Clik here to view.
RegParser (rp) is a python wrapper script for python-registry framework.
RegParser (rp) is a python wrapper script for python-registry framework (@williballenthin [FireEye]). This command-line utility is designed to slightly extend and facilitate framework’s capabilities....
View ArticleClik here to view.
ph0neutria malware crawler.
ph0neutria is a malware zoo builder that sources samples straight from the wild. Everything is stored in Viper for ease of access and manageability. This project was inspired by Ragpicker...
View ArticleClik here to view.
masc – A Web Malware Scanner.
masc is A malware (web) scanner developed during CyperCamp. Features: + Scan any website for malware using OWASP WebMalwareScanner checksum, YARA rules databases and ClamAV engine (if available) +...
View ArticleClik here to view.
Euphony is a unifier of malware labels for android.
Euphony is a Harmonious Unification of Cacophonous Anti-Virus Vendor Labels for Android Malware. From a list of VirusTotal reports, Euphony can parse malware labels and produce a single family per...
View ArticleClik here to view.
firecall – Automate SSH communications with firewall, switches, etc.
firecall scripts are designed to automate sending commands to a Cisco ASA firewall. The intended purpose here is to eliminate the need to manually log in to a firewall to make changes. This code can be...
View ArticleClik here to view.
BinSkim Binary Analyzer.
BinSkim is a checker that examines Portable Executable (PE) files and their associated Program Database File Formats (PDB) to identify various security problems. These include: * Use of Outdated...
View ArticleClik here to view.
strace is a diagnostic, debugging and instructional userspace utility for Linux.
strace is a diagnostic, debugging and instructional userspace utility for Linux. It is used to monitor and tamper with interactions between processes and the Linux kernel, which include system calls,...
View ArticleClik here to view.
robust-atd : Advanced Threat Defense API malware submissions.
robust-atd is an *UnOfficial/Unsupported* Command line tools for managing McAfee ATD – Advanced Threat Defense API malware submissions. “Robust” is a set of tools to leverage the HTTPS REST API of the...
View ArticleClik here to view.
hcxdumptool – Small tool to capture packets from wlan devices.
hcxdumptool is a Small tool to capture packets from wlan devices. Tools Description: + hcxdumptool: Raw socket version of wlandump-ng + pioff: Turns Raspberry Pi off via GPIO switch Requirements +...
View ArticleClik here to view.
alias – modular tool for finding backdoor for Sat.
modular tool for finding backdoor for Sat (ALIAS) – a customizable scalable tool that can employ incremental state-of-the-art SAT solvers and black-box optimization heuristics to search for backdoors...
View ArticleClik here to view.
DCSYNCMonitor – Monitors for DCSYNC and DCSHADOW attacks and create custom...
DCSYNCMonitor tool is an application/service that can be deployed on Domain controllers to alert on Domain Controller Syncronization attempts. When an attempt is detected, the tool will write an event...
View ArticleClik here to view.
idsEventGenerator – Intrusion Detection Systems Event Generator.
idsEventGenerator tools for Reads rules written in a Snort like syntax (as of Snort 2.9.11) from a rule file, puts parsed rule content in a struct and (optionally) prints the rule. It than (optionally)...
View ArticleClik here to view.
remediation – Tools and utilities for remediation and incident-response...
remediation is a Tools and utilities for remediation and incident-response handling. JewelRunner is intended to quickly analyze tcp/ip traffic for a target host and create host-based firewall rules in...
View ArticleClik here to view.
Pulse-monitor : A client + server tool to to log and rectify communications...
The Heartbeat computer (server or client–doesn’t matter) delivers messages to a file on the Monitor computer via SSH. The Monitor checks the file and executes remedial action if conditions are met....
View ArticleClik here to view.
NTR is a useful tool to help network engineer diagnose networking problem.
NTR is a useful tool to help network engineer diagnose network problem. NTR can find out all the routers between source host and destination host via ICMP protocol, and NTR can resolve each router’s...
View ArticleClik here to view.
pidense is a tool for Monitoring illegal wireless network activities.
pidense is a tool for Monitoring illegal wireless network activities. + Similar SSID broadcasts + Detects SSID bruteforce + Detects beacon flood + Monitor deauthentication attack + Same SSID broadcasts...
View ArticleClik here to view.
Many-Eyes is a data collector that can be used for threat-hunting and data...
Many-Eyes is a data collector that can be used for threat hunting and data collection, multi-threaded program to scrape data from multiple OSINT sources. This is cross platform however has zero...
View ArticleClik here to view.
pspy – Monitoring linux processes without root permissions.
pspy is a command line tool designed to snoop on processes without needing root permissions. It allows you to see commands run by other users, cron jobs, etc. as they execute. Great for enumeration of...
View ArticleClik here to view.
ldsi – LogDissect Security Intelligence.
LDSI is a SIEM (Security Information and Event Management system) written in Python Django. It features a web frontend, and handles log management and forensics, risk management, and asset management....
View ArticleClik here to view.
ExifTool – Read and write metadata information in files.
ExifTool is a platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files. including the maker note information of...
View Article