RogueAssemblyHunter – Rogue Assembly Hunter Is A Utility For Discovering ‘Interesting’ .NET CLR Modules In Running Processes

[*] Rogue Assembly Hunter is a utility for discovering ‘interesting’ .NET CLR modules in running processes. Author: @bohops License: MIT Project: Background .NET is a very powerful and capable development platform and runtime framework for building and running .NET managed applications. Over the last several years, .NET has been adopted by Red Teams (andRead More

Ostorlab – A Security Scanning Platform That Enables Running Complex Security Scanning Tasks Involving Multiple Tools In An Easy, Scalable And Distributed Way

The Sales Pitch If this is the first time you are visiting the Ostorlab Github page, here is the sales pitch. Security testing requires often chaining tools together, taking the output from one, mangling it, filtering it and then pushing it to another tool. Several tools have tried to make the process less painful withRead More

FACT – A Tool To Collect, Process And Visualise Forensic Data From Clusters Of Machines Running In The Cloud Or On-Premise

FACT is a tool to collect, process and visualise forensic data from clusters of machines running in the cloud or on-premise. Deployment For a basic single-node deployment, we recommend using Docker and Docker Compose. First, read docker-compose.yaml for configuration and requirements. Then, start the stack using: docker-compose up -d See the installation guide for moreRead More

ThreatMapper – Identify Vulnerabilities In Running Containers, Images, Hosts And Repositories

The Deepfence Runtime Threat Mapper is a subset of the Deepfence cloud native workload protection platform, released as a community edition. This community edition empowers the users with following features: Visualization: Visualize kubernetes clusters, virtual machines, containers and images, running processes, and network connections in near real time. Runtime Vulnerability Management: Perform vulnerability scans onRead More

Wsb-Detect – Tool To Detect If You Are Running In Windows Sandbox ("WSB")

wsb-detect enables you to detect if you are running in Windows Sandbox (“WSB”). The sandbox is used by Windows Defender for dynamic analysis, and commonly manually by security analysts and alike. At the tail end of 2019, Microsoft introduced a new feature named Windows Sandbox (WSB for short). The techniques used to fingerprint WSB areRead More

OFFPORT_KILLER – This Tool Aims At Automating The Identification Of Potential Service Running Behind Ports Identified Manually Either Through Manual Scan Or Services Running Locally

#Manual Port Scanning #Enumerate Potential Service If you like the tool and for my personal motivation so as to develop other tools please a +1 star * INTRO This tool aims at automating the identification of potential service running behind ports identified manually or on services running locally only. The tool is useful: 1. whenRead More

AES Finder – Utility To Find AES Keys In Running Processes

Utility to find AES keys in running process memory. Works for 128, 192 and 256-bit keys. Usage Open aes-finder.sln solution in Visual Studio 2013 to compile source. Alternatively use gcc/clang: g++ -O3 -march=native -fomit-frame-pointer aes-finder.cpp -o aes-finder To search for keys in process with id = 123, execute following: aes-finder.exe -123 To search for keysRead More

DockerENT – The Only Open-Source Tool To Analyze Vulnerabilities And Configuration Issues With Running Docker Container(S) And Docker Networks

DockerENT is activE ruNtime application security scanning Tool (RAST tool) and framework which is pluggable and written in python. It comes with a CLI application and clean Web Interface written with StreamLit.DockerENT has been designed keeping in mind that during deployments there weak configurations which may get sticky in production deployments as well and canRead More