Browsing tag
Aura is a static analysis framework developed as a response to the ever-increasing threat of malicious packages and vulnerable code published on PyPI. Project goals: provide an automated monitoring system over uploaded packages to PyPI, alert on anomalies that can either indicate an ongoing attack or vulnerabilities in the code enable an organization to […]
Semi-Automated Cyber Threat Intelligence (ACT) is a research project led by mnemonic as with contributions from the University of Oslo, NTNU, Norwegian Security Authority (NSM), KraftCERT and Nordic Financial CERT. The main objective of the ACT project is to develop a platform for cyber threat intelligence to uncover cyber attacks, cyber espionage and sabotage. […]
DECAF++, the new version of DECAF, taint analysis is around 2X faster making it the fastest, to the best of our knowledge, whole-system dynamic taint analysis framework. This results in a much better usability imposing only 4% overhead (SPEC CPU2006) when no suspicious (tainted) input exists. Even under heavy taint analysis workloads, DECAF++ has […]
A powerful framework for network traffic analysis and security monitoring.Key Features — Documentation — Getting Started — Development — License Follow us on Twitter at @zeekurity. Key Features In-depth Analysis Zeek ships with analyzers for many protocols, enabling high-level semantic analysis at the application layer. Adaptable and Flexible Zeek’s domain-specific scripting language enables site-specific […]
tarnish is a static-analysis tool to aid researchers in security reviews of Chrome extensions. It automates much of the regular grunt work and helps you quickly identify potential security vulnerabilities. This tool accompanies the research blog post which can be found here. If you don’t want to go through the trouble of setting this […]
B2R2 is a collection of useful algorithms, functions, and tools for binary analysis, written purely in F# (in .NET lingo, it is purely managed code). B2R2 has been named after R2-D2, a famous fictional robot appeared in the Star Wars. In fact, B2R2’s original name was B2-R2, but we decided to use the name […]
FAT is a toolkit built in order to help security researchers analyze and identify vulnerabilities in IoT and embedded device firmware. This is built in order to use for the “Offensive IoT Exploitation” training conducted by Attify. Note: As of now, it is simply a script to automate Firmadyne which is a tool used […]
SysAnalyzer is an open-source application that was designed to give malcode analysts an automated tool to quickly collect, compare, and report on the actions a binary took while running on the system.A full installer for the application is available and can be downloaded here. The application supports windows 2000 – windows 10. Including x64 […]
BOtB is a container analysis and exploitation tool designed to be used by pentesters and engineers while also being CI/CD friendly with common CI/CD technologies. What does it do? BOtB is a CLI tool which allows you to: Exploit common container vulnerabilities Perform common container post exploitation actions Provide capability when certain tools or […]
A tool for security researchers, who waste their time analyzing malicious Office macros. Generates a VBA call graph, with potential malicious keywords highlighted. Allows for quick analysis of malicous macros, and easy understanding of the execution flow. @MalwareCantFly Features Keyword highlighting VBA Properties support External function declarion support Tricky macros with “_Change” execution triggers Fancy […]
frida-wshook is an analysis and instrumentation tool which uses frida.re to hook common functions often used by malicious script files which are run using WScript/CScript. The tool intercepts Windows API functions and doesn’t implement function stubs or proxies within the targeted scripting language. This allows it to support analyzing a few different script types such […]
Slither is a Solidity static analysis framework written in Python 3. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. Slither enables developers to find vulnerabilities, enhance their code comphrehension, and quickly prototype custom analyses. Features Detects vulnerable Solidity code with low […]
A project written in Python to twitter tracking and analysis without using Twitter API. Prerequisites This project is a Python 3.x application. The package dependencies are in the file requirements.txt. Run that command to install the dependencies. pip3 install -r requirements.txt Database SQLite is used as the database. Tweet data are stored on the Tweet, […]
ANDRAX The first and unique Penetration Testing platform for Android smartphones What is ANDRAX ANDRAX is a penetration testing platform developed specifically for Android smartphones, ANDRAX has the ability to run natively on Android so it behaves like a common Linux distribution, But more powerful than a common distribution! Why is Android so powerful? Simple, […]
A framework based on the Fiddler web debugger to study Exploit Kits, malvertising and malicious traffic in general. Installation Download and install the latest version of Fiddlerhttps://www.telerik.com/fiddler Special instructions for Linux and Mac here:https://www.telerik.com/blogs/fiddler-for-linux-beta-is-herehttps://www.telerik.com/blogs/introducing-fiddler-for-os-x-beta-1 Enable C# scripting (Windows only) Launch Fiddler, and go to Tools -> Options In the Scripting tab, change the default (JScript.NET) […]
swap_digger is a bash script used to automate Linux swap analysis for post-exploitation or forensics purpose. It automates swap extraction and searches for Linux user credentials, Web form credentials, Web form emails, HTTP basic authentication, WiFi SSID and keys, etc. Download and run the tool On your machine Use the following commands to download and […]
The Guasap Forensic implemented in Python under the GNU General Public License, for the extraction and analysis of files, data bases and logs for forensic WhatsApp. What it does? Check root in device Extract DB and multimedia files (no root) Extract and analyze (deleted messages and others) DB and logs (only root) How to use? […]
The most complete open-source tool for Twitter intelligence analysis Introduction tinfoleak is an open-source tool within the OSINT (Open Source Intelligence) and SOCMINT (Social Media Intelligence) disciplines, that automates the extraction of information on Twitter and facilitates subsequent analysis for the generation of intelligence. Taking a user identifier, geographic coordinates or keywords, tinfoleak analyzes the Twitter timeline to extract great volumes of […]
Full security solution for Linux Servers. SCUTUM is to be added into DefenseMatrix Project After consideration, SCUTUM, as a nice firewall controller, is to be added into DefenseMatrix. It will soon replace the iptables controller and arptables controller in DefenseMatrix. Expect lots of improvements. What is DefenseMatrix? DefenseMatrix helps individuals and organizations who use Linux […]
OSINT tool, CLI Tool For Open Source And Threat Intelligence Install You can simply pip install the tool: pip3 install git+http://[email protected]/Te-k/harpoon –process-dependency-links Optionally if you want to use the screenshot plugin, you need phantomjs and npm installed: npm install -g phantomjs To configure harpoon, run harpoon config and fill in the needed API keys. Then run […]
The Automated Collection and Enrichment (ACE) platform is a suite of tools for threat hunters to collect data from many endpoints in a network and automatically enrich the data. The data is collected by running scripts on each computer without installing any software on the target. ACE supports collecting from Windows, macOS, and Linux hosts. […]