Ox4Shell Deobfuscate Log4Shell payloads with ease. Since the release of the Log4Shell vulnerability (CVE-2021-44228), many tools were...
Forensics
Dismember Dismember is a command-line toolkit for Linux that can be used to scan the memory of...
shomon ShoMon is a Shodan alert feeder for TheHive written in GoLang. With version 2.0, it is...
systeminformer A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware....
RPCMon A GUI tool for scanning RPC communication through Event Tracing for Windows (ETW). The tool was...
dumpscan Dumpscan is a command-line tool designed to extract and dump secrets from kernel and Windows Minidump formats....
Microsoft 365 Extractor Suite This suite of scripts contains two different scripts that can be used to...
Sealighter – Easy ETW Tracing for Security Research Sealighter leverages the feature-rich Krabs ETW Library to enable detailed filtering...
Hunt-Sleeping-Beacons The idea of this project is to identify beacons which are unpacked at runtime or running...
goreplay GoReplay is an open-source network monitoring tool which can record your live traffic and use it...
PacketStreamer Deepfence PacketStreamer is a high-performance remote packet capture and collection tool. It is used by Deepfence’s ThreatStryker security...
hollows_hunter Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes,...
Linux Evidence Acquisition Framework (LEAF) Linux Evidence Acquisition Framework (LEAF) acquires artifacts and evidence from Linux EXT4...
DDWPasteRecon Pastesites are websites that allow users to share plain text through public posts called “pastes.” Once...
Telegrip Telegrip is a GUI digital forensic tool that deals with Telegram-related cases. Telegrip provides several features:...