Technically, AgentSmith-HIDS is not a Host-based Intrusion Detection System (HIDS) due to lack of rule engine and detection function. However,…
Memhunter is an endpoint sensor tool that is specialized in detecing resident malware, improving the threat hunter analysis process and…
Hershell is a tool for simple TCP reverse shell written in Go. It uses TLS to secure the communications, and…
Check-LocalAdminHash is a PowerShell tool that attempts to authenticate to multiple hosts over either WMI or SMB using a password…
SharpStat is a C# utility that uses WMI to run "cmd.exe /c netstat -n", save the output to a file,…
KsDumper is a dumping processes using the power of kernel space. It is a custom driver that would allow me…
YARASAFE is for automatic binary function similarity checks with Yara. SAFE is a tool developed to create Binary Functions Embedding…
To avoid password attacks, Authentication and access management may be evolving, but passwords are not going to disappear in the…
AlertResponder is an automatic security alert response framework by AWS Server less Application Model. It is a server less framework…
TAS is a tiny framework for easily manipulate the tty and create fake binaries. The framework has three main functions,…