RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps. Using raw RDP cache tile bitmaps extracted by tools like e.g. ANSSI's BMC-Tools (https://github.com/ANSSI-FR/bmc-tools) as input, it ...
This project is a PoC code to use Pass-the-Hash for authentication on a local Named Pipe user Impersonation. There also is a blog post for explanation:https://s3cur3th1ssh1t.github.io/Named-Pipe-PTH/ It is heavily based on the code from the projects...
A tool for simplifying the process of researching file hashes, IP addresses, and other indicators of compromise (IOCs). Features Look up hashes across multiple threat intelligence services, from a single command or a few lines of Python. Curren...
FalconEye is a windows endpoint detection software for real-time process injections. It is a kernel-mode driver that aims to catch process injections as they are happening (real-time). Since FalconEye runs in kernel mode, it provides a stronger and r...
About Rustcat is a port listener that can be used for different purposes. It is basically like netcat but with fewer options Why use Rustcat? Serves it purpose of listening to ports Has command history It is easy to...
Joern's Documentation is available here: https://docs.joern.io/home Quick Installation wget https://github.com/ShiftLeftSecurity/joern/releases/latest/download/joern-install.shchmod +x ./joern-install.shsudo ./joern-install.shjoernCompiling (synthe...
This tool implements a userland exploit that was initially discussed by James Forshaw (a.k.a. @tiraniddo) - in this blog post - for dumping the memory of any PPL as an administrator. I wrote two blog posts about this tool. The first part is about Pr...
This is a GUI for Volatility forensics tool written in PyQT5Prerequisites: 1- Installed version of Volatility. 2- Install PyQT5. sudo apt-get install python3-pyqt5 3- Download Volatility GUI. Configuration From the downloaded Volatility GUI, ed...
aggrokatz is an Aggressor plugin extension for CobaltStrike which enables pypykatz to interface with the beacons remotely. The current version of aggrokatz allows pypykatz to parse LSASS dump files and Registry hive files to extract credentials an...
Gundog provides you with guided hunting in Microsoft 365 Defender. Especially (if not only) for Email and Endpoint Alerts at the moment.Functionality You provide an AlertID (you might received via Email notification) and gundog will then hunt for a...
Platinum Membership
€200.00
Silver Membership
€100.00
Gold Membership
€150.00
©2021 By Cyber Sec Labs