
View ArticleClik here to view.
TROMMEL: Sift Through Directories of Files to Identify Indicators That May...
TROMMEL – sifts through directories of files to identify indicators that may contain vulnerabilities. TROMMEL identifies the following indicators related to: – Secure Shell (SSH) key files – Secure...
View ArticleClik here to view.
JENNOM – Java Enterprise Network Nodes Monitoring.
JENNOM – Java Enterprise Network Nodes Monitor, project is free, portable, cross-platform and 100%-pure java. At first Jennom use ICMP to check nodes, if it is unavailable, it tries to check with...
View ArticleClik here to view.
fake-sandbox ~ script will simulate fake processes of analysis sandbox/VM...
fake-sandbox is small script will simulate fake processes of analysis, sandbox and/or VM software that some malware will try to avoid. Script-Features: + Some (good) spyware will stop spying on you as...
View ArticleClik here to view.
Gargoyle – Protection for Linux.
This software (Gargoyle) was written on a Linux platform and is intended to run on Linux and no other platforms. It requires netfilter (kernel level), iptables (user space) and sqlite3. The Gargoyle...
View ArticleClik here to view.
Dex-Oracle ~ Dalvik deobfuscator which uses limited execution to improve...
How it Works Dex-Oracle? Oracle takes Android apps (APK), Dalvik executables (DEX), and Smali files as inputs. First, if the input is an APK or DEX, it is disassembled into Smali files. Then, the Smali...
View ArticleClik here to view.
Droidefense – Advance Android Malware Analysis Framework.
What Droidefense is? Droidefense (originally named atom: analysis through observation machine)* is the codename for android apps/malware analysis/reversing tool. It was built focused on security issues...
View ArticleClik here to view.
arp-validator ~ Security Tool to detect arp poisoning attacks.
arp-validator is an javascript Security Tool to detect arp poisoning attacks. Features: – Uses a faster approach in detection of arp poisoning attacks compared to passive approaches – Stores validated...
View ArticleClik here to view.
Natcap protocols to break through the firewall.
Short Abstract: Normal Connection Establishment: The “Three Way Handshake”! To establish a connection, each device must send a SYN and receive an ACK for it from the other device. Thus, conceptually,...
View ArticleClik here to view.
nShield – An Easy & Simple Anti-DDoS solution for VPS,Dedicated Servers and...
nShield is An Easy and Simple Anti-DDoS solution for VPS,Dedicated Servers and IoT devices based on iptables. Blocking from Xmass Scan, Smurf, ICMP Attack and Syn Floods Requirements – Linux System...
View ArticleClik here to view.
one_gadget ~ A tool for you easy to find the one gadget RCE in libc.so.6.
One-gadget is an useful gadget in glibc, which leads to call execve(‘/bin/sh’, NULL, NULL). It’s convenient to use it to get RCE (remote code execution) whenever we can only control ip (i.e. the...
View Article