F-Secure LABS (FSecureLABS)

F-Secure LABS

FSecureLABS

Geek Repo

Location:Basingstoke, Johannesburg, London, Manchester, Singapore, New York

Home Page:https://labs.f-secure.com/

Github PK Tool:Github PK Tool

F-Secure LABS's repositories

SharpGPOAbuse

SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by that GPO.

dref

DNS Rebinding Exploitation Framework

KernelFuzzer

Cross Platform Kernel Fuzzer Framework

Language:CLicense:NOASSERTIONStargazers:442Issues:48Issues:4

win_driver_plugin

A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.

Language:PythonLicense:NOASSERTIONStargazers:415Issues:41Issues:5

wePWNise

WePWNise generates architecture independent VBA code to be used in Office documents or templates and automates bypassing application control and exploit mitigation software.

Language:PythonLicense:NOASSERTIONStargazers:350Issues:25Issues:1

Azurite

Enumeration and reconnaissance activities in the Microsoft Azure Cloud.

Language:PowerShellLicense:NOASSERTIONStargazers:247Issues:25Issues:6

Ninjasploit

A meterpreter extension for applying hooks to avoid windows defender memory scans

z3_and_angr_binary_analysis_workshop

Code and exercises for a workshop on z3 and angr

SharpClipHistory

SharpClipHistory is a .NET application written in C# that can be used to read the contents of a user's clipboard history in Windows 10 starting from the 1809 Build.

XRulez

A command line tool for creating malicious outlook rules

Language:CLicense:NOASSERTIONStargazers:156Issues:16Issues:5

ViridianFuzzer

Kernel driver to fuzz Hyper-V hypercalls

Language:C++Stargazers:135Issues:15Issues:0

incognito

One Token To Rule Them All https://labs.mwrinfosecurity.com/blog/incognito-v2-0-released/

Language:CLicense:NOASSERTIONStargazers:132Issues:10Issues:1

CVE-2018-4121

macOS 10.13.3 (17D47) Safari Wasm Exploit

Language:PythonLicense:BSD-3-ClauseStargazers:84Issues:6Issues:7

N1QLMap

The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.

Language:PythonStargazers:73Issues:7Issues:0

SharpGPO-RemoteAccessPolicies

A C# tool for enumerating remote access policies through group policy.

Language:C#Stargazers:72Issues:10Issues:0

3d-accelerated-exploitation

3D Accelerated Exploitation

Language:CStargazers:55Issues:12Issues:0

Athena

GUI Tool to generate threat intelligence information in various formats

Language:C#License:NOASSERTIONStargazers:44Issues:11Issues:1

CalendarPersist

JXA script to allow programmatic persistence via macOS Calendar.app alerts.

Language:JavaScriptStargazers:41Issues:7Issues:0

fdpasser

Example of passing file descriptors into a container to perform a privilege escalation on the host

Language:CStargazers:23Issues:3Issues:0

gists

Short handy snippets from the @mwrlabs team

Language:PowerShellStargazers:20Issues:8Issues:0

timeinator

Timeinator is an extension for Burp Suite that can be used to perform timing attacks over an unreliable network such as the internet.

ExploitRemotingService

A tool to exploit .NET Remoting Services

Language:C#License:GPL-3.0Stargazers:10Issues:6Issues:0

Cisco-UCM-SQLi-Scripts

Scripts that can be used to exploit CVE-2019-15972 which was an Authenticated SQLi issue in Cisco Unified Call Manager (UCM).

Language:PythonStargazers:8Issues:3Issues:0

bsides18_breakfree

Example tools and output from BSides 2018 "I Want to Break Free"

Language:PythonStargazers:7Issues:6Issues:0
Language:C++License:BSD-3-ClauseStargazers:1Issues:3Issues:0

WindVision-PoC-app

A PoC Android application that exploits 4 vulnerabilities of the Wind Vision TV streaming application to achieve account takeover.

Language:JavaStargazers:0Issues:5Issues:0