RCLocals is inspired by 'Autoruns' from Sysinternals, RCLocals analyzes all Linux startup possibilities to find backdoors, also performs process integrity…
Log4J-Detect is a script "log4j-detect.py" developed in Python 3 is responsible for detecting whether a list of URLs are vulnerable…
Rustpad is a multi-threaded successor to the classic padbuster, written in Rust. It abuses a Padding Oracle vulnerability to decrypt any cypher text or…
SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and,…
Msmailprobe is widely known that OWA (Outlook Web app) is vulnerable to time-based user enumeration attacks. This tool leverages all…
RPC Firewall is the underlying mechanism which is used for numerous lateral movement techniques, reconnaissances, relay attacks, or simply to exploit vulnerable RPC services. DCSync attack?…
Lsarelayx is system wide NTLM relay tool designed to relay incoming NTLM based authentication to the host it is running…
RiotPot is an interoperable medium interaction honeypot, primarily focused on the emulation IoT and OT protocols, although, it is also…
Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers…
PMAT-labs, this repository contains live malware samples for use in the Practical Malware Analysis & Triage course (PMAT). These samples…