Stars
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for m…
PassFiltEx. An Active Directory Password Filter.
dnSpyEx / dnSpy
Forked from dnSpy/dnSpyUnofficial revival of the well known .NET debugger and assembly editor, dnSpy
A very simple Internet Relay Chat (IRC) server
[Archived] open-source USB analyzer toolkit with support for a variety of capture hardware
The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Office 365 environment. Each step is intended to guide the pro…
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world.…
Lists of .NET Deobfuscator and Unpacker (Open Source)
evtxview is a GUI viewer for Microsoft Windows evtx files (Windows event logs). I'm hacking this tiny tool because I need such a tool in most forensic investigations.
Collection of command line tools to correlate windows event logs. This set of tools is aimed to be used at forensic investigations.
Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
IoTGoat is a deliberately insecure firmware based on OpenWrt.
NetRipper - Smart traffic sniffing for penetration testers
Malwoverview is a first response tool for threat hunting across VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, IPInfo, Shodan, …
domenukk / qiling
Forked from qilingframework/qilingQiling Advanced Binary Emulation framework
Decrypt HTTPS/TLS connections on the fly with Wireshark
Scripts for the Ghidra software reverse engineering suite.
Archive of Metasploit CTF challenges.
Hackish way to intercept and modify non-HTTP protocols through Burp & others.
A True Instrumentable Binary Emulation Framework
Wifi to 3x Serial bridge based on a ESP32