Really mini operating system (extracted from xen-unstable, and much stuff removed)
Support
Quality
Security
License
Reuse
ADAPT is a tool that performs automated Penetration Testing for WebApps.
Support
Quality
Security
License
Reuse
VolDiff: Malware Memory Footprint Analysis based on Volatility
Support
Quality
Security
License
Reuse
VolDiff: Malware Memory Footprint Analysis based on Volatility
Support
Quality
Security
License
Reuse
linux elf injector for x86 x86_64 arm arm64
Support
Quality
Security
License
Reuse
Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services, the registry and running drivers for the presence of known defensive products such as AV's, EDR's and logging tools.
Support
Quality
Security
License
Reuse
A deliberately-vulnerable website and exercises for teaching about the OWASP Top 10
Support
Quality
Security
License
Reuse
Catalyst is an open source SOAR and ticket system that helps to automate alert handling and incident response processes
Support
Quality
Security
License
Reuse
AbuseIO is a toolkit to receive, process, correlate and notify about abuse reports received by network operators, typically hosting and access providers.
Support
Quality
Security
License
Reuse
A C# DLL injection library
Support
Quality
Security
License
Reuse
An environment for runtime hooking/code patching within Super Smash Bros Ultimate
Support
Quality
Security
License
Reuse
Easy To Use Hyper-Visor Injector for Easy Anti Cheat, Battleye | supports amd + intel | Undetected + Active updates
Support
Quality
Security
License
Reuse
An NTFS/FAT parser for digital forensics & incident response
Support
Quality
Security
License
Reuse
Ares-compatible C&C Red Alert 2: Yuri's Revenge engine extension
Support
Quality
Security
License
Reuse
SAFE and Easy To Use Hyper-Visor Injector for Easy Anti Cheat, Battleye | that supports amd + intel | Undetected + Active updates
Support
Quality
Security
License
Reuse
TAXII server implementation in Python from EclecticIQ
Support
Quality
Security
License
Reuse
DLL Generator for side loading attack
Support
Quality
Security
License
Reuse
Windows IME-based DLL injection. Able to inject a DLL without OpenProcess or a process handle being necessary..
Support
Quality
Security
License
Reuse
.NET assembly loader with patchless AMSI and ETW bypass
Support
Quality
Security
License
Reuse
An Individual Bandwidth Monitor For DD-WRT
Support
Quality
Security
License
Reuse
The Volatility Collaborative GUI
Support
Quality
Security
License
Reuse
Incident Response collection and processing scripts with automated reporting scripts
Support
Quality
Security
License
Reuse
OWASP CSRFGuard 3.1.0
Support
Quality
Security
License
Reuse
OWASP Foundation Web Respository
Support
Quality
Security
License
Reuse
A General Purpose DLL & Code Injection Utility
Support
Quality
Security
License
Reuse
ARMORY Adversarial Robustness Evaluation Test Bed
Support
Quality
Security
License
Reuse
Reflective PE loader for DLL injection
Support
Quality
Security
License
Reuse
This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole har drive.
Support
Quality
Security
License
Reuse
O
Office-365-Extractorby JoeyRentenaar
PowerShell 
147 Version:Current
License: No License (No License)
License: No License (No License)The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
Support
Quality
Security
License
Reuse
linux rootkit
Support
Quality
Security
License
Reuse
DLL that hooks the NtQuerySystemInformation API and hides a process name
Support
Quality
Security
License
Reuse
Malware static analysis framework
Support
Quality
Security
License
Reuse
MIP – macOS Injection Platform
Support
Quality
Security
License
Reuse
Open Source Network Forensic Analysis Tool (NFAT)
Support
Quality
Security
License
Reuse
Blueteam operational triage registry hunting/forensic tool.
Support
Quality
Security
License
Reuse
Golang helpers for data sizes (kilobytes, petabytes), human readable sizes, parsing
Support
Quality
Security
License
Reuse
EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
Support
Quality
Security
License
Reuse
An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.
Support
Quality
Security
License
Reuse
A cybersecurity game in Azure Data Explorer
Support
Quality
Security
License
Reuse
A heap analyzer for MRI that isn't very good.
Support
Quality
Security
License
Reuse
A C# implementation of RDPThief to steal credentials from RDP.
Support
Quality
Security
License
Reuse
DNCI - Dot Net Code Injector
Support
Quality
Security
License
Reuse
Evasive Process Hollowing Techniques
Support
Quality
Security
License
Reuse
Fake DLL Source Code Generator
Support
Quality
Security
License
Reuse
1-Click push forensics evidence to the cloud
Support
Quality
Security
License
Reuse
The CryptoCurrency Security Standard
Support
Quality
Security
License
Reuse
Forensic Analysis for Mobile Apps (FAMA) -- module for the Autopsy Forensic Browser
Support
Quality
Security
License
Reuse
A modern Python-3-based alternative to RegRipper
Support
Quality
Security
License
Reuse
Inject your x64 bit executable to any process, masking it as a legitimate process for Anti-Virus evasion.
Support
Quality
Security
License
Reuse
pcqf (PC Quick Forensics) helps quickly gathering forensic evidence from Windows, Mac, and Linux systems, in order to identify potential traces of compromise.
Support
Quality
Security
License
Reuse
x
xen-miniosby avsm
Really mini operating system (extracted from xen-unstable, and much stuff removed)
C 181Updated: 4 y ago License: Proprietary (Proprietary)
181Updated: 4 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
a
adaptby secdec
ADAPT is a tool that performs automated Penetration Testing for WebApps.
Python 180Updated: 4 y ago License: Permissive (Apache-2.0)
180Updated: 4 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
V
VolDiffby H2Cyber
VolDiff: Malware Memory Footprint Analysis based on Volatility
Python 178Updated: 4 y ago License: Permissive (BSD-2-Clause)
178Updated: 4 y ago License: Permissive (BSD-2-Clause)Support
Quality
Security
License
Reuse
V
VolDiffby aim4r
VolDiff: Malware Memory Footprint Analysis based on Volatility
Python 177Updated: 4 y ago License: Permissive (BSD-2-Clause)
177Updated: 4 y ago License: Permissive (BSD-2-Clause)Support
Quality
Security
License
Reuse
m
mandibuleby ixty
linux elf injector for x86 x86_64 arm arm64
C 176Updated: 4 y ago License: No License (No License)
176Updated: 4 y ago License: No License (No License)Support
Quality
Security
License
Reuse
I
Invoke-EDRCheckerby PwnDexter
Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services, the registry and running drivers for the presence of known defensive products such as AV's, EDR's and logging tools.
PowerShell 174Updated: 2 y ago License: Permissive (BSD-3-Clause)
174Updated: 2 y ago License: Permissive (BSD-3-Clause)Support
Quality
Security
License
Reuse
l
lets-be-bad-guysby mpirnat
A deliberately-vulnerable website and exercises for teaching about the OWASP Top 10
HTML 173Updated: 4 y ago License: Proprietary (Proprietary)
173Updated: 4 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
c
catalystby SecurityBrewery
Catalyst is an open source SOAR and ticket system that helps to automate alert handling and incident response processes
Go 172Updated: 2 y ago License: Strong Copyleft (AGPL-3.0)
172Updated: 2 y ago License: Strong Copyleft (AGPL-3.0)Support
Quality
Security
License
Reuse
A
AbuseIOby AbuseIO
AbuseIO is a toolkit to receive, process, correlate and notify about abuse reports received by network operators, typically hosting and access providers.
PHP 170Updated: 4 y ago License: No License (No License)
170Updated: 4 y ago License: No License (No License)Support
Quality
Security
License
Reuse
M
ManagedInjectorby enkomio
A C# DLL injection library
C# 169Updated: 2 y ago License: Proprietary (Proprietary)
169Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
s
skylineby skyline-dev
An environment for runtime hooking/code patching within Super Smash Bros Ultimate
C++ 167Updated: 2 y ago License: Permissive (MIT)
167Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
H
HyperVisor-Injectorby IAmTapped
Easy To Use Hyper-Visor Injector for Easy Anti Cheat, Battleye | supports amd + intel | Undetected + Active updates
C 167Updated: 2 y ago License: No License (No License)
167Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
d
dfir_ntfsby msuhanov
An NTFS/FAT parser for digital forensics & incident response
Python 166Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
166Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
P
Phobosby Phobos-developers
Ares-compatible C&C Red Alert 2: Yuri's Revenge engine extension
C++ 166Updated: 2 y ago License: Weak Copyleft (LGPL-3.0)
166Updated: 2 y ago License: Weak Copyleft (LGPL-3.0)Support
Quality
Security
License
Reuse
H
HyperVisor-Injectorby t4ppe
SAFE and Easy To Use Hyper-Visor Injector for Easy Anti Cheat, Battleye | that supports amd + intel | Undetected + Active updates
C 162Updated: 2 y ago License: No License (No License)
162Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
O
OpenTAXIIby eclecticiq
TAXII server implementation in Python from EclecticIQ
Python 160Updated: 2 y ago License: Permissive (BSD-3-Clause)
160Updated: 2 y ago License: Permissive (BSD-3-Clause)Support
Quality
Security
License
Reuse
M
MaliciousDLLGeneratorby Mr-Un1k0d3r
DLL Generator for side loading attack
C 160Updated: 2 y ago License: No License (No License)
160Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
U
UniversalInjectby dwendt
Windows IME-based DLL injection. Able to inject a DLL without OpenProcess or a process handle being necessary..
C++ 160Updated: 4 y ago License: No License (No License)
160Updated: 4 y ago License: No License (No License)Support
Quality
Security
License
Reuse
P
PatchlessCLRLoaderby VoldeSec
.NET assembly loader with patchless AMSI and ETW bypass
C 157Updated: 2 y ago License: No License (No License)
157Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
d
ddwrt-bwmonby vortex-5
An Individual Bandwidth Monitor For DD-WRT
JavaScript 156Updated: 4 y ago License: No License (No License)
156Updated: 4 y ago License: No License (No License)Support
Quality
Security
License
Reuse
o
orochiby LDO-CERT
The Volatility Collaborative GUI
JavaScript 156Updated: 2 y ago License: Permissive (MIT)
156Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
L
LinuxCatScaleby WithSecureLabs
Incident Response collection and processing scripts with automated reporting scripts
Shell 156Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
156Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
O
OWASP-CSRFGuardby aramrami
OWASP CSRFGuard 3.1.0
Java 152Updated: 4 y ago License: No License (No License)
152Updated: 4 y ago License: No License (No License)Support
Quality
Security
License
Reuse
w
www-chapter-japanby OWASP
OWASP Foundation Web Respository
HTML 151Updated: 2 y ago License: No License (No License)
151Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
s
syringeby rsmusllp
A General Purpose DLL & Code Injection Utility
C 150Updated: 2 y ago License: Permissive (BSD-3-Clause)
150Updated: 2 y ago License: Permissive (BSD-3-Clause)Support
Quality
Security
License
Reuse
a
armoryby twosixlabs
ARMORY Adversarial Robustness Evaluation Test Bed
Python 148Updated: 2 y ago License: Permissive (MIT)
148Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
R
ReflectivePELoaderby BenjaminSoelberg
Reflective PE loader for DLL injection
C++ 148Updated: 2 y ago License: No License (No License)
148Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
H
Hoarderby muteb
This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole har drive.
Python 147Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
147Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
O
Office-365-Extractorby JoeyRentenaar
The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
PowerShell 147Updated: 2 y ago License: No License (No License)
147Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
p
Support
Quality
Security
License
Reuse
H
HideProcessHookby ryan-weil
DLL that hooks the NtQuerySystemInformation API and hides a process name
C 144Updated: 2 y ago License: No License (No License)
144Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
m
mastiffby KoreLogicSecurity
Malware static analysis framework
Python 141Updated: 4 y ago License: No License (No License)
141Updated: 4 y ago License: No License (No License)Support
Quality
Security
License
Reuse
M
Support
Quality
Security
License
Reuse
x
xplicoby xplico
Open Source Network Forensic Analysis Tool (NFAT)
PHP 139Updated: 4 y ago License: Proprietary (Proprietary)
139Updated: 4 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
r
reg_hunterby theflakes
Blueteam operational triage registry hunting/forensic tool.
Rust 139Updated: 2 y ago License: Permissive (MIT)
139Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
d
datasizeby c2h5oh
Golang helpers for data sizes (kilobytes, petabytes), human readable sizes, parsing
Go 139Updated: 2 y ago License: Permissive (MIT)
139Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
E
EVTXtractby williballenthin
EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
Python 138Updated: 4 y ago License: Permissive (Apache-2.0)
138Updated: 4 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
S
SWH-Injectorby M-r-J-o-h-n
An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.
C++ 138Updated: 2 y ago License: No License (No License)
138Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
k
kc7by KC7-Foundation
A cybersecurity game in Azure Data Explorer
Python 137Updated: 2 y ago License: Permissive (Apache-2.0)
137Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
h
heap-analyzerby tenderlove
A heap analyzer for MRI that isn't very good.
JavaScript 135Updated: 4 y ago License: Permissive (MIT)
135Updated: 4 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
S
SharpRDPThiefby passthehashbrowns
A C# implementation of RDPThief to steal credentials from RDP.
C# 134Updated: 2 y ago License: No License (No License)
134Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
D
DNCIby guibacellar
DNCI - Dot Net Code Injector
C# 132Updated: 4 y ago License: Strong Copyleft (GPL-3.0)
132Updated: 4 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
E
EvasiveProcessHollowingby reevesrs24
Evasive Process Hollowing Techniques
C 131Updated: 2 y ago License: No License (No License)
131Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
A
AheadLibby Yonsm
Fake DLL Source Code Generator
C++ 130Updated: 4 y ago License: No License (No License)
130Updated: 4 y ago License: No License (No License)Support
Quality
Security
License
Reuse
G
GiftStickby google
1-Click push forensics evidence to the cloud
Python 127Updated: 2 y ago License: Permissive (Apache-2.0)
127Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
C
CCSSby CryptoConsortium
The CryptoCurrency Security Standard
HTML 127Updated: 4 y ago License: Proprietary (Proprietary)
127Updated: 4 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
F
FAMAby labcif
Forensic Analysis for Mobile Apps (FAMA) -- module for the Autopsy Forensic Browser
Python 123Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
123Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
r
regrippyby airbus-cert
A modern Python-3-based alternative to RegRipper
Python 122Updated: 4 y ago License: Permissive (Apache-2.0)
122Updated: 4 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
P
PEx64-Injectorby 0xyg3n
Inject your x64 bit executable to any process, masking it as a legitimate process for Anti-Virus evasion.
C# 122Updated: 4 y ago License: No License (No License)
122Updated: 4 y ago License: No License (No License)Support
Quality
Security
License
Reuse
p
pcqfby botherder
pcqf (PC Quick Forensics) helps quickly gathering forensic evidence from Windows, Mac, and Linux systems, in order to identify potential traces of compromise.
Go 122Updated: 2 y ago License: Proprietary (Proprietary)
122Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse