advanced-threat-research / Creosote
Creosote is our solution to searching for the tarfile vulnerability described by CVE-2007-4559.
☆84Updated 2 years ago
Alternatives and similar repositories for Creosote:
Users that are interested in Creosote are comparing it to the libraries listed below
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆241Updated 2 years ago
- Detections for CVE-2021-44228 inside of nested binaries☆34Updated 3 years ago
- Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https…☆127Updated last year
- GTFOArgs is a curated list of programs and their associated arguments that can be exploited to gain privileged access or execute arbitrar…☆122Updated 3 months ago
- Monthly CVE Stats☆37Updated last month
- Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulner…☆154Updated last year
- ☆168Updated 2 years ago
- Example tools for detecting software using OpenSSL 3.0.0 - 3.0.6 (vulnerable to latest unnamed vulnerability)☆41Updated 2 years ago
- Determine whether your compute is truly vulnerable to a specific vulnerability by accounting for all factors which affect *actual* exploi…☆140Updated last year
- CQ, a code security scanner☆98Updated 8 months ago
- quicmap is a simple yet quic (!) QUIC protocol scanner☆83Updated 10 months ago
- A network technique that decloaks a VPN users traffic on a local network without disconnecting them from a VPN.☆129Updated 8 months ago
- Hfinger - fingerprinting HTTP requests☆136Updated last year
- ☆240Updated 6 months ago
- MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.☆62Updated 9 months ago
- CVE-2022-21449 Proof of Concept demonstrating its usage with a client running on a vulnerable Java version and a malicious TLS server☆121Updated 2 years ago
- CveXplore☆35Updated this week
- Tools for investigating Log4j CVE-2021-44228☆95Updated 3 years ago
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆130Updated 2 years ago
- HTTP Headers Hashing (HHHash) is a technique used to create a fingerprint of an HTTP server based on the headers it returns.☆75Updated last year
- Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.☆110Updated last month
- Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration☆291Updated this week
- Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…☆253Updated 2 months ago
- CVE.ICU code.☆38Updated this week
- Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Data☆48Updated 6 months ago
- ☆104Updated 2 years ago
- Tool to guess CPE name based on common software name☆90Updated 2 months ago
- The IoT Security Testing Guide (ISTG) provides a comprehensive methodology for penetration tests in the IoT field, offering flexibility t…☆93Updated 4 months ago
- HASH (HTTP Agnostic Software Honeypot)☆135Updated 8 months ago
- Data visualization for blue teams☆124Updated 2 years ago