Shellcode2PE
This is a Python script that converts shellcode into a PE32 or PE32+ file. It takes a shellcode file path and an architecture (win32 or win64) as input. The script creates a PE file with the provided shellcode. The script uses pre-defined stubs for PE32 and PE32+ files, and appends the shellcode to the stub. The resulting PE file is written to a new file with a .pe.bin extension.
FEATURES
ALTERNATIVES
A semi-automatic tool to generate YARA rules from virus samples.
A tool to locally check for signs of a rootkit with various checks and tests.
Falcon Sandbox is a malware analysis framework that provides in-depth static and dynamic analysis of files, offering hybrid analysis, behavior indicators, and integrations with various security tools.
A Python script that finds endpoints in JavaScript files to identify potential security vulnerabilities.
A generator for YARA rules that creates rules from strings found in malware files while removing strings from goodware files.
A powerful tool for identifying and exploiting Cross-Site Scripting (XSS) vulnerabilities.
A debugger tool for reverse engineers, crackers, and security analysts, with a user-friendly debugging UI and custom agent support.
PINNED
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
PTJunior
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.