Unblob is an accurate, fast, and easy-to-use extraction suite. It parses unknown binary blobs for more than 30 different archive,…
AutoSSRF is your best ally for identifying SSRF vulnerabilities at scale. Different from other ssrf automation tools, this one comes…
Combination of evilginx2 and GoPhish. Prerequisites You should have a fundamental understanding of how to use GoPhish, evilginx2, and Apache2.…
Collect-MemoryDump is automated Creation of Windows Memory Snapshots for DFIR. Collect-MemoryDump.ps1 is PowerShell script utilized to collect a Memory Snapshot…
Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking. With a valid access…
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts. See the TeamFiltration wiki page for…
During the forensic analysis of a Windows machine, you may find the name of a deleted prefetch(Prefetch-Hash-Cracker) file. While its…
Appshark is a static taint analysis platform to scan vulnerabilities in an Android app. Prerequisites Appshark requires a specific version…
Vulnerable client-server application (VuCSA) is made for learning/presenting how to perform penetration tests of non-http thick clients. It is written…
Jscythe abuses the node.js inspector mechanism in order to force any node.js/electron/v8 based process to execute arbitrary javascript code, even…