몾 Artemis a partagé

All the radare2 manpages are now accessible from panels mode! There are some other work-in-progress improvements in the visual interface, improving documentation and making it easier to cope with the most common workflows is part of the roadmap which wouldn't be possible without all your feedback!

jollyexec by Dominic White 🦀

An execution proxy ― it presents a configurable web server that will execute commands, and return their output. But, it has some ideas about security. It could also be called an API wrapper for unix command execution.

github.com/singe/jollyexec

Scalpel

A Burp Suite extension that allows you to script Burp in order to intercept, rewrite HTTP traffic on the fly & program custom Burp editors in Python 3.

github.com/ambionics/scalpel/

PolarProxy

A transparent TLS and SSL inspection proxy created for incident responders, malware analysts & researchers. PolarProxy decrypts & re-encrypts TLS traffic, while also saving the decrypted traffic in a PCAP file that can be loaded into Wireshark or an Intrusion Detection System.

netresec.com/?page=PolarProxy

extrasafe

An easy-to-use wrapper around various Linux security tools. The goal of extrasafe is to make it easy to add extra security to your own programs

github.com/boustrophedon/extra

cpu_rec

A tool that recognizes cpu instructions in an arbitrary binary file. It can be used as a standalone tool, or as a plugin for binwalk

github.com/airbus-seclab/cpu_r

몾 Artemis a partagé

IceKube - github.com/WithSecureLabs/IceK - a tool to help find attack paths within a Kubernetes cluster from a low privileged point, to a preferred location, typically cluster-admin (requires elevated privileges within the target cluster to enumerate resources) #cloud #k8s

FuncoPop

FuncoPop includes functions & scripts that support attacking Microsoft Azure Funtion Apps, primarily through exploiting Storage Account Access.

github.com/NetSPI/FuncoPop

Journée épique - Epic journey

kernel fuzzing 👊​

yeaah~ power is nothing without control ✌️

msi-search

This tool simplifies the task for red team operators and security teams to identify which MSI files correspond to which software & enables them to download the relevant file to investigate local privilege escalation vulnerabilities through MSI repairs.

github.com/mandiant/msi-search

IDA kmdf

This # python plugin helps the reverser & offers some confort at the beginning of an analysis

github.com/thalium/ida_kmdf

gmsad

gmsad manages Active Directory group Managed Service Account on Linux

Given the keytab of an account which has the ability to retrieve the secret of a gMSA, gmsad creates a keytab for the service account and renew it when necessary. It can execute an arbitrary command just after renewing the keytab.

github.com/cea-sec/gmsad

OpenWEC

A free & open source (GPLv3) implementation of a Windows Event Collector server running on GNU/Linux & written in Rust.

github.com/cea-sec/openwec

Blink v1.0

Blink is a brand new unprivileged userspace virtual machine that can emulate x86-64-linux binaries on any POSIX platform.

github.com/jart/blink/releases

몾 Artemis a partagé

🛠 yara-ttd

Use YARA rules on Time Traveil Debugging traces. The idea behind yara-ttd is to use the trace files recorded by TTD with yara itself to defeat packers

github.com/airbus-cert/yara-tt

Plus anciens
nanao

Comme le soleil, les machines ne se couchent jamais.