AlphaGolang – IDApython Scripts For Analyzing Golang Binaries

AlphaGolang is a collection of IDAPython scripts to help malware reverse engineers master Go binaries. The idea is to break the scripts into concrete steps, thus avoiding brittle monolithic scripts, and mimicking the methodology an analyst might follow when tackling a Go binary. Scripts are released under GPL license (honoring Tim Strazzere’s original GolangLoaderAssist whichRead More

PEASS-ng – Privilege Escalation Awesome Scripts SUITE new generation

Basic Tutorial Here you will find privilege escalation tools for Windows and Linux/Unix* and MacOS. These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily. Check the Local Windows Privilege Escalation checklist from book.hacktricks.xyz WinPEAS – WindowsRead More

LinuxCatScale – Incident Response Collection And Processing Scripts With Automated Reporting Scripts

Linux CatScale is a bash script that uses live of the land tools to collect extensive data from Linux based hosts. The data aims to help DFIR professionals triage and scope incidents. An Elk Stack instance also is configured to consume the output and assist the analysis process. Usage This scripts were built to automateRead More

AutomatedLab – A Provisioning Solution And Framework That Lets You Deploy Complex Labs On HyperV And Azure With Simple PowerShell Scripts

AutomatedLab (AL) enables you to setup test and lab environments on Hyper-v or Azure with multiple products or just a single VM in a very short time. There are only two requirements you need to make sure: You need the DVD ISO images and a Hyper-V host or an Azure subscription. Requirements Apart from theRead More

PS2EXE – Module To Compile Powershell Scripts To Executables

Overworking of the great script of Ingo Karstein with GUI support. The GUI output and input is activated with one switch, real windows executables are generated. With Powershell 5.x support and graphical front end. Module version. You find the script based version here (https://github.com/MScholtes/TechNet-Gallery) and here: PS2EXE-GUI: “Convert” PowerShell Scripts to EXE Files with GUI.Read More

Git-Secret – Go Scripts For Finding An API Key / Some Keywords In Repository

Go scripts for finding an API key / some keywords in repository Update V1.0.1 Removing some checkers Adding example file contains github dorks How to Install go get github.com/daffainfo/Git-Secret How to Use ./Git-Secret For path contain dorks, you can fill it with some keywords, for example keyword.txt passwordusernamekeysaccess_keys Reference https://github.com/odomojuli/RegExAPI Download Git-Secret

Obfuscation_Detection – Collection Of Scripts To Pinpoint Obfuscated Code

Automatically detect control-flow flattening and other state machines Author: Tim Blazytko Description: Scripts and binaries to automatically detect control-flow flattening and other state machines in binaries. Implementation is based on Binary Ninja. Check out the following blog post for more information: Automated Detection of Control-flow Flattening Usage $ ./detect_flattening.py samples/finspy Function 0x401602 has a flattening scoreRead More

cve_manager_VS – A Collection Of Python Apps And Shell Scripts To Email An Xlsx Spreadsheet Of New Vulnerabilities In The NIST CVE Database And Their Associated Products On A Daily Schedule

A collection of python apps and shell scripts to email an xlsx spreadsheet of new vulnerabilities in the NIST CVE database and their associated products on a daily schedule. The spreadsheet can then be manually interpreted for risk to your specific organization. Based off of an opensource product on github originally by Antonios Atlasis SyncsRead More

PyBeacon – A Collection Of Scripts For Dealing With Cobalt Strike Beacons In Python

PyBeacon is a collection of scripts for dealing with Cobalt Strike’s encrypted traffic. It can encrypt/decrypt beacon metadata, as well as parse symmetric encrypted taskings Scripts included There is a small library which includes encryption/decoding methods, however some example scripts are included. stager-decode.py – this tool will simply decode a beacon DLL from a stagerRead More

COM-Code-Helper – Two IDAPython Scripts Help You To Reconstruct Microsoft COM (Component Object Model) Code

Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code Especially malware reversers will find this useful, as COM Code is still regularly found in malware. ClassAndInterfaceToNames.py This IDAPython script scans an idb file for class and interfaces UUIDs and creates the matching structure and its name. Make sure to copy interfaces.txtRead More

X