RegLookup is a small command line utility for parsing and searching registry files from Windows NT and later.
c9123786bc1be1a714c59e2fabae693d434698ce4d3fc44847cb847bff26b686
This is an HTTP console to remote administer Windows hosts with a browser-based, AJAX-enabled, command-line interface. Server requires .NET 3.5. Written in C# and JavaScript.
7dec994beced4f331b24fde32be7a2e3088ff3ecf40ecae45cd2ec54a69a686b
RegLookup is a small command line utility for parsing and searching registry files from Windows NT and later.
b7ae9e5c13f949ef958da4cba741067516bbc4c2800e033ff0d6ad4506945406
Windows Credentials Editor (WCE) allows to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes and Kerberos tickets). This can be used, for example, to perform pass-the-hash on Windows, obtain NT/LM hashes from memory (from interactive logons, services, remote desktop connections, etc.) which can be used to perform further attacks, obtain Kerberos tickets and reuse them in other Windows or Unix systems.
099e55d14489dafd73cfdfa5499d3104b38a4256c3df9a93abae54beaa077d30
This windows binary is a lightweight tool for removing strings in the Windows registry.
930084f1b07b611ad257a6cfe7c757a97c1013ed722666b27d57b5aa114e5604
Windows Credentials Editor (WCE) allows you to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes). This can be used, for example, to perform pass-the-hash on Windows and also obtain NT/LM hashes from memory (credentials not stored locally including domain credentials from interactive logons, services, remote desktop connections, etc.) which can be used in further attacks.
d5947a1b05bc5936dec425b3b826c1e9cea6c3295335bf93a05f071088349b99
StreamArmor is a sophisticated tool for discovering hidden alternate data streams (ADS) that can also clean them completely from the system. StreamArmor comes with a fast multi-threaded ADS scanner which can recursively scan over the entire system and quickly uncover all hidden streams. All such discovered streams are represented using specific color patterns based on threat level which makes it easy for human eye to distinguish between suspicious and normal streams.
c4abda4dc0f936509d8cc7ca35674cf26dcd0c3faf8b62d020758ff3d43a2ff2
BinPack is a portable security environment for Windows. With 100+ security tools in the repository, you can easily convert any system into a hacking platform in minutes.
40998045d55d1a966a8b323f752174b62aae73bdd9c817bcd067012f3a054d63
Ostinato is an open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark. This is the windows binary release.
4cfa61d55987c4bf069662dc1c30e6c0faf532d55dedfc3af8bdfdadea41f160
Ostinato is an open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark. This is the Mac OS X release.
790089a6b37cb6940e2218fe426932092d202eb51608d26002a2219c50e57ae8
Ostinato is an open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark.
d257270879533212d7fec9f5260b4d3163e0822f8ffdde0fa3f96779fd12e1bb
MioStar is an offspring of the SkypeTrojan. Unlike the SkypeTrojan MioStar puts its focus on hooking functions that deal with sensitive data like account information or network traffic. Currently it extracts passwords from software such as Safari, Google Chrome, GoogleTalk, Microsoft Live Messenger, Microsoft Live Mail and more.
1babc614fb1173afaa45fc60efa685fa89cb828d2574d09f3eb85745fcbc1701
The WinAppDbg python module allows developers to quickly add Windows application debugging facilities to your Python scripts.
c1c19a0790716c5f9303bea91e75baf88dbc048fc0d61fd7767c8acec1f1468a
Ostinato is an open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark. This is the source code release.
1dc61c4eaecd4c6a551681aba65e673b9a81b4b9641e995851602110eed82607
Ostinato is an open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark. This is the windows binary release.
bd436eed319e11749300c699f484de570d3c1c39246a161e54f2302c431fcc28
This is a small tool that scans memory to detect and kill Metasploit's meterpreter.
a7dfd039754050a977ff7100a38b46030b8e3be34f1eff000e0c24fcd93bcb35
This is a small tool that scans memory to detect and kill Metasploit's meterpreter.
a1ce3de5edbc686b1357ef7bbc5200ca6b808f04917031dba8e86e17585f8ed0
ScoopyNG combines the detection tricks of Scoopy Doo and Jerry as well as some new techniques to determine if a current OS is running inside a VMware Virtual Machine (VM) or on a native system. ScoopyNG should work on all modern uni-, multi- and multi-core cpu's. ScoopyNG is able to detect VMware even if "anti-detection-mechanisms" are deployed.
2d85b2d9706260fbcc4f2d2841c4301c97e18a67ae40072ee2956cbf75b2f720
ReFrameworker is a general purpose Framework modifier, used to reconstruct framework Runtimes by creating modified versions from the original implementation that was provided by the framework vendor. ReFrameworker performs the required steps of runtime manipulation by tampering with the binaries containing the framework's classes, in order to produce modified binaries that can replace the original ones. This tarball includes both the binary and source code releases.
0150edfe2da9666ab255444c54509fb5f54575c6e51ee5e18f42df461e8bee05
StreamArmor is a sophisticated tool for discovering hidden alternate data streams (ADS) that can also clean them completely from the system. StreamArmor comes with a fast multi-threaded ADS scanner which can recursively scan over the entire system and quickly uncover all hidden streams. All such discovered streams are represented using specific color patterns based on threat level which makes it easy for human eye to distinguish between suspicious and normal streams.
b4edb0ddb4cf443c06ecdc7ade05e2b382760d2c669384164c61922999e15c22
RegLookup is a small command line utility for parsing and searching registry files from Windows NT and later.
2efcef5aae5418aac5d3ebe7af46e05349622d4e16ab73186e38b6c28762a94e
AdvancedWinServiceManager is a smart tool to remove hidden rootkit services. It makes it easy to eliminate such malicious services by separating out third party services from Windows services. By default it shows only third party services along with more details such as Company Name, Description, Install Date, File Path etc at one place which helps in quickly differentiating between legitimate and malicious services. It comes with rich features such as detecting hidden rootkit services, exporting the service list to html based log file, displaying only third party services etc.
dcce7bf4b916b166e1a6a4571c36f88fb61258c125eb3adfa0dc30770328021c
WebRaider is a proof of concept quality tool to get a reverse shell out of SQL injection (MS-SQL) by using One Click Ownage.
745e39d9782621659e4b684fd301e6cd6374a5d4ec94298eadb8e858bdd7080d
This is another dirty mitigation for another Internet Explorer zero-day vulnerability. This mitigation works by registering as a Browser Helper Object, then modifying MSHTML.DLL in memory to break createEventObject.
8c85083512e2220e17ed05326b82b0f41b1ad183aa7d0a19e8113810fac21dad
This registry code allows any terminal client access to a Terminal Server. It bypasses the Microsoft "Terminal Server License" and allows the client to create a session on the server without a CAL (Client Access License) or MS Open License. It works on WinNT, Win2000, Win2003 server and Win2008 server.
9cec54ca3bf48377115aba5d8a681eeb8b070d26a3b7949518b42ec39e09b6cb