Security Training Share
Volatility 3: The volatile memory extraction framework Volatility is the world’s most widely used framework for extracting digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system...
Forager Do you ever wonder if there is an easier way to retrieve, store, and maintain all your threat intelligence data? Random user, meet Forager. Not all threat intel implementations require a database that...
apk-mitm A CLI application that automatically prepares Android APK files for HTTPS inspection Inspecting a mobile app’s HTTPS traffic using a proxy is probably the easiest way to figure out how it works. However,...
Findomain findomain is a cross-platform tool that uses Certificates Transparency logs to find subdomains. We currently support Linux, Windows, and MacOS. How does it work? It tool doesn’t use the common methods for sub(domains)...
NETworkManager A powerful tool for managing networks and troubleshoot network problems! Features Network Interface – Information, Configure The Network Interface tool detects all network adapters of the computer with the most important information (such as IP...
Acquire Volatile Memory for Linux (AVML) AVML is an X86_64 userland volatile memory acquisition tool written in Rust, intended to be deployed as a static binary. AVML can be used to acquire memory without knowing...
The JSON Web Token Toolkit jwt_tool.py is a toolkit for validating, forging and cracking JWTs (JSON Web Tokens). Its functionality includes: Checking the validity of a token Testing for the RS/HS256 public key mismatch vulnerability Testing for...
Diaphora is a plugin for IDA Pro that aims to help in the typical BinDiffing tasks. It’s similar to other competitor products and open sources projects like Zynamics BinDiff, DarunGrim or TurboDiff. However, it’s...
bettercap is a powerful, easily extensible and portable framework written in Go which aims to offer to security researchers, red teamers and reverse engineers an easy to use, all-in-one solution with all the features they might possibly...
PE-sieve is a light-weight tool that helps to detect malware running on the system, as well as to collect the potentially malicious material for further analysis. Recognizes and dumps a variety of implants within the...
objection Runtime Mobile Exploration introduction – objection Runtime Mobile Exploration objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the...
Wazuh Wazuh helps you to gain deeper security visibility into your infrastructure by monitoring hosts at an operating system and application level. This solution, based on lightweight multi-platform agents, provides the following capabilities: Log...
CyberChef The Cyber Swiss Army Knife CyberChef is a simple, intuitive web app for carrying out all manner of “cyber” operations within a web browser. These operations include simple encoding like XOR or Base64,...
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything...
