advanced-threat-research / Creosote
Creosote is our solution to searching for the tarfile vulnerability described by CVE-2007-4559.
☆83Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for Creosote
- ☆167Updated 2 years ago
- Example tools for detecting software using OpenSSL 3.0.0 - 3.0.6 (vulnerable to latest unnamed vulnerability)☆40Updated 2 years ago
- A network technique that decloaks a VPN users traffic on a local network without disconnecting them from a VPN.☆125Updated 6 months ago
- PCAP visualization tool☆101Updated last year
- Detections for CVE-2021-44228 inside of nested binaries☆34Updated 2 years ago
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆239Updated last year
- ☆48Updated 7 months ago
- Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration☆286Updated this week
- CVE-2022-21449 Proof of Concept demonstrating its usage with a client running on a vulnerable Java version and a malicious TLS server☆120Updated 2 years ago
- Signature based honeypot detector tool written in Golang☆84Updated 5 months ago
- truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)☆110Updated last year
- Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https…☆125Updated last year
- This repository contains a comprehensive list of over 30k dynamic DNS domains as of 2024. The list is provided for informational purposes…☆82Updated this week
- ☆104Updated 2 years ago
- Cisco IOS XE implant scanning & detection (CVE-2023-20198, CVE-2023-20273)☆36Updated last year
- A server providing RESTful access to CyberChef☆131Updated 3 weeks ago
- quicmap is a simple yet quic (!) QUIC protocol scanner☆80Updated 8 months ago
- ☆115Updated last year
- PCRE RegEx matching Log4Shell CVE-2021-44228 IOC in your logs☆292Updated 2 years ago
- LOKI2 - Simple IOC and YARA Scanner☆79Updated 3 months ago
- HASH (HTTP Agnostic Software Honeypot)☆128Updated 6 months ago
- Tools for investigating Log4j CVE-2021-44228☆94Updated 2 years ago
- GTFOArgs is a curated list of programs and their associated arguments that can be exploited to gain privileged access or execute arbitrar…☆120Updated 2 weeks ago
- HTTP Headers Hashing (HHHash) is a technique used to create a fingerprint of an HTTP server based on the headers it returns.☆75Updated last year
- Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulner…☆152Updated last year
- ☆63Updated last year
- A honeypot for the Log4Shell vulnerability (CVE-2021-44228).☆90Updated 2 years ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆62Updated 2 years ago
- A pure python tool for finding and comparing typo-squatting, bytesqatting, and homoglyph domain attacks and brand impersonation☆38Updated last month