– An AD Explorer Snapshot Parser. It Is Made As An Ingestor For BloodHound, And Also Supports Full-Object Dumping To NDJSON is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON. AD Explorer allows you to connect to a DC and browse LDAP data. It can also create snapshots of the server you are currently attached to. This tool allows you to convert thoseRead More

GONET-Scanner – Golang Network Scanner With Arp Discovery And Own Parser

ScreenShots Install chmod +x [as root] Usage ARP Discovery -ar CIDR -s: Scan ports in all hosts discovered -ap: Scan to 65535 Ports -pr MINPORT MAXPORT: Define Port Range to Scan -1000: Scan Top 1000 ports (like nmap) -t: Set Timeout (in milliseconds) [EXAMPLES] go run scannerport.go -ap <IP>: Allports TCP Scan go runRead More

NTFSTool – Forensics Tool For NTFS (Parser, MTF, Bitlocker, Deleted Files)

NTFSTool is a forensic tool focused on NTFS volumes. It supports reading partition info (mbr, partition table, vbr) but also information on bitlocker encrypted volume, EFS encrypted files and more. See below for some examples of the features! Features Forensics NTFSTool displays the complete structure of master boot record, volume boot record, partition table andRead More

CobaltStrikeParser – Python parser for CobaltStrike Beacon’s configuration

Python parser for CobaltStrike Beacon’s configuration Description Use for stageless beacons, memory dumps or C2 urls with metasploit compatibility mode (default true). Many stageless beacons are PEs where the beacon code itself is stored in the .data section and xored with 4-byte key. The script tries to find the xor key and data heuristically,Read More

Libinjection – SQL / SQLI Tokenizer Parser Analyzer

SQL / SQLI tokenizer parser analyzer. For C and C++ PHP Python Lua Java (external port) [LuaJIT/FFI] ( (external port) See for details and presentations. Simple example: fingerprint of ‘%s’n”, state.fingerprint); } return issqli; } “> #include <stdio.h>#include <strings.h>#include <errno.h>#include “libinjection.h”#include “libinjection_sqli.h”int main(int argc, const char* argv[]){ struct libinjection_sqli_state state; int issqli; const char*Read More

Go_Parser – Yet Another Golang Binary Parser For IDAPro

Yet Another Golang Binary Parser For IDAPro  NOTE: This master branch is written in Python2 for IDAPython, and tested only on IDA7.2/IDA7.0. If you use IDAPython with Python3 and higher version of IDAPro, please use Python3 Branch for go_parser. Inspired by golang_loader_assist and jeb-golang-analyzer, I wrote a more complete Go binaries parsing tool forRead More