Revoke-Obfuscation v1.0
Revoke-Obfuscation is a PowerShell v3.0+ compatible PowerShell obfuscation detection framework. It was designed to highlight the limitations of a purely signature-based approach to detecting attackers' usage of PowerShell. It provides a new, scalable means of generically detecting both known and unknown obfuscation techniques. Authors: Daniel Bohannon (@danielhbohannon) Lee Holmes (@Lee_Homes) Research Blog Post: https://www.fireeye.com/blog/threat-research/2017/07/revoke-obfuscation-powershell.html White Paper: https://www.fireeye.com/content/dam/fireeye-www/blog/pdfs/revoke-obfuscation-report.pdf
FEATURES
ALTERNATIVES
A program to manage yara ruleset in a database with support for different databases and configuration options.
A cutting-edge AI-based IT security platform that identifies malware and cyber-attacks within seconds
Guide on emulating Raspberry Pi with QEMU and exploring Arm TrustZone research.
A better version of my xssfinder tool that scans for different types of XSS on a list of URLs.
A malware/botnet analysis framework with a focus on network analysis and process comparison.
An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.
Tplmap is a tool for detecting and exploiting server-side template injection vulnerabilities.
Scan folders and files for crypto patterns, hacking team malware, and malicious documents using PEID signatures.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.