This tool is meant to be used during Red Team Assessments and to audit the XDR Settings. With this tool its possible to parse the Database Lock Files of the Cortex XDR Agent by Palo Alto Networks and extract Agent Settings, the Hash and Salt of the Uninstall Password, as well as possible Exclusions. SupportedRead More
Debugging module for Malware Analysis Automation For a step by step post on how to use Lupo, with images and instructions, please see this post: https://medium.com/@vishal_thakur/lupo-malware-ioc-extractor-cc86ae76b85d Introduction Working on security incidents that involve malware, we come across situations on a regular basis where we feel the need to automate parts of the analysis process asRead More
HaE is used to highlight HTTP requests and extract information from HTTP response messages or request messages. Read Chinese simplified version (README_zh). Public Rules Website: https://gh0st.cn/HaE/ Introduction HaE is used to highlight HTTP requests and extract information from HTTP response messages or request messages. The plugin can custom regular expression to match HTTP response messages.Read More
