Daily Live Feed

An innovative, open-source tool designed to streamline malware analysis by testing the effectiveness of multiple antivirus (AV) engines simultaneously. Developed by the resourceful @Pengrey, MultCheck stands out for its user-friendly interface and customizable framework, allowing users to easily integrate new AV engines as needed. Whether you’re a cybersecurity professional or… Read more »

CLay offers a unique and powerful feature that goes beyond traditional security measures. CLay takes deception to a new level by mimicking the appearance of a website with information from a different framework. The primary objective is to mislead and deceive potential attackers, leading them to gather false information about… Read more »

Entraspray is a rewrite of MSOLSpray in python. The main purpose of this tool remains the same: to perform password spraying against Microsoft Azure accounts while also providing detailed information about account status and errors; such as if MFA is enabled, if a tenant or user doesn’t exist, if the account is… Read more »

IAT-Tracer V2 is a plugin for Tiny-Tracer framework (by @hasherezade) for automatically detecting and resolving functions’ parameters out of the IAT or trace logs (.tag files) of PE files. The plugin has a GUI that allows the user to choose what imported or called functions to trace and watch and then automatically… Read more »

Gouge is a Burp Suite extension to extract or GOUGE all URLs. It is a Burp Suite extension written in Python and uses the Burp Suite API to extract URLs from a webpage & all its JS files too! How To Use Gouge? How To Build Gouge? Gouge is written… Read more »

Explore the capabilities of the Microsoft-Analyzer-Suite (Community Edition), a powerful collection of PowerShell scripts designed to enhance your security analysis. This suite provides automated processing of logs from Microsoft 365 and Microsoft Entra ID, leveraging tools developed by Invictus-IR. Dive into the intricacies of these tools and learn how they… Read more »

I built this tool in 2019 for a pentest involving Azure, as no other enumeration tools supported it at the time. It grew from there, and I learned a lot while adding features. Building tools is fun, but maintaining tools is hard. I haven’t actively used this tool myself in… Read more »

EDRPrison leverages a legitimate WFP callout driver, WinDivert, to effectively silence EDR systems. Drawing inspiration from tools like Shutter, FireBlock, and EDRSilencer, this project focuses on network-based evasion techniques. Unlike its predecessors, EDRPrison installs and loads an external legitimate WFP callout driver instead of relying solely on the built-in WFP. Additionally, it blocks outbound… Read more »

You need to buy the following hardware to be able to run the exploits: The installation is partially automated in the toolkit. Consult repository for other information. Once you have needed hardware: Internalblue Currently, we support only Nexus 5 phones, but you can add your hardware that supports internalblue as well… Read more »

This check could be used to assess the severity of the attacks. If the target device is pairable even if the user does not navigate to the pairing/discovery menu then such a device has a higher exposure to the threats. It should be noted that previous research showed that Bluetooth… Read more »