r2 is a rewrite from scratch of radare. It provies a set of libraries, tools and plugins to ease reverse engineering tasks. The radare project started as a simple command-line hexadecimal editor focused on forensics, over time more features were added to support a scriptable command-line low level tool to edit from local hardRead More
Have you ever wanted a simple, easy and stealth bypass for multiple classes of security products? pstf^2 (pronounced pstf-square) is an implementation of an HTTP server capable of passive browser fingerprinting – and it might just be the thing you are looking for. When attackers try to deliver a payload over the internet they needRead More
ARTIF is a new advanced real time threat intelligence framework built that adds another abstraction layer on the top of MISP to identify threats and malicious web traffic on the basis of IP reputation and historical data. It also performs automatic enrichment and threat scoring by collecting, processing and correlating observables based on different factors.Read More
Scour is a modern module based AWS exploitation framework written in golang, designed for red team testing and blue team analysis. Scour contains modern techniques that can be used to attack environments or build detections for defense. Features Command Completion Dynamic resource listing Command history Blue team mode (tags attacks with unique User Agent) InstallationRead More
A cross-platform, post-exploit, red teaming framework built with python3, docker, docker-compose, and a web browser UI. It’s designed to provide a collaborative and user friendly interface for operators, managers, and reporting throughout red teaming. Details Check out a series of YouTube videos showing how Mythic looks/works and highlighting a few key features Check out theRead More
A framework that aids in creation of self-spreading software Requirements go get -u github.com/redcode-labs/Coldfire go get -u github.com/yelinaung/go-haikunator New in v. 2.0 New wordlist mutators + common passwords by country Improvised passive scanning .FastScan option that makes active scans a bit quicker Wordlists are created strictly in-memory NeuraxScan() accepts a callback function instead of channelRead More
link is a command and control framework written in rust. Currently in beta. Introduction link provides MacOS, Linux and Windows implants which may lack the necessary evasive tradecraft provided by other more mature command and control frameworks. Tested on Linux only. Features Hopefully this list expands for humans to actually want to use this: HTTPSRead More
1 Introduction Metarget = meta- + target, a framework providing automatic constructions of vulnerable infrastructures, used to deploy simple or complicated vulnerable cloud native targets swiftly and automatically. 1.1 Why Metarget? During security researches, we might find that the deployment of vulnerable environment often takes much time, while the time spent on testing PoC orRead More
More Information If you want to learn more about the techniques utlized in this framework please take a look at this article. Description This framework generates code to exploit vulnerabilties in Microsoft Defender Advanced Threat Protection’s Attack Surface Reduction (ASR) rules to execute shellcode without being detected or prevented. ASR was designed to be theRead More
This repository is the reference implementation of The Update Framework (TUF). It is written in Python and intended to conform to version 1.0 of the TUF specification. This implementation is in use in production systems, but is also intended to be a readable guide and demonstration for those working on implementing TUF in their ownRead More
