Macrome – Excel Macro Document Reader/Writer For Red Teamers And Analysts

An Excel Macro Document Reader/Writer for Red Teamers & Analysts. Blog posts describing what this tool actually does can be found here and here. Installation / Building Clone or download this repository, the tool can then be executed using dotnet – for example: dotnet run — build –decoy-document Docsdecoy_document.xls –payload Docspopcalc.bin or deobfuscate –path obfuscated_document.xls”>Read More

ThreadStackSpoofer – PoC For An Advanced In-Memory Evasion Technique Allowing To Better Hide Injected Shellcode’S Memory Allocation From Scanners And Analysts

[*] A PoC implementation for an advanced in-memory evasion technique that spoofs Thread Call Stack. This technique allows to bypass thread-based memory examination rules and better hide shellcodes while in-process memory. Intro This is an example implementation for Thread Stack Spoofing technique aiming to evade Malware Analysts, AVs and EDRs looking for references to shellcode’sRead More

packetsifterTool – A Tool To Aid Analysts In Sifting Through A Packet Capture (Pcap) To Find Noteworthy Traffic

PacketSifter is a tool to perform batch processing of PCAP data to uncover potential IOCs.Simply initializePacketSifter with your desired integrations (VirusTotal, AbuseIPDB) and pass PacketSifter a pcap and the desired switches and PacketSifter will sift through the data and generate several output files. Note Please run AbuseIPDBInitial.sh and VTInitial.sh prior to using their corresponding switchesRead More

RdpCacheStitcher – RdpCacheStitcher Is A Tool That Supports Forensic Analysts In Reconstructing Useful Images Out Of RDP Cache Bitmaps

RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps. Using raw RDP cache tile bitmaps extracted by tools like e.g. ANSSI’s BMC-Tools (https://github.com/ANSSI-FR/bmc-tools) as input, it provides a graphical user interface and several placement heuristics for stitching tiles together so that meaningful images or even full screenshotsRead More

Geo-Recon – An OSINT CLI Tool Desgined To Fast Track IP Reputation And Geo-locaton Look Up For Security Analysts

[*] An OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts.SetupThis tool is compactible with: Any Linux Operating System (Debian, Ubuntu, CentOS) Termux Linux Setup git clone https://github.com/radioactivetobi/geo-recon.gitcd geo-reconchmod +x geo-recon.pypip install -r requirements.txt Termux Setup git clone https://github.com/radioactivetobi/geo-recon.gitcd geo-reconchmod +x geo-recon.pypip install -r requirements.txt Sample Syntax LinuxRead More

X