Rip Raw – Small Tool To Analyse The Memory Of Compromised Linux Systems

Rip Raw is a small tool to analyse the memory of compromised Linux systems. It is similar in purpose to Bulk Extractor, but particularly focused on extracting system Logs from memory dumps from Linux systems. This enables you to analyse systems without needing to generate a profile. This is not a replacement for tools suchRead More

Pantagrule – Large Hashcat Rulesets Generated From Real-World Compromised Passwords

gargantuan hashcat rulesets generated from compromised passwords Project maintenance warning: This project is deemed completed. No pull requests or changes will be made to this project in the future unless they are actual bugs or migrations to allow these rules to work with newer versions of hashcat. Pantagrule is a series of rules for theRead More

Columbo – A Computer Forensic Analysis Tool Used To Simplify And Identify Specific Patterns In Compromised Datasets

Columbo is a computer forensic analysis tool used to simplify and identify specific patterns in compromised datasets. It breaks down data to small sections and uses pattern recognition and machine learning models to identify adversaries behaviour and their possible locations in compromised Windows platforms in a form of suggestions. Currently Columbo operates on Windows platform.Read More

Godehashed – Tool That Uses The Dehashed.Com API To Search For Compromised Assets

A golang tool that uses the API to search for compromised assets. Results can then be compiled into a CSV for further analysis. Dehashed API You must supply the tool an api key. See apikey_template.txt for example. Installation To install the tool in CLI run the following command. Your $GOPATH must already be set.Read More

Pwned – Simple CLI Script To Check If You Have A Password That Has Been Compromised In A Data Breach

Pwned is a simple command-line python script to check if you have a password that has been compromised in a data breach. This script uses haveibeenpwned API to check whether your passwords were leaked during one of the many breaches of online services.This API uses k-Anonymity model that allows a password to be searched forRead More

Mssqlproxy – A Toolkit Aimed To Perform Lateral Movement In Restricted Environments Through A Compromised Microsoft SQL Server Via Socket Reuse

mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse. The client requires impacket and sysadmin privileges on the SQL server. Please read this article carefully before continuing.It consists of three parts: CLR assembly: Compile assembly.cs Core DLL: Compile reciclador.sln Client: (based onRead More