Category Archives: Tools

Fileintel – Application to Pull Malicious Files Intelligence

Fileintel is a tool used to collect various intelligence sources for a given file. The tool is written in a modular fashion so new intelligence sources.

RetDec – Machine-code Decompiler Based on LLVM

RetDec is a retargetable machine-code decompiler based on LLVM. The decompiler is not limited to any particular target architecture, operating system

sniffglue – Secure Multithreaded Packet Sniffer

sniffglue is a network sniffer written in rust. Network packets are parsed concurrently using a thread pool to utilize all cpu cores.

CAPE – Malware Configuration And Payload Extraction

CAPE is a malware sandbox. It is derived from Cuckoo and is designed to automate the process of malware analysis with the goal of extracting payloads and configuration from malware.

CCAT – The Cloud Container Attack Tool

CCAT the Cloud Container Attack Tool is a tool that allow security tester to better understand the security implications of container-based services.

Attack_monitor – Endpoint detection & Malware analysis software

Attack_monitor is Python application written to enhance security monitoring capabilities of Windows 7/2008 (and all later versions) workstations/servers and to automate dynamic analysis of malware.

ACLight – Advanced Privileged Accounts Discovery

ACLight is a tool for discovering privileged accounts through advanced ACLs analysis (objects’ ACLs - Access Lists, aka DACL\ACEs).