PolarProxy

A transparent TLS and SSL inspection proxy created for incident responders, malware analysts & researchers. PolarProxy decrypts & re-encrypts TLS traffic, while also saving the decrypted traffic in a PCAP file that can be loaded into Wireshark or an Intrusion Detection System.

netresec.com/?page=PolarProxy

extrasafe

An easy-to-use wrapper around various Linux security tools. The goal of extrasafe is to make it easy to add extra security to your own programs

github.com/boustrophedon/extra

cpu_rec

A tool that recognizes cpu instructions in an arbitrary binary file. It can be used as a standalone tool, or as a plugin for binwalk

github.com/airbus-seclab/cpu_r

몾 Artemis a partagé

IceKube - github.com/WithSecureLabs/IceK - a tool to help find attack paths within a Kubernetes cluster from a low privileged point, to a preferred location, typically cluster-admin (requires elevated privileges within the target cluster to enumerate resources) #cloud #k8s

FuncoPop

FuncoPop includes functions & scripts that support attacking Microsoft Azure Funtion Apps, primarily through exploiting Storage Account Access.

github.com/NetSPI/FuncoPop

Journée épique - Epic journey

kernel fuzzing 👊​

yeaah~ power is nothing without control ✌️

msi-search

This tool simplifies the task for red team operators and security teams to identify which MSI files correspond to which software & enables them to download the relevant file to investigate local privilege escalation vulnerabilities through MSI repairs.

github.com/mandiant/msi-search

IDA kmdf

This # python plugin helps the reverser & offers some confort at the beginning of an analysis

github.com/thalium/ida_kmdf

gmsad

gmsad manages Active Directory group Managed Service Account on Linux

Given the keytab of an account which has the ability to retrieve the secret of a gMSA, gmsad creates a keytab for the service account and renew it when necessary. It can execute an arbitrary command just after renewing the keytab.

github.com/cea-sec/gmsad

OpenWEC

A free & open source (GPLv3) implementation of a Windows Event Collector server running on GNU/Linux & written in Rust.

github.com/cea-sec/openwec

gmsad

gmsad manages Active Directory group Managed Service Account (gMSA) on Linux

github.com/cea-sec/gmsad

Blink v1.0

Blink is a brand new unprivileged userspace virtual machine that can emulate x86-64-linux binaries on any POSIX platform.

github.com/jart/blink/releases

몾 Artemis a partagé

🛠 yara-ttd

Use YARA rules on Time Traveil Debugging traces. The idea behind yara-ttd is to use the trace files recorded by TTD with yara itself to defeat packers

github.com/airbus-cert/yara-tt

Plus anciens
nanao

Comme le soleil, les machines ne se couchent jamais.