PurpleSharp – C# Adversary Simulation Tool That Executes Adversary Techniques With The Purpose Of Generating Attack Telemetry In Monitored Windows Environments

Defending enterprise networks against attackers continues to present a difficult challenge for blue teams. Prevention has fallen short; improving detection & response capabilities has proven to be a step in the right direction. However, without the telemetry produced by adversary behavior, building new and testing existing detection capabilities will be constrained.PurpleSharp is an open sourceRead More

uDork – Tool That Uses Advanced Google Search Techniques To Obtain Sensitive Information In Files Or Directories, Find IoT Devices, Detect Versions Of Web Applications, And So On

uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on.uDork does NOT make attacks against any server, it only uses predefined dorks and/or official lists from exploit-db.com (Google Hacking Database: https://www.exploit-db.com/google-hacking-database).New functionalRead More

Attacker-Group-Predictor – Tool To Predict Attacker Groups From The Techniques And Software Used

The tool predicts attacker groups from techniques and softwares used. It searches based on the MITRE ATT&CK framework How it works? 1- Collect data from https://attack.mitre.org/ about attacker groups 2- Get data from user about attack 3- Compare data and create result Installation git clone https://github.com/omergunal/Attacker-Group-Predictor.gitcd Attacker-Group-Predictor/pip3 install -r requirements.txt Usage python3 main.pyFill the inputsRead More

GhostShell – Malware Indetectable, With AV Bypass Techniques, Anti-Disassembly, And More

In this malware, are used some techniques to try bypass the AVs, VMs, and Sandboxes, with only porpuse to learning more. I’m not responsible for your actions.Bypass Techniques Anti-DebuggerTo try bypass the Debuggers, I’m using the “IsDebuggerPresent()” of “Windows.h” librarie to checks if a debugger is running. Anti-VM / Anti-Sandbox / Anti-AV Enumerate Process FunctionRead More

Memhunter – Live Hunting Of Code Injection Techniques

Memhunter is an endpoint sensor tool that is specialized in detecing resident malware, improving the threat hunter analysis process and remediation times. The tool detects and reports memory-resident malware living on endpoint processes. Memhunter detects known malicious memory injection techniques. The detection process is performed through live analysis and without needing memory dumps. The toolRead More

X