NomadBishop
NomadBishop is a C/C++ proof-of-concept tool that performs remote process injection, supporting both x64 and x86 operations. It uses system call macros generated by SysWhispers script and can inject across desktop sessions. The tool takes a single argument specifying the target process to inject into and can be used for various purposes such as payload injection. The tool is a part of the Sharp-Suite and has been influenced by UrbanBishop and RuralBishop. It provides a console application that can be used to inject payloads into target processes. The tool is useful for penetration testers and red teamers who need to inject payloads into target processes for various purposes such as data exfiltration, lateral movement, and privilege escalation.
FEATURES
ALTERNATIVES
A tool to dump login passwords from Linux desktop users, leveraging cleartext credentials in memory.
A VM for mobile application security testing, Android and iOS applications, with custom-made tools and scripts.
A tool for performing hash length extension attacks against multiple hashing algorithms.
A subdomain enumeration tool for penetration testers and security researchers.
Mortar is an evasion technique to defeat and divert detection and prevention of security products, including AV, EDR, and XDR solutions.
A customized Kali Linux distribution for ICS/SCADA pentesting professionals
CLI tool for offensive and defensive security assessments on the Joi validator library with a wide range of attacks.
PINNED
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.