31 tools and resources
A collection of tools for extracting and analyzing information from .git repositories
Copy executables with execute, but no read permission on Unix systems.
HxD is a freeware hex editor and disk editor with advanced features for editing files, memory, and disks.
A tool that scans a corpus of malware and builds a YARA rule to detect similar code sections.
A Python library for loading and executing Beacon Object Files (BOFs) in-memory.
Verify scripts and executables to mitigate chain of supply attacks.
A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.
Visually inspect regex matches in binary data/text with YARA and regular expressions, displaying matched bytes and surrounding context.
SWFTools is a collection of utilities for working with Adobe Flash files, including tools for converting PDFs, images, audio, and video files to SWF format.
Cybersecurity tool merging DarunGrim's analysis algorithms, currently in internal testing for official release.
Python forensic tool for extracting and analyzing information from Firefox, Iceweasel, and Seamonkey browsers.
PLCinject is a tool for injecting and patching blocks on PLCs with a call instruction.
Collection of Windows oneliners for executing arbitrary code and downloading remote payloads.
A library to access and parse the Microsoft Internet Explorer Cache File format.
iOS Mobile Backup Xtractor tool for extracting iOS backups.
Comprehensive cheat sheet for SQLite SQL injection techniques and payloads.
A tool for creating compact Linux memory dumps compatible with popular debugging tools.
A Python script that converts shellcode into a PE32 or PE32+ file.
Bmaptool is a project no longer maintained by Intel, users are advised to create their own fork for ongoing use.
UPX is a high-performance executable packer for various executable formats.
Krakatau provides an assembler and disassembler for Java bytecode, supporting conversion, creation, examination, comparison, and decompilation of Java binaries.
A command-line utility for examining Objective-C runtime information in Mach-O files and generating class declarations.
A library to access and read QEMU Copy-On-Write (QCOW) image file formats with support for zlib compression and AES-CBC encryption.
A command-line utility for extracting human-readable text from binary files.
A tool for malware analysts to search through base64-encoded samples and generate yara rules.
Inceptor is a template-driven framework for evading Anti-Virus and Endpoint Detection and Response solutions, allowing users to create custom evasion techniques and test their security controls.
Kaitai Struct is a declarative language for describing binary data structures.
A medium interaction printer honeypot that simulates a standard networked printer
wxHexEditor is a free hex editor / disk editor with various data manipulation operations and visualization functionalities.
Universal hexadecimal editor for computer forensics, data recovery, and IT security.
A tool designed to handle archive file data and augment Yara's capabilities.
