NotRuler
NotRuler is a tool that allows Exchange Admins to remotely interact with Exchange servers to detect client-side Outlook rules and VBScript enabled forms, aiding in the detection of attacks created through Ruler. It provides the ability to query Exchange mailboxes, check for compromise, extract stager addresses for malicious rules, extract VBScript used in forms, and check for 'homepage' and extract URLs. The tool has compiled binaries for Linux, OSX, and Windows, with information on setting up from source available in the getting-started guide. NotRuler operates in two modes: Rules to check for client-side rules, Forms to check for VBScript enabled forms, and Homepage to check for a custom homepage.
FEATURES
ALTERNATIVES
BusKill is a laptop kill cord that can trigger your computer to lock or shutdown when it's physically separated from you.
Altoro Mutual offers online banking, real estate financing, business credit cards, retirement solutions, and prioritizes privacy and security.
Machine learning project for intuitive threat analysis with a web interface.
Introspy-Android is a blackbox tool for understanding Android app behavior and identifying security issues at runtime.
A Python tool for patching Dalvik bytecode in DEX files and assisting in Android application analysis
Extract local data storage of an Android application in one click.
An Android-based self-defense application against forensic imaging tools like Cellebrite UFED.
An open-source project for dynamic analysis of Android applications using the Android Substrate framework.
PINNED
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
PTJunior
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.