Zap-Scripts – Zed Attack Proxy Scripts For Finding CVEs And Secrets

Zed Attack Proxy Scripts for finding CVEs and Secrets. Building This project uses Gradle to build the ZAP add-on, simply run: ./gradlew build in the main directory of the project, the add-on will be placed in the directory build/zapAddOn/bin/. Usage The easiest way to use this repo in ZAP is to add the directory toRead More

IDACode – An Integration For IDA And VS Code Which Connects Both To Easily Execute And Debug IDAPython Scripts

IDACode makes it easy to execute and debug Python scripts in your IDA environment without leaving Visual Studio Code. The VS Code extension can be found on the marketplace. IDACode is still in a very early state and bugs are to be expected. Please open a new issue if you encounter any issues. Features Speed:Read More

AlphaGolang – IDApython Scripts For Analyzing Golang Binaries

AlphaGolang is a collection of IDAPython scripts to help malware reverse engineers master Go binaries. The idea is to break the scripts into concrete steps, thus avoiding brittle monolithic scripts, and mimicking the methodology an analyst might follow when tackling a Go binary. Scripts are released under GPL license (honoring Tim Strazzere’s original GolangLoaderAssist whichRead More

PEASS-ng – Privilege Escalation Awesome Scripts SUITE new generation

Basic Tutorial Here you will find privilege escalation tools for Windows and Linux/Unix* and MacOS. These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily. Check the Local Windows Privilege Escalation checklist from WinPEAS – WindowsRead More

LinuxCatScale – Incident Response Collection And Processing Scripts With Automated Reporting Scripts

Linux CatScale is a bash script that uses live of the land tools to collect extensive data from Linux based hosts. The data aims to help DFIR professionals triage and scope incidents. An Elk Stack instance also is configured to consume the output and assist the analysis process. Usage This scripts were built to automateRead More

AutomatedLab – A Provisioning Solution And Framework That Lets You Deploy Complex Labs On HyperV And Azure With Simple PowerShell Scripts

AutomatedLab (AL) enables you to setup test and lab environments on Hyper-v or Azure with multiple products or just a single VM in a very short time. There are only two requirements you need to make sure: You need the DVD ISO images and a Hyper-V host or an Azure subscription. Requirements Apart from theRead More

PS2EXE – Module To Compile Powershell Scripts To Executables

Overworking of the great script of Ingo Karstein with GUI support. The GUI output and input is activated with one switch, real windows executables are generated. With Powershell 5.x support and graphical front end. Module version. You find the script based version here ( and here: PS2EXE-GUI: “Convert” PowerShell Scripts to EXE Files with GUI.Read More

Git-Secret – Go Scripts For Finding An API Key / Some Keywords In Repository

Go scripts for finding an API key / some keywords in repository Update V1.0.1 Removing some checkers Adding example file contains github dorks How to Install go get How to Use ./Git-Secret For path contain dorks, you can fill it with some keywords, for example keyword.txt passwordusernamekeysaccess_keys Reference Download Git-Secret

Obfuscation_Detection – Collection Of Scripts To Pinpoint Obfuscated Code

Automatically detect control-flow flattening and other state machines Author: Tim Blazytko Description: Scripts and binaries to automatically detect control-flow flattening and other state machines in binaries. Implementation is based on Binary Ninja. Check out the following blog post for more information: Automated Detection of Control-flow Flattening Usage $ ./ samples/finspy Function 0x401602 has a flattening scoreRead More

cve_manager_VS – A Collection Of Python Apps And Shell Scripts To Email An Xlsx Spreadsheet Of New Vulnerabilities In The NIST CVE Database And Their Associated Products On A Daily Schedule

A collection of python apps and shell scripts to email an xlsx spreadsheet of new vulnerabilities in the NIST CVE database and their associated products on a daily schedule. The spreadsheet can then be manually interpreted for risk to your specific organization. Based off of an opensource product on github originally by Antonios Atlasis SyncsRead More