Resolves DLL API entrypoints for a process w/ remote query capabilities.

QEMU with rVMI extensions

pure Python binary analysis framework

The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.

Help deobfuscate VBScript

Windows kernel and user mode emulation.

A machine learning tool that ranks strings based on their relevance for malware analysis.

GoCrack is a management frontend for password cracking tools written in Go

Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as wel…

Azure Deployment Templates for Mandiant Managed Huning

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]

Universal Radio Hacker: Investigate Wireless Protocols Like A Boss

The goal of this repository is to document the most common techniques to bypass AppLocker.

Mitrastar MIPS router analysis and exploitation

collection of pentesting and network security documents

Collection of Python scripts for reading information about and extracting data from UBI and UBIFS images.

a set of scripts and tools for various firmware analysis tasks

Demo RPI App for NTP MitM attack

Bash script to automate setup of Linux router useful for IoT device traffic analysis and SSL mitm

system setup and scripts for various mitm activities

Microsoft Defender for Endpoint Device Control tools, samples, and resources.

Scots Army Knife for electronics

A streamlined tool for discovering private TLDs for security research.

VStarcam P2P Decryption Utility

Given an Arduino compatible microcontroller or Raspberry PI (experimental), JTAGenum scans pins[] for basic JTAG functionality and can be used to enumerate the Instruction Register for undocumented…

JTAGulator alternative & a hardware hacker's multi-tool for RP2040 microcontroller based development boards including RPi Pico & RP2040-Zero