WithSecure Labs

Results 44 repositories owned by


                                            WithSecure Labs

chainsaw

2.6k

Stars

230

Forks

Watchers

Rapidly Search and Hunt through Windows Forensic Artefacts

WithSecureLabs

attack

blueteam

chainsaw

countercept

awspx

881

Stars

100

Forks

Watchers

A graph-based tool for visualizing effective access and resource relationships in AWS environments.

WithSecureLabs

aws

aws-security

graph-theory

pentesting

snake

217

Stars

Forks

Watchers

snake - a malware storage zoo

WithSecureLabs

countercept

python

snake

ppid-spoofing

134

Stars

Forks

Watchers

Scripts for performing and detecting parent PID spoofing

WithSecureLabs

countercept

spoofing

python-exe-unpacker

873

Stars

334

Forks

Watchers

A helper script for unpacking and decompiling EXEs compiled from python code.

WithSecureLabs

countercept

unpacker

doublepulsar-c2-traffic-decryptor

225

Stars

138

Forks

Watchers

A python2 script for processing a PCAP file to decrypt C2 traffic sent to DOUBLEPULSAR implant

WithSecureLabs

countercept

decryptor

doublepulsar

CallStackSpoofer

394

Stars

Forks

Watchers

A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)

WithSecureLabs

countercept

spoofer

doublepulsar-detection-script

1.0k

Stars

318

Forks

Watchers

A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.

WithSecureLabs

countercept

doublepulsar

script

security-scanner

doublepulsar-usermode-injector

112

Stars

Forks

Watchers

A utility to use the usermode shellcode from the DOUBLEPULSAR payload to reflectively load an arbitrary DLL into another process, for use in testing detection techniques or other security research.

WithSecureLabs

countercept

doublepulsar

injector

needle

1.3k

Stars

280

Forks

Watchers

The iOS Security Testing Framework

WithSecureLabs

ios

mobile

needle

pentesting