Saruman v0.1
Type make to compile launcher (It will also try to compile a parasite.c file which is for you to supply). Make sure your parasite executable is compiled with -fpic -pie. In this version, Saruman doesn't yet support injecting a program that requires command line args because it is early POC. So <parasite_args> will not actually accept args yet. To run with a more stealth technique of loading the executable, use: ./launcher --no-dlopen <parasite_executable>. Currently, this feature has some bugs and won't work with more complex parasites (To be fixed).
FEATURES
ALTERNATIVES
A command-line utility for examining Objective-C runtime information in Mach-O files and generating class declarations.
A collaborative malware analysis framework with various features for automated analysis tasks.
A write-up of the reverse engineering challenge from the 2019 BambooFox CTF competition
Ropper is a tool for analyzing binary files and searching for gadgets to build rop chains for different architectures.
A better version of my xssfinder tool that scans for different types of XSS on a list of URLs.
A tool designed to handle archive file data and augment Yara's capabilities.
GuardDog is a CLI tool for identifying malicious PyPI and npm packages through heuristics and Semgrep rules.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.