Apk.Sh – Makes Reverse Engineering Android Apps Easier, Automating Some Repetitive Tasks Like Pulling, Decoding, Rebuilding And Patching An APK is a Bash script that makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK. Features basically uses apktool to disassemble, decode and rebuild resources and some bash to automate the frida gadget injection process. It also supports app bundles/split APKs.  Patching APKs toRead More

Decider – A Web Application That Assists Network Defenders, Analysts, And Researcher In The Process Of Mapping Adversary Behaviors To The MITRE ATT&CK Framework

What is it? The Short A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework. The Long Decider is a tool to help analysts map adversary behavior to the MITRE ATT&CK framework. Decider makes creating ATT&CK mappings easier to get right by walkingRead More

QRExfiltrate – Tool That Allows You To Convert Any Binary File Into A QRcode Movie. The Data Can Then Be Reassembled Visually Allowing Exfiltration Of Data In Air Gapped Systems

This tool is a command line utility that allows you to convert any binary file into a QRcode GIF. The data can then be reassembled visually allowing exfiltration of data in air gapped systems. It was designed as a proof of concept to demonstrate weaknesses in DLP software; that is, the assumption that data willRead More

Mimicry – Security Tool For Active Deception In Exploitation And Post-Exploitation

Mimicry is a security tool developed by Chaitin Technology for active deception in exploitation and post-exploitation. Active deception can live migrate the attacker to the honeypot without awareness. We can achieve a higher security level at a lower cost with Active deception. English | 中文文档 Demo ️ Quick Start 1. Make sure docker, docker-compose isRead More

APCLdr – Payload Loader With Evasion Features

Payload Loader With Evasion Features. Features: no crt functions imported indirect syscalls using HellHall api hashing using CRC32 hashing algorithm payload encryption using rc4 – payload is saved in .rsrc Payload injection using APC calls – alertable thread Payload execution using APC – alertable thread Execution delation using MsgWaitForMultipleObjects – edit this the total sizeRead More

PortexAnalyzerGUI – Graphical Interface For PortEx, A Portable Executable And Malware Analysis Library

Graphical interface for PortEx, a Portable Executable and Malware Analysis Library Download Releases page Features Header information from: MSDOS Header, Rich Header, COFF File Header, Optional Header, Section Table PE Structures: Import Section, Resource Section, Export Section, Debug Section Scanning for file format anomalies Visualize file structure, local entropies and byteplot, and save it asRead More

Invoke-PSObfuscation – An In-Depth Approach To Obfuscating The Individual Components Of A PowerShell Payload Whether You’Re On Windows Or Kali Linux

[*] Traditional obfuscation techniques tend to add layers to encapsulate standing code, such as base64 or compression. These payloads do continue to have a varied degree of success, but they have become trivial to extract the intended payload and some launchers get detected often, which essentially introduces chokepoints. The approach this tool introduces is aRead More

NimPlant – A Light-Weight First-Stage C2 Implant Written In Nim

By Cas van Cooten (@chvancooten), with special thanks to some awesome folks: Fabian Mosch (@S3cur3Th1sSh1t) for sharing dynamic invocation implementation in Nim and the Ekko sleep mask function snovvcrash (@snovvcrash) for adding the initial version of execute-assembly & self-deleting implant option Furkan Göksel (@frkngksl) for his work on NiCOFF and Guillaume Caillé (@OffenseTeacher) for theRead More

Special Offer for Hackers!Sign up to get your $5 Coupon code, weekly deals and latest hacking tools straight to your inbox!