This list is a work in progress (i.e. it will never be completely up-to-date). It will list all my published software with cross-referenced blogposts.
I try to update it monthly (last update 2021/05/30).
If you get errors running one of my programs, read this first.
If you can’t find one of my programs, read this first.
Applications: 1768: Analyze Cobalt Strike beacons amsiscan: Scan input with AmsiScanBuffer AnalyzePESig: Analyze digital signature of PE file apc-b: Send beacon frames with AirPcap apc-channel: AirPcap channel hopper apc-pr-log: AirPcap probe requests logger Ariad: Tool (driver) to prevent inserted USB sticks from executing code avr-teensy-pdf-dropper: WinAVR PoC to program Teensy to drop PDF file base64dump: Extract base64 strings from file BinaryTools: simple binary tools: reverse (reverses a file) and middle (extract sequence from file) bpmtk: Basic Process Manipulation Tool Kit BruteForceEnigma: C# program to bruteforce ENIGMA encoded text byte-stats: Calculate byte statistics CASToggle: Utility providing more control over .NET CAS enforcement Challenger: Small program for simple reverse-engineering challenges cipher-tool: tool to encode and decode with simple ciphers cisco-calculate-ssh-fingerprint: Calculate the SSH fingerprint of a Cisco IOS device ClipboardTransformer: Clipboard utility cmd-dll: ReactOS cmd.exe transformed into a dll count: count unique items CounterHeapSpray: Process hardening tool, my PoC for Microsoft BlueHat Prize Contest CreateCertGUI: Generate your own OpenSSL certificate cut-bytes: Cut a section of bytes out of a file decode-vbe: Decode VBE files decompress_rtf: Tool to decompress compressed RTF defuzzer: Generate the original file by combining fuzzed files. disinformational-tweets: Python program to Tweet (obsolete) disitool: Tool to work with Windows executables digital signatures DumpStrings: 010 Editor Script to dump strings (integrated since version 4) EICARgen: Program to generate an EICAR file (EICAR AV test file) emldump: Analyze MIME files EnforcePermanentDEP: Enable permanent DEP in the loading process (Windows XP) extractscripts: Utility to check HTML file and generate a separate file for each script in the HTML file file-magic: Essentialy a wrapper for file (libmagic) file2vbscript: Embeds executable into vbscript script FileGen: Command-line program to create test files of different lengths FileScanner: Tool to scan files for patterns find-file-in-file: Check if a file is embedded inside another file, even non-contiguous format-bytes: This is essentialy a wrapper for the struct module fuzzer: 010 Editor Script implementing a simple fuzzer hash: This is essentialy a wrapper for the hashlib module headtail: Output head and tail of input HeapLocker: Process hardening tool, a bit like EMET, but open source hex-to-bin: convert hexadecimal to binary InstalledPrograms: List installed programs with Excel/VBA InteractiveSieve: GUI tool to visualize and analyze logs, data, … by “sifting” jpegdump: JPEG file analysis tool js-1.5-mod: SpiderMonkey JavaScript interpreter modifications js-1.7.0-mod: SpiderMonkey JavaScript interpreter modifications js-unicode-escape: 010 Editor Script to convert bytes to a Unicode escape encoded string for JavaScript js-unicode-unescape: 010 Editor Script to convert a Unicode escape encoded string to bytes keihash: Calculate SSH Key Exchange Init (KEI) hash: KEIHash ListModules: Analyze digital signature of all executables in processes ListSharesSecurityWithWMI-VS2001: C# example for share security enumeration with WMI LNKTemplate: 010 Editor Template for LNK file format LoadDLLViaAppInit: DLL to load other DLLs via appinit registry key LockIfNotHot: Automatically lock Windows computer when user walks away, requires IR thermometer lookup-tools: IP-address and hosts lookup tools LowerMyRights: Restricts the rights of an existing process make-pdf: Set of Python programs to generate all kinds of PDF files md5_authenticode: MD5 Authenticode collision PoC MIFAREACR122: Python program to read and write 1K MIFARE RFID tags with ACR122 contactless reader/writer MovingXORSelection: 010 Editor Script to perform a moving XOR of the current selection msoffcrypto-crack: Crack MS Office document password my-shellcode: My shellcode collection MyEFSService: PoC for Malicious Cryptography blogpost MySafeModeService: PoC for Playing with Safe Mode blogpost NAFT: Network Appliance Forensic Toolkit NetworkMashup: Network utilities (ping, DNS) written in Excel/VBA NewPasswordStats: Password auditing password filter nmap-xml-script-output: nmap xml script output parser nocalcpoc: No calc PoC nsrl: NSRL tool numbers-to-hex: convert decimal numbers into hex numbers numbers-to-string: convert numbers into a string oledump: Analyze OLE files (Compound Binary Files) OllyStepNSearch: Plugin for OllyDbg password-history-analysis: Program to analyze password history Paste: paste does the opposite of clip, read the clipboard and write it to stdout pcap-rename: program to rename pcap files with a timestamp pdf-parser: PDF analysis program pdfid: PDF triage program PDFTemplate: 010 Editor Template for PDF file format pdftool: Tool to process PDFs pecheck: wrapper for pefile peid-userdb-to-yara-rules: Convert PeID userdb to YARA rules PFTemplate: 010 Editor Template for PF file format psurveil: Photo Surveillance for N800 python-per-line: Program to evaluate a Python expression for each line in the provided text file(s) re-search: Program to use Python’s re.findall on files regedit-dll: ReactOS regedit.exe transformed into a dll rtfdump: Analyze RTF files RTStego: Rainbow table steganography runasil: Launches program with a low integrity level RunInsideLimitedJob: Start program and run it inside a limited job SE_ASLR: Force ASLR on Windows Explorer Shell Extensions search-and-replace-with-wildcards: 010 Editor Script for search and replace with wildcards SelectMyParent: Launch a program and select its parent SendtoCLI: GUI tool for CLI commands setdllcharacteristics: Tool to set DEP, ASLR, … flags of a Windows executable sets: Set operations on 2 files: union, intersection, subtraction, exclusive or shellcode2vba: Convert shellcode to VBA shellcode2vbscript: Convert shellcode to VBA ShellCodeLibLoader: ShellCode With a C-Compiler ShellCodeMemoryModule: Generates DLL-loading shellcode from memory shift: 010 Editor Script to shift bytes in a file or selection simple-shellcode-generator: Python program to generate 32-bit shellcode (assembler code) simple_ip_stats: Process PCAP files to calculate IP data statistics simple_tcp_stats: Process PCAP files to calculate TCP data statistics SimpleEncoder: 010 Editor Script to encode current selection by shifting characters split: Split a text file into X number of files (2 by default) strings: Strings command in Python Suspender: DLL that suspends its host process TaskManager: Windows Task Manager written in Excel/VBA TestIntegrityCheckFlag: Test program for Using DLLCHARACTERISTICS’ FORCE_INTEGRITY Flag blogpost translate: Python script to perform bitwise operations on files (like XOR, ROL/ROR, …) ultraedit_scripts: Collection of UltraEdit scripts UndeletableSafebootKey: Tool to generate an undeletable Safeboot registry key USBVirusScan: Launch a program, like an AV scanner, each time USB removable storage is plugged-in UserAssist: Decode the UserAssist registry data virtualwill: HTML program to store your will VirusAlert: C# PoC program that monitors the event log for virus alerts and displays customized messages for the user virustotal-search: Search VirusTotal for provided hashes virustotal-submit: Submit files to VirusTotal for scanning vs: Python program to take surveillance pictures from IP-cameras what-is-new: Tool to monitor new items whoami: Firefox addon to identify your profile WMFTemplate: 010 Editor Template for WMF file format wmi-sc: WMI script for Security Center data wsrradial: wi-spy radial WiFi plotting tool wsrtool: wi-spy wsr files tool xmldump: This is essentially a wrapper for xml.etree.ElementTree xor-kpa: XOR known-plaintext attack XORSearch: Bruteforce a file for XOR, ROL, ROT, SHIFT, … encoding and search for a string XORSelection: 010 Editor Script to encode current selection with XOR XORStrings: Bruteforce a file for XOR, ROL, ROT, SHIFT, … encoding and dump strings zipdump: ZIP dump utility ZIPEncryptFTP: Zip files, encrypt ZIP file, upload via FTP zoneidentifier: Manage Zone.Identifier ADS1768: Analyze Cobalt Strike beacons 1768_v0_0_3.zip (https) MD5: 73DB2E96EE5B6427AF6CCE2672F91CB2 SHA256: C06850A132B89F5E8C127E43FD5CC42051706CDF058EB2D688BC8BD3043E6E02 Referenced in post(s): 1768 K 1768_v0_0_4.zip (https) MD5: 35779393F2DC6171731446F8E0AC361B SHA256: 59148C2DA13BE4DB203F9444E837911476BDE74E41E5A82C865E9729101336D2 Referenced in post(s): Update: 1768.py Version 0.0.4 1768_v0_0_5.zip (https) MD5: 83D7A867B93FAC13BA24F17DDA994A9A SHA256: CBCB84B9C4D8C1ED05983C2A211E3EA6029E69782FDDD6E15181EE4F47383EB5 Referenced in post(s): Update: 1768.py Version 0.0.5 1768_v0_0_6.zip (https) MD5: EB9C949BB7B5DD3EF9ECEBF7F3C21184 SHA256: 3EC0BB7B41CC5C0E1534F09BAE67D62B220F8D83A7F02EC0F856F8741F86EB31 Referenced in post(s): Update: 1768.py Version 0.0.6
amsiscan: Scan input with AmsiScanBuffer amsiscan_V0_0_1.zip (https) MD5: 47E50599E0CFAF1D27416E68394289A0 SHA256: 044E41D7F31D8333CB5295FD6E430933CA67F9AC37CD400D38189C96AE48544D Referenced in post(s): New Tool: amsiscan.py
AnalyzePESig: Analyze digital signature of PE file AnalyzePESig_V0_0_0_1.zip (https) MD5: 4BE29E4A5DE470C6040241FD069010C4 SHA256: FB83C6491690402273D42A3335777E77EA29328F5FE8503FF6F5EF62833D1FBC Referenced in post(s): Searching For That Adobe Cert AnalyzePESig_V0_0_0_2.zip (https) MD5: 738F97F76921FA2220368B3F4190F534 SHA256: E0D43E04AFD242307E3E6B675A650952D2605F45FE55F0B883ACF5B22BA32A01 Referenced in post(s): Update: AnalyzePESig Version 0.0.0.2 AnalyzePESig_V0_0_0_3.zip (https) MD5: C012D41535CC570F3C4947FDA9559489 SHA256: 3C26F3BEA2B20AA65F2384AC8B709AB7C0D9A51ED544987C9932994536884BD7 AnalyzePESig_V0_0_0_4.zip (https) MD5: 3E90FFE0C9D42A16EB7903CE0C27B778 SHA256: 6953C838F9710E8ED0E28D7F062D89B0381BACB162C8C09D192E83BD745789B6 AnalyzePESig_V0_0_0_5.zip (https) MD5: EC65D3F269445B7E876F232CE5C57A16 SHA256: 897EE65C741D2FEEF23C512FE43D9E477F9CAB0B338078703F8D860257D0C437 Referenced in post(s): Authenticode Tools
apc-b: Send beacon frames with AirPcap apc-b_v0_1_1.zip (https) MD5: 9FC457B8CC646BEA2BC6E28AB8E43376 SHA256: 45B6F92362EBEC877F04D92C38E4362187410855DCB6C913771B055BDFC338F8 Referenced in post(s): Quickpost: Sending WiFi Beacon Frames with an AirPcap Adapter apc-b_v0_2_0.zip (https) MD5: 849DE418A1F325B9DC133DBE2E7CC501 SHA256: C3F28DCEFE6FF747780E384E49BB4D373BC983518C592E1BB18E8455F78E7F95 Referenced in post(s): _nomap, _nomap, _nomap, …
apc-channel: AirPcap channel hopper apc-channel_v0_1.zip (https) MD5: DB385401E39C0FB0C8278DE9D76E6A14 SHA256: 09E6A7DE54B339CA8EACBBD7A944214CA0FD466B93CFAA818B38D2AD30551C2B Referenced in post(s): Quickpost: WiFi Channel Hopping with an AirPcap Adapter apc-channel_v0_2.zip (https) MD5: 52169F5CB679E6C0DF1F8D47DA38F779 SHA256: 59F4BEE229F5EF5B7AF27BAF6AA972DCDC9E6A6007E8E468AE7BC7C3F1CB89DD Referenced in post(s): AirPcap Channel Hopping With Python
apc-pr-log: AirPcap probe requests logger apc-pr-log_v0_1.zip (https) MD5: 63C0F6F130DC186925BE1B9A66152455 SHA256: CC9D3EFE893BE6F6C263D248C695DFAB08548AE246E1772C2EBF220EB43F7277 Referenced in post(s): Quickpost: WiFi Probe Request Logging with an AirPcap Adapter
Ariad: Tool (driver) to prevent inserted USB sticks from executing code Ariad_V0_0_0_1.zip (https) MD5: 31FC46BBE3216413848C146899F08C07 SHA256: ADA979C5F2D1FA414EF834191289CF819810131516E913DBCD82132E519A24D2 Ariad_V0_0_0_2.zip (https) MD5: B828254F54132BD9C61D7EA0E4646983 SHA256: 98AB541AC1F392159A4428BC23C48153CE784FED0A44E950CC45D2DF14738708 Ariad_V0_0_0_7.zip (https) MD5: A1F48BF9568A19E4344CE872A7B433DD SHA256: 7CF8D0F47C44D4AF58C8B13B488189D2CFC63B47139C634FF06114C0C9DFD3DC Ariad_V0_0_0_8.zip (https) MD5: B8E46212CA56B7BD056BA30E84DF8596 SHA256: 99620D77B23C21BC1C020352C5E9CCC467A4C450E0C69AA6FFBCE7227063964C Referenced in post(s): Ariad Ariad_V0_0_0_9.zip (https) MD5: C41EFF12D1C454595C5F8B8EBB09DA69 SHA256: DC0F40BA397E19FDFED67E287E0CF24FB55314B9760477D3783D492043FFF698 Referenced in post(s): Ariad
avr-teensy-pdf-dropper: WinAVR PoC to program Teensy to drop PDF file avr-teensy-pdf-dropper_V0_0_0_1.zip (https) MD5: EA14100A1BEDA4614D1AE9DE0F71B747 SHA256: 2C9A5DF1831B564D82548C72F1050737BCF17E5A25DCDC41D7FA4EA446A8FDED Referenced in post(s): Teensy PDF Dropper Part 2
base64dump: Extract base64 strings from file base64dump_V0_0_1.zip (https) MD5: 350C12F677E08030E0DD95339AC3604D SHA256: 1F8156B43C8B52B7E5620B7A8CD19CFB48F42972E8625994603DDA47E07C9B35 Referenced in post(s): base64dump.py Version 0.0.1 base64dump_V0_0_10.zip (https) MD5: 6670ACD88FD384BA9172F2B98E72D0D4 SHA256: C080F2A5F60A8E9593AE789A69D233EFC86AEF9BD319C409229B3E518E15C725 Referenced in post(s): Update: base64dump.py Version 0.0.10 base64dump_V0_0_11.zip (https) MD5: BF9D9EB3E6D574633D7F85345213E3E8 SHA256: 2741F9C3FD7B0897A04F60C741D7125568C8355A82FCF0FD4BB80877EE7FB935 Referenced in post(s): Update: base64dump.py Version 0.0.11 base64dump_V0_0_12.zip (https) MD5: 834B0D2DB5915ECE1C2F016B9E8462D1 SHA256: 952A5009C945AF350DB0875E8F025E3B5D271FB54AC60BE7569CFBD949DD7B77 Referenced in post(s): Update: base64dump.py Version 0.0.12 base64dump_V0_0_13.zip (https) MD5: B322C1E55108FB1559009FC4C1CF12DE SHA256: EE6527B4F558439916D9854980D6980EECA9F130F37BBF4034453ABBD8BF3260 Referenced in post(s): Update: base64dump.py Version 0.0.13 base64dump_V0_0_14.zip (https) MD5: 35BF4900BED40E828887C7601F9C8751 SHA256: 2F58F630D9B12D2B70CECF35728096A247890808E44DAB9C94400A073D5E29BF Referenced in post(s): Update: base64dump.py Version 0.0.14 base64dump_V0_0_2.zip (https) MD5: EE032FAB256D44B2907EAA716AD812C5 SHA256: 1E5801DD71C0FFA9CA90D2803B46275662E222D874E409FF31F83B21E6DEC080 Referenced in post(s): Update: base64dump.py Version 0.0.2 base64dump_V0_0_3.zip (https) MD5: CF214FDFE9B83E39DC8484C137050569 SHA256: 4F1B2764CCD40E0276FFC3F81E3C0B55E4C844D469C4E313A99FB13F0B5621C0 Referenced in post(s): Update: base64dump.py Version 0.0.3 base64dump_V0_0_4.zip (https) MD5: 5864B1AF997EBA6E5F6DD0C3B8ADBE56 SHA256: 1B01023A97361A9DBBB16B9D8851FFD757F03FA3964C0ED72067F9117F283992 Referenced in post(s): Update: base64dump.py Version 0.0.4 base64dump_V0_0_5.zip (https) MD5: 7AACFD3E34FEAAF41897F60FBC5279A3 SHA256: B4AB7B3A9D2947F08C6CC94F88CD825C9B2B63EE65AF7475E66BE9565EC4337A Referenced in post(s): Update: base64dump.py Version 0.0.5 base64dump_V0_0_6.zip (https) MD5: CDC956FAFD7AC2A86C9CD40EC188C7FC SHA256: BFBCFA51DDC47793C8CA397B261E036701543610F637CE8813BC5870FC4B2C2F Referenced in post(s): Update: base64dump.py Version 0.0.6 base64dump_V0_0_7.zip (https) MD5: D37DE7CEFDA55ADD1822EADDD84D5FFB SHA256: 5F676DF8B36172A1D7B29F03E2B0CCB026BB9A96DF8830FDB137E65CBB59DD63 Referenced in post(s): Update; base64dump.py Version 0.0.7 base64dump_V0_0_8.zip (https) MD5: 1B379A08FBC6E7686A89AF099699B076 SHA256: A81AE1AACCB168787CAF6355D582BB5096760893F5CB60E93E408A0475B4FDAC Referenced in post(s): Update: base64dump.py Version 0.0.8 base64dump_V0_0_9.zip (https) MD5: 4CF9F57AD34CC728B05F1307219864BB SHA256: 01264F82CEFB7B1D2DF51A8DB190840FE6C368C9C3D63566CF14CE4983F73D5A Referenced in post(s): Update: base64dump.py Version 0.0.9
BinaryTools: simple binary tools: reverse (reverses a file) and middle (extract sequence from file) BinaryTools.zip (https) MD5: 7A70F0E6A6F89550E0B65BE5611339F8 SHA256: 26A03D0B3E8CDE768976D006F1C187E5B0EF3BB51663403964BDEDF4C606E9CB Referenced in post(s): Binary Tools
bpmtk: Basic Process Manipulation Tool Kit bpmtk_v0_1_1_1.zip (https) MD5: E33F7F95B409E1A0B65766821F7E26F5 SHA256: 8C0E5A04B0F5909462505582873A34AAEA5B6DC8469D3784FEAE7E9FBD349EFA bpmtk_v0_1_2_0.zip (https) MD5: 6ABDF2E69F153E8C6282C2DD934735DF SHA256: 9F3328AD39F318A7F61071EC0C9341C6228B02E9F91F035E6EA8769EF27D3A34 bpmtk_v0_1_3_0.zip (https) MD5: ECC621E653BCC32694B56AEBDABE6140 SHA256: E39C04C3CF35B8642255CF03E4185490C0FB6A0AEDBD73551E2851A0E5E5069B bpmtk_v0_1_4_0.zip (https) MD5: 1BF31C6885326C3C7A1B37C42E9F9DFA SHA256: 5DF5AFDB93F19974CCDCCEFADAE52A3277AAA31FC24DCAAE6259F9DB9DA865C1 bpmtk_V0_1_5_0.zip (https) MD5: 3F24041EE1C5C681D3EB3E7481ABC776 SHA256: B08233F9EBC541676B0807FEA7075D324ACC7B1679B130AEE8556DFD797B5EC2 Referenced in post(s): bpmtk: Injecting VBScript bpmtk_V0_1_6_0.zip (https) MD5: FD4DA1B404961E6DB45469A27A201F41 SHA256: 5667AD1D153C5F93E509042D94491654AB742C6880DFE10366CA44E8D7EFE0D1 Referenced in post(s): Update: bpmtk with hook-createprocess.dll
BruteForceEnigma: C# program to bruteforce ENIGMA encoded text BruteForceEnigma.zip (https) MD5: A9FEBBABA207E7C3790D075FD3A3D22B SHA256: DE15922575F3F5BC56F7528F7F8C7F33D70B3163A2B33B503CA8B7C3BC4492E8 Referenced in post(s): Brute Forcing Enigma
byte-stats: Calculate byte statistics byte-stats_V0_0_1.zip (https) MD5: A884E999B58A54A1C2F83C8E592CD01B SHA256: B9D55B02534F1B1C158CE9CB067F4E5B37E47FA2A6CA4677F0E29DD3A160731E byte-stats_V0_0_2.zip (https) MD5: E7225860207EB93F2F6C2A808C7FA720 SHA256: FD1D733B4DAC1B7FFAB5B6279619D8B97A76049C86C110DCFB5C3EDFA53F328D byte-stats_V0_0_3.zip (https) MD5: 4287A94EC56E0BF5A936C2A16DA7F2B4 SHA256: 310B15865B332FF62F2C70CE441D322491DB79BC5D1C8D8BBC9A7245005491B5 Referenced in post(s): byte-stats.py byte-stats_V0_0_4.zip (https) MD5: B53CE5444618DCA78C46C7F72E356D8D SHA256: 81EFED375FF666BFFDDB82D094ECE17074182F5016FE3BFA4D1CA33DE838754C Referenced in post(s): Update: byte_stats.py Version 0.0.4 byte-stats_V0_0_5.zip (https) MD5: B79C6DF0964C9BA676D88E2085ACF037 SHA256: B9112274BD757FB3311883B0CF179ABDEC149C421EFEB335D70AF972495A5C20 Referenced in post(s): Update: byte-stats.py Version 0.0.5 byte-stats_V0_0_6.zip (https) MD5: CA729FF05E314A9CF5C348CB4A720F13 SHA256: 11E41F51EC9911741D71C8BC3278FA22AADBD865F2BF7BE4E73E82A7736A8FA8 Referenced in post(s): Update: byte-stats.py Version 0.0.6 byte-stats_V0_0_7.zip (https) MD5: 9991B5C5BEB3CB7989FE6DC30789EB49 SHA256: 82198195EA9C92832027CC8E2E3ABE161787551A06750E042096CF2DF0AC9384 Referenced in post(s): Update: byte-stats.py Version 0.0.7
CASToggle: Utility providing more control over .NET CAS enforcement CASToggle_V0_1_1_0.zip (https) MD5: D565937B49DF96E6A8B88FEDCF15D82A SHA256: 6DC6913136C74592C4833D1EEF5D70B4DA83AA9A111BC8DE6DDF16A709EF7E91 Referenced in post(s): CASToggle
Challenger: Small program for simple reverse-engineering challenges Challenger_V1_0_0.zip (https) MD5: FC71CAA3F99CB6EE9094098D60B7E4C3 SHA256: 9CBE129AC7161B12FAE4A65078159350624703CB8A4604F63694322064A2962C Referenced in post(s): Challenger
cipher-tool: tool to encode and decode with simple ciphers cipher-tool_V0_0_1.zip (https) MD5: B7D44090A76F66D7194D0A0D890E2CEB SHA256: 1E8E1F112595FC08C3C20A06D172C21DDE6375EC8651A8DE6EF57B938F3E67E8 Referenced in post(s): Simple Ciphers: cipher-tool.py
cisco-calculate-ssh-fingerprint: Calculate the SSH fingerprint of a Cisco IOS device cisco-calculate-ssh-fingerprint_V0_0_1.zip (https) MD5: 5A6C3A2C466908EE7EFB06727E8D02B7 SHA256: 831CAF7BBF0F6C584436C42D9CEB252A089487B715ADBB81F9547EEB3ED6B0B8 Referenced in post(s): Calculating a SSH Fingerprint From a (Cisco) Public Key cisco-calculate-ssh-fingerprint_V0_0_2.zip (https) MD5: C304299624F12341F9935263304F725B SHA256: 2F2BF65E6903BE3D9ED99D06F0F38B599079CCE920222D55CC5C3D7350BD20FB Referenced in post(s): Update: Calculating a SSH Fingerprint From a (Cisco) Public Key
ClipboardTransformer: Clipboard utility ClipboardTransformerBeta.zip (https) MD5: FF653016801DA4D12F5BB852703E2D7D SHA256: 2B9F54145F1396D7FEB259F987DA0315AB168F3FDA03EEEE5AF3BD046223AF7B ClipboardTransformerBeta2.zip (https) MD5: D52B3B1BF0D69F0376EA49CB1A6AC108 SHA256: 41392B9DD88B530B747CD9CC16CDC0AC724272B103D665F8BE65041C0AD86295
cmd-dll: ReactOS cmd.exe transformed into a dll cmd-dll_v0_0_1.zip (https) MD5: 4BC42E3744FA780C5C2442F7836B8287 SHA256: BC7656E52476387650E2894C6D3952807BED5D3BFCFCCC4516B44A60DBDB3563 Referenced in post(s): cmd.dll cmd-dll_v0_0_2.zip (https) MD5: 9B3C1FA7EB7F7F8528D27CE2DD5C24B5 SHA256: 83D6397F4D75195C73394075522C1E7F5C96E1F3B5C4E70DAED34955C8B613C7 Referenced in post(s): Excel with cmd.dll & regedit.dll cmd-dll_v0_0_3.zip (https) MD5: 88FB19DCB612F588CAF7508232F64DDE SHA256: 111458061018D9133347D56CE9E58ADBC7CA167AD69E04F8036DFD5008ADEA99 cmd-dll_v0_0_4.zip (https) MD5: D9D75A10F2C328B708303F9BD24B9AD3 SHA256: 952CFB833D4F22093D7DF837372239A1199C1738FFFFED76124AF8668F4D3877 Referenced in post(s): Windows Backup Privilege: CMD.EXE cmd-dll_v0_0_5.zip (https) MD5: 9BDBB368CDB576BDC05DDE76BC30702F SHA256: 4757333DD509C77504E3FFCD1B01A2FFC6EC80AE518AE9CD787E80BF1281806D Referenced in post(s): Update: cmd.dll Version 0.0.5
count: count unique items count_v0_1_0.zip (https) MD5: B96B5ECF9361D44D9366071C9C07FF86 SHA256: 102F346529F34C0EF932ADC3D3CF003ADBA2DFCD8BCE23DBF36425A555345DB5 count_v0_2_0.zip (https) MD5: ACF1982045ABEF86FCDBA87A84F5F588 SHA256: 373DDA0B2C176624998B5907261477943F677855CCECCDD42D6BEB758F8E7B79 Referenced in post(s): Update: count.py Version 0.2.0 count_v0_3_0.zip (https) MD5: 52B9E424640983892FAD7734D0388860 SHA256: 4ED5A3FD913E6953A4635AB93F015BEDE08DF3448125DD95E1EFCB47A320D0D5 Referenced in post(s): Update: count.py Version 0.3.0
CounterHeapSpray: Process hardening tool, my PoC for Microsoft BlueHat Prize Contest CounterHeapSpray.zip (https) MD5: 1947380F935AE0B1A8828DE79621F82F SHA256: CA0BF635655EE05ABED117C858BC86ECDF3EBB4C39544D7D0C396D7C457F1BBC Referenced in post(s): My BlueHat Prize Entry: CounterHeapSpray
CreateCertGUI: Generate your own OpenSSL certificate CreateCertGUI_source_V1_0_0_1.zip (https) MD5: 790CA083407032434A8DA1FF8AC1E512 SHA256: B15BB8A3504EF56D1C6C84CA181FFB6E5A73956EC79757C62B87B520C136AA2D Referenced in post(s): Howto CreateCertGUI: Create Your Own Certificate On Windows (OpenSSL Library) CreateCertGUI_V1_0_0_1.zip (https) MD5: F5400736E7E38F30D35A02FEB6D99651 SHA256: 82D59AC494FEF1A8B219C591717359712C19E8845D02A457017045A9A4C3D989 Referenced in post(s): Howto CreateCertGUI: Create Your Own Certificate On Windows (OpenSSL Library)
cut-bytes: Cut a section of bytes out of a file cut-bytes_V0_0_1.zip (https) MD5: 48CEBD6748E152CBF619EF10B58E8DFF SHA256: E99BC09DA0F1310085ED1520D52FB188D06456D030BD05A941FCE2B5FE21A661 Referenced in post(s): cut-bytes.py cut-bytes_V0_0_10.zip (https) MD5: C14F60F9843F4C2A40A05A52CBE16AB8 SHA256: AD3ADBF30B09DB77B17FEF62C40CDC138516FD24B077201D126D259D1953792B Referenced in post(s): Update: cut-bytes.py Version 0.0.10 cut-bytes_V0_0_11.zip (https) MD5: 51F90BBBDE845DEC3EAB94FD30AFCF9B SHA256: C805CBD23E09D80EB2AF39F8F940CC9188EF7F6B27197D018DA95093AC5D0932 Referenced in post(s): Update: cut-bytes.py Version 0.0.11 cut-bytes_V0_0_13.zip (https) MD5: E16C2B6358A2AA642BCC9CC9B033FAEC SHA256: 2276257173FD1DF65338CFA53DDE5522ED8A7D7E94BCC302117F535F584F14CF Referenced in post(s): Update: cut-bytes.py Version 0.0.13 cut-bytes_V0_0_2.zip (https) MD5: B70F851CE74859B38AC3ABA9688593EB SHA256: 1A0BD64334DA90B21888020B383004A18C3BAEE211D24AA91FF12719F8581AE9 Referenced in post(s): Update: cut-bytes.py Version 0.0.2 cut-bytes_V0_0_3.zip (https) MD5: 211B96F715FD6AB4696D6E58D6DA924D SHA256: 9D5D38AF1375FFBDE705280F99758FF4C7D9751B81C46D80681740C43D6B94C6 Referenced in post(s): Update: cut-bytes.py Version 0.0.3 cut-bytes_V0_0_4.zip (https) MD5: A44D8BBE9BAB9309E732F8995CB5C7BB SHA256: F95453DE1CC5855C320AB947D9AE354BE8E3ABFA52418C0CF623351A9DBF6344 Referenced in post(s): Update: cut-bytes.py Version 0.0.4 cut-bytes_V0_0_5.zip (https) MD5: B20B9758D50C846CD0E0AEB9E0B15101 SHA256: B12D1E1C510ED4CC820C5D2F62897DF71E567B0D3B23AC36653236D30104157F Referenced in post(s): Update: cut-bytes.py Version 0.0.5 cut-bytes_V0_0_6.zip (https) MD5: 7F726219F6F601018B4BD39E9A407728 SHA256: BFD80EF00455CD938A05A18EAA33551ABEC6B0298A0AEE81052E6F5A12BB86F7 Referenced in post(s): Update: cut-bytes.py Version 0.0.6 cut-bytes_V0_0_7.zip (https) MD5: 95CF8E5D2BC2790B25101FC2BFF769FB SHA256: F1112C96872D15C2CD3F6AF9828C7E39F5EB115D20FB62AAD1C1357D75E3485B Referenced in post(s): Update: cut-bytes.py Version 0.0.7 cut-bytes_V0_0_8.zip (https) MD5: 1A69542E7E9D7348101B7E91884674B7 SHA256: 15BC253323FF162F26BEF784172A502383970E63514DF6B88A09952A19DAE826 Referenced in post(s): Update: cut-bytes.py Version 0.0.8 cut-bytes_V0_0_9.zip (https) MD5: 3D11868F238AF4369372CA083303716D SHA256: AB3EA61B0F519AB99E659F73C263A0F4C2C9DB851314C49C5DA5A5F434E0CA4E Referenced in post(s): Update: cut-bytes.py Version 0.0.9
datapipe_V0_0_0_1.zip (https) MD5: 5BF1594E8144B694431E7A7E3BDF33F7 SHA256: 57CD06EBFEC1C5C2661E44260A7304DFCDEEB2F54132E0627A474AF756AFA956 Referenced in post(s): MVP – Promo – Datapipe.xls
decode-vbe: Decode VBE files decode-vbe_V0_0_1.zip (https) MD5: 87E61217BC77275DBACEA77B8EDF12B5 SHA256: 11A9B5D47657C123845007E3E29FB331CAE7483B6A4A3AC54276DB90116911B5 Referenced in post(s): Decoding VBE decode-vbe_V0_0_2.zip (https) MD5: 35612087E2D62669E2690573FDE543F2 SHA256: 91A7465FE1F4D291751E6C5D88C51888C914B40C6F187709E33343FF121A116F Referenced in post(s): Update: decode-vbe.py Version 0.0.2
decompress_rtf: Tool to decompress compressed RTF decompress_rtf_V0_0_1.zip (https) MD5: 41127F62897479FB5135D36675C396F5 SHA256: 581F2E1B2B508C3941EC22040FB0C76999E5DF293C8AD0DC1FDE921D121F3A26 Referenced in post(s): New tool: decompress_rtf.py
defuzzer: Generate the original file by combining fuzzed files. defuzzer_v0_0_2.zip (https) MD5: 75188EF950625B78937C3473D825C582 SHA256: 056AB8BA7F3B2B52F8C7BFC2959D7F1AE3FEAC4BE90C675B2DFF6B521225D93E Referenced in post(s): The Art Of Defuzzing
DemoDll_V0_0_0_1.zip (https) MD5: 51ED8255B71097269BFF9B5ADBFDC392 SHA256: 599BA297705B15580A297C3F47429225C38EA9FAA4A8DF27BCE49C918964AD30 Referenced in post(s): Quickpost: DllDemo
DemoResource_V_0_0_0_1.zip (https) MD5: 9104DDC70264A9C2397258F292CC8FE4 SHA256: 722B3B52BAE6C675852A4AC728C08DBEEF4EC9C96F81229EF36E30FB54DC49DE Referenced in post(s): Quickpost: Compiling EXEs and Resources with MinGW on Kali
DidierStevensSuite.zip (https) MD5: 461E192456F8BC7C3B0E793E69D45502 SHA256: 79DF0D7E7E3FD04DABEFD9E678D00411D2855C2F511D9958B545C0B04644CD63 Referenced in post(s): Didier Stevens Suite
disinformational-tweets: Python program to Tweet (obsolete) disinformational-tweets_v0_0_1.zip (https) MD5: 36CDB584634ED299E7ACE0D64E846003 SHA256: C5FCE76443549C3A8882B799B6F7A754EF6AEE5F11F3E94FF255EE541205C17B Referenced in post(s): Quickpost: Disinformational Tweets
disitool: Tool to work with Windows executables digital signatures disitool.zip (https) MD5: 896121FBECEF00C4DE84743A13D3E696 SHA256: AFB374E06760470D070022BD97C518808545435910CF13472398B1FA15E50B9C disitool_v0_2.zip (https) MD5: 4C7196F5AD581275B8B8CBC4930FF338 SHA256: 075CED9FDD633A6D0A11029107206F845AF055AFC3872E7D82801A1D83AED64F disitool_v0_3.zip (https) MD5: 08D1CA036DC905D8E42AB3016A1B7821 SHA256: AEF923F49E53C7C2194058F34A73B293D21448DEB7E2112819FC1B3B450347B8 disitool_v0_4.zip (https) MD5: 3A41D8805340716913FAECE7C79B10A7 SHA256: 51EBFB0759FEEA69FFFB643659FD74DC5043338719A91CE36E427D175196661A Referenced in post(s): Disitool Update: disitool.py Version 0.4
DumpStrings: 010 Editor Script to dump strings (integrated since version 4) DumpStrings_V0_0_1.zip (https) MD5: 50C0C92F28020E7BCABBF46CA8775CCE SHA256: 7EC688DBB0FD95C828067662C9ED8BBCFFEFBE5EA37B607DC8DFA1BDCB94365C Referenced in post(s): DumpStrings.1sc
EICARgen: Program to generate an EICAR file (EICAR AV test file) EICARgen_V1_1.zip (https) MD5: EACBE699FFB0B9B56B6F2BCDBA810D6E SHA256: 5D44B15BDE92679DF0C216D5890C7EE9345B8782D25B01324B27CACAC918EFB6 EICARgen_V2_0.zip (https) MD5: D346A3725622F981DDA7221799EF08E8 SHA256: 2DF76319D8513B1AD70D327816D3C1028B261EF1E314243DCD0DEC14FF1FC7CE Referenced in post(s): EICARgen: An Arms Race EICARgen_V2_1.zip (https) MD5: CE65A30355B059C4A099BEC6837DF19C SHA256: 58CF69C21FF948B77055952E2F1681467DDB100FF5D90CA268B7A701167FCD3D Referenced in post(s): EICARgen
emldump: Analyze MIME files emldump_V0_0_1.zip (https) MD5: F31810449FB83ACF687BB994270E71C8 SHA256: 83647569AEBF85337B86F30ED3C55A085268D6C3B575225FE695C7A130D9A0E7 emldump_V0_0_10.zip (https) MD5: 34DBB3BCB1A2B04C45286C0583F11C07 SHA256: C5877E252DDB61B40BFFCC5403DB500E672DACFE96FAA7D1E0668246C5202DE5 Referenced in post(s): Update: emldump.py Version 0.0.10 emldump_V0_0_11.zip (https) MD5: 09408ED0C2183178BEA71459CE001995 SHA256: 01B3543CCBAE806E1536BF55E62DF7D30885737909DB4322348AC521138660CC Referenced in post(s): Update: emldump.py Version 0.0.11 emldump_V0_0_2.zip (https) MD5: 0EBFEC3A207B2629B702FF8D0F4F5406 SHA256: C1DC65DE5092C2F35C5EAE2E8CE38B531B8F28051195EE12B11ED8830C9B9896 emldump_V0_0_3.zip (https) MD5: FB080006C2653F3A2AD6E889FC957D5F SHA256: 0D55DE704BDE558B6E8E5F823C513F19F8A5FD5B2A97BB8BD5EBB5FAD18FA658 Referenced in post(s): Release: emldump.py Version 0.0.3 emldump_V0_0_4.zip (https) MD5: 79DF66048849439E6034F082606A37A1 SHA256: B4AFDE89B6F3B025595A6FD1ACC5F60498BF900D18E624F134F618115DAC0E08 Referenced in post(s): Update: emldump.py Version 0.0.4 emldump_V0_0_5.zip (https) MD5: 5FAEDF1459114306D57FEABEF3CDDEFD SHA256: B3D08E1768E1211C44680DD502AC096A324FF209330657F4ABC0CD09B888254C Referenced in post(s): Update: emldump.py Version 0.0.5 emldump_V0_0_6.zip (https) MD5: 682793840D895E473647F2A1F85A9867 SHA256: D76BADF2A332C3417BB7DD46B783CE90757DD76648D2313083982BFD74902C41 Referenced in post(s): Update: emldump.py Version 0.0.6 emldump_V0_0_7.zip (https) MD5: 819D4AF55F556B2AF08DCFB3F7A8C878 SHA256: D5C7C2A1DD3744CB0F50EEDFA727FF0487A32330FF5B7498349E4CB96E4AB284 Referenced in post(s): More Obfuscated MIME Type Files emldump_V0_0_8.zip (https) MD5: B6FBAF2AB403AFE30F7C3D7CA166793B SHA256: 7A7016B29F291C3D42B43D43B265DAD86B96DA519DB426163CC2D15C556896E3 Referenced in post(s): Even More Obfuscated MIME Type Files emldump_V0_0_9.zip (https) MD5: 752A6F06290E2A35ACB4C564FA7D72C5 SHA256: 52CA4FB61B3B6FD9AECBA974AB73DCFA5D667086EBE7FDC84DE6F90E4DCC6853 Referenced in post(s): Update: emldump.py Version 0.0.9
EnforcePermanentDEP: Enable permanent DEP in the loading process (Windows XP) EnforcePermanentDEP_V0_0_0_1.zip (https) MD5: B0A89B0CE8DC5BA2472B3D744D40E4A3 SHA256: 525BA6EF82BD2B0ABD30DAD0D676CE085A9FA6E0DE3E3A8A0ADD6DF050F5A635 Referenced in post(s): EnforcePermanentDEP
extractscripts: Utility to check HTML file and generate a separate file for each script in the HTML file extractscripts.zip (https) MD5: D40AFBB62A304C20B0BF06DA70B6DBF4 SHA256: 23245B1999973E6D8619BCEDB9090CF94D7ECD3F0865B1F47402AD77B18CD356 Referenced in post(s): ExtractScripts
file-magic: Essentialy a wrapper for file (libmagic) file-magic_V0_0_2.zip (https) MD5: EAE684E74731FF493D5EC5D243EB16B6 SHA256: 9B0E7B47CAED8F5627DEFCE19B737554BBF998EF380187D6DE4FC1C9572EC9ED Referenced in post(s): New Tool: file-magic.py file-magic_V0_0_3.zip (https) MD5: C46EBA4BC6BC63E097A86E30E6DE5432 SHA256: 3F3012B06182925C1A42678977089184B9C97C37CD025F9D71757B4227E7BE09 Referenced in post(s): Update: file-magic.py Version 0.0.3 file-magic_V0_0_4.zip (https) MD5: CCF170F09B1442D27AE6519A0BB0CBAB SHA256: F240BAEE78C8AE4DB29724D8A8F2A5DEDEFE47570219D700FB3BB9A6707432BB Referenced in post(s): Update: file-magic.py Version 0.0.4
file2vbscript: Embeds executable into vbscript script file2vbscript_v0_3.zip (https) MD5: B6B364BE69F8B2A4D554E9196B3D5A6D SHA256: 2091DDB9C4B9F0A7450DD7B9BF0731D4C9D38BD5B145C1B151FC2E508DEA0ADE Referenced in post(s): Quickpost: Embedding an Executable in a VBscript file2vbscript_v0_4.zip (https) MD5: BA08A9B0B3AAA2A24E241D33427B0B12 SHA256: B0ED4DA9CFC19632A6DD629F0358029D4C0F27193FF317C0BF0A344355A30B66
FileGen: Command-line program to create test files of different lengths FileGen_V1_0_0.zip (https) MD5: 6AAAB254D4BB10AC6320C7106C04FA79 SHA256: D7BE1E64BAD8DE33EDAD6A218E0B8E4BC53E011E3B1175F05E384A63C4BF24D7 Referenced in post(s): FileGen
FileScanner: Tool to scan files for patterns FileScanner_V0_0_0_1.zip (https) MD5: 9EE883A4E28A6D0649F6D7787BD76ED4 SHA256: 5AA71E6F4FED8E45A22B49FD9A0417933F7218AF9300FDEF24FEF696CF012F61 Referenced in post(s): Introducing Filescanner.exe FileScanner_V0_0_0_2.zip (https) MD5: 9A89333C13DBB669A94226F57E5D919A SHA256: 5F46312B06AE865957A36B95A4C2DDC41F20113B0E51B7F083A50929B38BD0F9 Referenced in post(s): FileScanner.exe Part 2 FileScanner_V0_0_0_3.zip (https) MD5: D9A7BA5874C10B10BF380D03E49C82A6 SHA256: C89FF7DBDB71A22E2A88C16ECD65E36619BD8EA39A77036404B6F4B1049D21E5 Referenced in post(s): FileScanner.exe Part 4 FileScanner_V0_0_0_4.zip (https) MD5: 4BB8F475328B9EB214E6B9405F84816E SHA256: 5D3B1408C5D2BD17C0441D0D9D0DA565E8D690DE792971092956F4CA10D5A071 Referenced in post(s): Update: FileScanner Version 0.0.0.4
find-file-in-file: Check if a file is embedded inside another file, even non-contiguous find-file-in-file_v0_0_1.zip (https) MD5: 2984F01404770B92953823D39907B055 SHA256: 1AD124A9A31DACFE1FC9F3B89B3117D3A70D5BC15B712CC1748BEA893612686C Referenced in post(s): Finding Contained Files find-file-in-file_v0_0_3.zip (https) MD5: 8691158700079C786F6905F0CA0F32BC SHA256: 84506CED140F309503E723831A9EFB99A8CC213532BEB56E00BC4BA5FE235797 Referenced in post(s): Update: find-file-in-file.py Version 0.0.3 find-file-in-file_v0_0_4.zip (https) MD5: CD381616158BD233D94B368554B824C6 SHA256: FD5C4E3EC99371754E58B93D3D96CBA7A86C230C47FC9C27C9B871ED8BFB9149 Referenced in post(s): Update: find-file-in-file.py Version 0.0.4 find-file-in-file_v0_0_5.zip (https) MD5: 1463DBAB808BBE40AC7919BC9A77303D SHA256: C269B1995B61F0EDE24E4E9C64D5DD64E79B5ED6DD2126E94AF52E15D90C427F Referenced in post(s): Update: find-file-in-file.py Version 0.0.5
format-bytes: This is essentialy a wrapper for the struct module format-bytes_V0_0_10.zip (https) MD5: 3349E2F8C84AE644C0AEFDA4410297C5 SHA256: F75C3A353E42D847264702B1F316A65657E6375EF979B8EF21B282D4676BE4C3 Referenced in post(s): Update: format-bytes.py Version 0.0.10 format-bytes_V0_0_11.zip (https) MD5: D73D5FA410F882F03176CF5FD3E0D90A SHA256: 34B37CA4E45E4EF0F36F5460CAD429343C0AE993297C104AA8A29C2EE4E7904F Referenced in post(s): Update: format-bytes.py Version 0.0.11 format-bytes_V0_0_13.zip (https) MD5: E7A7A344B3B8753553FC5B2E4084D8DA SHA256: 1F22A1D784DCF1269FFD12E2C9467EE0FB93B0895CC24D04CBBD9696D50945DB Referenced in post(s): Update: format-bytes.py Version 0.0.13 format-bytes_V0_0_2.zip (https) MD5: A859C5B5789246734647322CDEE38001 SHA256: 8FD7EEDB57ED257EAED67EAE30CF820C10B1845BC547EEC727268B46426E0F2D format-bytes_V0_0_3.zip (https) MD5: CFE426B605DEDA6E388C1F62D2655A31 SHA256: 227C3911A0D2B9D8E524B44D5B4F80EBAABD34810A11A9189B09ADFA5D2FB67A Referenced in post(s): New Tool: format-bytes.py format-bytes_V0_0_4.zip (https) MD5: EBCF854E9525D470171D7D8E99F836FD SHA256: CEE2E5B71E1BE8E5D5C934ACCD10BC0FEE2B60DFB6FDB6472F1014CEC4E509EC Referenced in post(s): Update: format-bytes.py Version 0.0.4 format-bytes_V0_0_5.zip (https) MD5: 3D92BCAF8E31BFBF6F4917B3AAB64AEF SHA256: AD43756F69C8C2ABF0F5778BC466AD480630727FA7B03A6D4DEC80743549845A Referenced in post(s): Update: format-bytes Version 0.0.5 format-bytes_V0_0_6.zip (https) MD5: D73C88AB15B8AE3B30BA2C5EBE8CC77E SHA256: 3FB480B52F5BF535A54B66CABBD853666B3E306EFAE4BD9247B45255F223E0B6 Referenced in post(s): Update: format-bytes.py Version 0.0.6 format-bytes_V0_0_7.zip (https) MD5: 58D3380B48593B3497AD04ACB1719CF3 SHA256: 8E07C1462AE88416CF8D5218A70BCFAE34F89B284684BFD0AC6B943A39E3CA8E Referenced in post(s): Update: format-bytes.py Version 0.0.7 format-bytes_V0_0_8.zip (https) MD5: 22F216C2304434A302B0904A9D4AF1FE SHA256: A38D9B57DDB23543E2D462CD0AF51A4DCEDA1814CF9EAD315716D471EAACEF19 Referenced in post(s): Update: format-bytes.py Version 0.0.8 format-bytes_V0_0_9.zip (https) MD5: 2F97370D12A7DBB53EB8B30AA0A40463 SHA256: 87C9F3120673C0E92C9562EC2687B60AA93DAF612CE854939E48F6E902BFBBB4 Referenced in post(s): Update: format-bytes.py Version 0.0.9
fuzzer: 010 Editor Script implementing a simple fuzzer fuzzer_v0_0_1.zip (https) MD5: E9B7114952E81A504C7CF3B06B99B5CF SHA256: CF399EE2D86B6039236608F4FE882E579D7DCFED1DA980B4124ED06FD0C5807A Referenced in post(s): fuzzer.1sc
generate-hashcat-toggle-rules_v0_0_1.zip (https) MD5: 170F54D69C8581B9379E11E14F31C39E SHA256: 93AE3CC8123425CEBC85D6CA4DE1ED1DD14F492AB744368729FB38D24436B5D9 Referenced in post(s): Tool To Generate Hashcat Toggle Rules
hash: This is essentialy a wrapper for the hashlib module hash_V0_0_1.zip (https) MD5: 8ECC05DEFBD4AB494A37DE02615A8FE1 SHA256: 07A1ED7FD00FB18B616540CB108AA1D2134B07CC509E11257E4E43FFF9A185C2 Referenced in post(s): New Tool: hash.py hash_V0_0_2.zip (https) MD5: 7C9EF6D52793D6FFAAF4EB6FCEB934B4 SHA256: F768BCBE035ADF099C2AFA41CADB2ABD9514D54E6D361AF5610277B8A70D6B7D Referenced in post(s): Update: hash.py Version 0.0.2 hash_V0_0_3.zip (https) MD5: CB4BCB40CA50ED23AC7E47510B308811 SHA256: 6C3C44C5B98C7C7415E332D15B6EA887CD54170DADDDC726B3544F1696F4E324 Referenced in post(s): Update: hash.py Version 0.0.3 hash_V0_0_4.zip (https) MD5: 6DAC25432338BEA40B9141A791B8A958 SHA256: D66BF64B91B1BCBA5EA99EA03439A12835C5427BB1C447E6B515F94D9F468137 Referenced in post(s): “Here Files” and my Tools hash_V0_0_5.zip (https) MD5: 2A4D61F692D935E27E4BECA642F19D97 SHA256: 5DA5B59EBC6EB0FADEA868E631057BF14C29486405F75D8183C48FE4631B81A2 Referenced in post(s): Update: hash.py version 0.0.5 Validating Your Downloads hash_V0_0_6.zip (https) MD5: DE0AC3F7809E55E1577EB049A5F34EDF SHA256: D66FF1D5173E3DDAFC842087B9E4E8447C18EF0AA8C03E02A365E3F9028BA8D9 Referenced in post(s): Update: hash.py Version 0.0.6 hash_V0_0_7.zip (https) MD5: 9BE8A26F2940FA2FF5C3671B7BB6DC6F SHA256: CFA2767F0FAA792F9B75344B2F15FF40267F3EDE77D221B0134F07FDB04E515B Referenced in post(s): Update: hash.py Version 0.0.7 hash_V0_0_8.zip (https) MD5: 03F928332874447F6198A9FDE46E3AA7 SHA256: 80C493639CA7160D1455FABA38A2A04556240326D4BA78B8207CA8FF8B09E1B2 Referenced in post(s): Update: hash.py Version 0.0.8
headtail: Output head and tail of input headtail_V0_0_1.zip (https) MD5: F5FD067F94411D22B939D753B803ACFE SHA256: CBB66EA335299801A4D3D80A6A9BD686C56058B203ABB1BC6144B3A2E2370979 Referenced in post(s): New Tool: headtail.py
HeapLocker: Process hardening tool, a bit like EMET, but open source HeapLocker64_V0_0_1_0.zip (https) MD5: F3D43A29CE64F9418AA154C66B0B06A4 SHA256: 7EFF1D9EA20B522D76034DC4CB66E2FD7AC43E585987FC9ABF7EF8EB801FBC6C Referenced in post(s): HeapLocker HeapLocker 64-bit HeapLocker_V0_0_0_1.zip (https) MD5: EE0ED3FC2C9A5A3497A7286BFB476978 SHA256: C2B7F0BB8F1D1EDCCFCFE612412B40A12B89F4BE888BB50F872E04FD2F9BBA5F HeapLocker_V0_0_0_2.zip (https) MD5: 66204745155E8F75B9A152F2E8D416EB SHA256: A334957AC8707DFC947C6B70F8F3D7337902969CFF3D6099597B3CB31BC3D4A8 HeapLocker_V0_0_0_3.zip (https) MD5: F4F9AD7139C4D7FB3B0B149FA5961A56 SHA256: 7DD72256EE9C189A234234FD7758E9251F813FF253E0387C9D8188D8155FDDA4 Referenced in post(s): HeapLocker
hex-to-bin: convert hexadecimal to binary hex-to-bin_V0_0_1.zip (https) MD5: 18FC870888B333D8B081CE3E31428A1B SHA256: 17B4257C6951C792FFE64EDDDFF20674AD07DE2699EF066BDF7A548DA09E6592 Referenced in post(s): BlackEnergy .XLS Dropper hex-to-bin_V0_0_2.zip (https) MD5: 4F415E4117EC497C52E244A7087E36B9 SHA256: D283C312CC169419BC16D9199F5EC850D5D7565B9FDB272CA5236F97EDAD22C3 Referenced in post(s): Update: hex-to-bin.py Version 0.0.2 hex-to-bin_V0_0_3.zip (https) MD5: 0F87942CC9EF566D4C3B5A34073D5399 SHA256: 02447247C59F530CD6559B0FB287E314AC3AB807D843729CA9CE3F16D0930CAB Referenced in post(s): Update: hex-to-bin.py Version 0.0.3 hex-to-bin_V0_0_4.zip (https) MD5: CBD3D27A2BC703F51FB23F757084BBE1 SHA256: CD70D7644BB353C64DD37AA0717B14967176A1A5E35E5DC6AE163D929BE13AAD Referenced in post(s): Update: hex-to-bin.py Version 0.0.4 hex-to-bin_V0_0_5.zip (https) MD5: 6247279785AB80F4B0A91E0316D8695C SHA256: C55246D653F1804DFB2C2EBEC0471AF42A89E9F080DCC87DC673BC9FEAD1949D Referenced in post(s): Update: hex-to-bin.py Version 0.0.5
InstalledPrograms: List installed programs with Excel/VBA InstalledPrograms_V0_0_1.zip (https) MD5: 0BF27B9D4B6316381E0AADC1777B7F8F SHA256: 60AF8234BD10E12221CAD3D2544222819CB0CC0834E339084590860F30E0D580 Referenced in post(s): InstalledPrograms.xls InstalledPrograms_V0_0_2.zip (https) MD5: 383D9EC2B520E930A8484F1BD0B99534 SHA256: B174A5A9A366799B5C7CB99D6FD83643E5AE8155FBC52ADCEDA836FFF9281766 Referenced in post(s): Update: InstalledPrograms.xls V0.0.2
InteractiveSieve: GUI tool to visualize and analyze logs, data, … by “sifting” InteractiveSieve_V_0_6_0.zip (https) MD5: 37DDEA0A289AB7E6F826A7BDF46B5C81 SHA256: 2AA5F24A3432C4D16837A7B9BA818D19C54C6047745A9B3E1DE30B51BE9B2AC5 InteractiveSieve_V_0_7_2_1.zip (https) MD5: 0312B5884B59619AFD2BD8C2A087E333 SHA256: 79DF1AF0020B0A8174F1A745EFBC922509990CE643703E69FFDA96FA4ACD3D78 InteractiveSieve_V_0_7_3_0.zip (https) MD5: F36B245584DE143A15F484AA6220D67F SHA256: AE0804EA739AEDC5FA32B7F6FD99AB99A35F7742B98953A653E0C24725E0FE6F Referenced in post(s): InteractiveSieve InteractiveSieve_V_0_7_5_0.zip (https) MD5: F9E3D74F4BE3C140FA415C6E525A5346 SHA256: 1981665BEF13E52A03A53AD4755891D25AE6A3D8D986666107D295CE8AE31C02 InteractiveSieve_V_0_7_6_0.zip (https) MD5: 37C18D2E41CB311442E033F253818057 SHA256: 5758289A939388FDB73617DAD686EBD2B79D1E48444A772946E7606DAF49DB05 Referenced in post(s): Update: InteractiveSieve 0.7.6 InteractiveSieve_V_0_9_1_0.zip (https) MD5: C8B5B3E768FB62B7508F055122453594 SHA256: 063A83D9DBA900C8B245532D510E822A305B258C9A3DD05F19F4F0ED2753B6E1 Referenced in post(s): Update: InteractiveSieve 0.9.1
jpegdump: JPEG file analysis tool jpegdump_V0_0_1.zip (https) MD5: 8266BD2E8190AD8FBD727AC3B5C30758 SHA256: 68EE75A22C2EC27569AB40358EB1CE0CFF4EBBD8C3A70F497602681A7E1F669D jpegdump_V0_0_3.zip (https) MD5: 929F3EC096AEBEC642C44C6A6EE2895E SHA256: C5C1CA151C7E24FB6E305E5116BE7B6BC4C417810217249D3831BE5805BBAA9F Referenced in post(s): New Tool: jpegdump.py jpegdump_V0_0_4.zip (https) MD5: 496B6F2B0C0EEF919F7C6E20B9C1ADF6 SHA256: 5D150AE050610B6DB11FBE8B44E385A80800971AF1810F67531BB17A1373C770 Referenced in post(s): Update: jpegdump.py Version 0.0.4 jpegdump_V0_0_5.zip (https) MD5: D7157E7FDEEA4257220F60E0081EE138 SHA256: D6940A82CDECEB9D1FB27561E7B748837D666568FC857AEB6680E135D08E897C Referenced in post(s): Update: jpegdump.py Version 0.0.5 jpegdump_V0_0_6.zip (https) MD5: 14FFB9016A9181DB3A59370B2E0DAFF2 SHA256: 13B610A9BDE68CDB64E482AADBC522DDAABD6F6D746AA032C6FEDDAF6BF4169B Referenced in post(s): Update: jpegdump.py Version 0.0.6 jpegdump_V0_0_7.zip (https) MD5: DF600AAADD1E6335CB1DC5FEF895B2AE SHA256: 123CDBACA0533BE975751F935EA9C6CEF75B7F8E67CC0FBAD36F8C66DD9354D8 Referenced in post(s): Update: jpegdump.py Version 0.0.7
js-1.5-mod: SpiderMonkey JavaScript interpreter modifications js-1.5-mod-0.3.tar.gz (https) MD5: 59D7C7F67903A00AFC97C9BEDD7E1F54 SHA256: B1B51F3FD357635AD6BE90D183416DAA7783972F9BAF15E36B0A5B9BF748A570
js-1.7.0-mod: SpiderMonkey JavaScript interpreter modifications js-1.7.0-mod-b.zip (https) MD5: 85B369B5650D4C041D21E8574CF09B9A SHA256: D3827DF7B2EA81EEE91181B2DE045320E1CFEC46EED33F7CD84CA63C3A36BC38 Referenced in post(s): Update: SpiderMonkey js-1.7.0-mod-c.zip (https) MD5: B14B522E81366D6AAF3B7EB235B62707 SHA256: 2CCB2F57DF706A8EE689C54B18A0EA7BB052EF08BA233F1319119825DB32927B Referenced in post(s): SpiderMonkey Update: Patched SpiderMonkey js-1.7.0-mod.tar.gz (https) MD5: A64B079FAEFD6BA23CAC3FCC7EF41AC7 SHA256: 74DD063F13647505ABB11FA3D1A5D44DA35A3F73F18FE973F93FBA5E349B8BA9
js-unicode-escape: 010 Editor Script to convert bytes to a Unicode escape encoded string for JavaScript js-unicode-escape_v0_0_3.zip (https) MD5: B86B7E73D93C5A4C086384C2FF89303C SHA256: 81F26C328FD67FB7512CD60485481D7FFD8B7FE5ACE95455D45F4F635EADF81C Referenced in post(s): js-unicode-escape.1sc
js-unicode-unescape: 010 Editor Script to convert a Unicode escape encoded string to bytes js-unicode-unescape_v0_0_1.zip (https) MD5: E4FF29FB631142AC995636EED4CFB2AB SHA256: C5659BCED1C6A7F92C2F7F9058DAA5807D2907283041E4F9DD1E4B6F318F2BBD Referenced in post(s): js-unicode-unescape.1sc js-unicode-unescape_v0_0_2.zip (https) MD5: 6200C4F235CA527E8C0DCD5076CB1C09 SHA256: 2CACC9EE1BB1D1BC4C9FABC6EC3B3440CFF304AA560966B0B531279C369549BB Referenced in post(s): Update: js-unicode-unescape.1sc
keihash: Calculate SSH Key Exchange Init (KEI) hash: KEIHash keihash_V0_0_1.zip (https) MD5: 674D019A739679D9659D2D512A60BDD8 SHA256: DB7471F1253E3AEA6BFD0BA38C154AF3E1D1967F13980AC3F42BB61BBB750490 Referenced in post(s): KEIHash: Fingerprinting SSH
ListModules: Analyze digital signature of all executables in processes ListModules_V0_0_0_1.zip (https) MD5: 56D6BD9479915E6FF1C29A9D9F8F7950 SHA256: 43DFAD3F18C2F317E283BCDD453311BB17F6216C6748C25D102778DF63021069 Referenced in post(s): ListModules V0.0.0.1 ListModules_V0_0_0_2.zip (https) MD5: F1FDFAA37D23E3B61E2E1F018C1D2B83 SHA256: F0AE681AB70281920B219B6733A2F0D7BC8AE959621DC3107B49F1EED4A1E523 ListModules_V0_0_0_3.zip (https) MD5: 872C03B1C3FACBA81B79BE3884466EC5 SHA256: FFFEC015E6F5916EEF018A5ABFDBB8FE45614DC8EDB23123523D3BBF9DD1C558 ListModules_V0_0_0_4.zip (https) MD5: 36D05A56C06493A3EB1BAD6F9F5BB2E5 SHA256: FDB262E043F86EA4F147D50B2DD48707C63E0751B655AB3AF9577C1E54017CE6 Referenced in post(s): Authenticode Tools
ListSharesSecurityWithWMI-VS2001: C# example for share security enumeration with WMI ListSharesSecurityWithWMI-VS2001.zip (https) MD5: A27793BB9C3F19AFB25F1F64CEBE5C94 SHA256: 10FF939F3B73BDF383EA330B89B5B3BD794FD78EA66DEE564C94380F1A9E7E5D Referenced in post(s): Programs
LNKTemplate: 010 Editor Template for LNK file format LNKTemplate.zip (https) MD5: CD7C486DBB9A1CA48D0A3CD67492B404 SHA256: EDECFE72280DB904969C599E313CB6DD93BB37A0B55B5786014DEC1BC1B61738 Referenced in post(s): Quickpost: 2 .LNK Tools Quickpost: .LNK Template Update
LoadDLLViaAppInit: DLL to load other DLLs via appinit registry key LoadDLLViaAppInit64_V0_0_0_1.zip (https) MD5: 94C38717690CE849976883FFE4B22CA1 SHA256: 447C8F61A6398CBE6BD5E681FCE28C55D426D4E4EA49BBE367AE5B334B073A55 Referenced in post(s): LoadDLLViaAppInit 64-bit LoadDLLViaAppInit_FI.zip (https) MD5: 2867B6AADF6C9FFA224D2D6A0153AD91 SHA256: E732451401B37087FAC619BD500E370FE3C21FB764F2E2E99C76EDBADEC86204 Referenced in post(s): LoadDLLViaAppInit with FORCE_INTEGRITY LoadDLLViaAppInit_V0_0_0_1.zip (https) MD5: 60B93BAF4B0F973C3EC920F2F4A180E8 SHA256: 3B528A3BAF593A2740D5655CF18BC0932801D4DF1750DE8F9C8229C0FF51E8BE Referenced in post(s): LoadDLLViaAppInit LoadDLLViaAppInit_V0_0_0_2.zip (https) MD5: F458DAEAB1A3E68870EE0608E2A1FFFC SHA256: 9C8BA52A68893F33E0019CC64264C24A7EEC09C5D0DAE6F43C110ACFD45E621F Referenced in post(s): Update: LoadDLLViaAppInit
LockIfNotHot: Automatically lock Windows computer when user walks away, requires IR thermometer LockIfNotHot_V0_0_1.zip (https) MD5: 188BE76E0A5BCCA26A8736F8F0C4061C SHA256: CA915265D3B224DF3AA95E5C59B7C0E7EDF239DF50FC1C03F2C991A8B1800AD2 Referenced in post(s): LockIfNotHot
lookup-tools: IP-address and hosts lookup tools lookup-tools_V0_0_1.zip (https) MD5: EB9C5BEF25EC5ED0F44297AA8A04679E SHA256: 755E98BA0BC09C31E58ED4BF7B08CD42467BBF9B129C77DD6D558FD6B6E27124 Referenced in post(s): Looking Up Hosts and IP Addresses: Yet Another Tool lookup-tools_V0_0_2.zip (https) MD5: 310904722F900FA34C567FC38634124E SHA256: 85626574A99BF4D2AB786D8C2FF5B8F6649F1FC7410F1786A24EF0201AAF64AA Referenced in post(s): Update: Lookup Tools
LowerMyRights: Restricts the rights of an existing process LowerMyRights_V0_0_0_3.zip (https) MD5: FF937173AB1CD2C7A9DF050D7ADF0696 SHA256: 9AA83F24031029F60862CAAE477B02DF0C0887BD6E9078A1E186FEF6DF873253 Referenced in post(s): LowerMyRights
make-pdf: Set of Python programs to generate all kinds of PDF files make-pdf-jbig2_V_0_0_1.zip (https) MD5: 334D59CE634914CA89661A6DE03CE78C SHA256: 153AFCA0E5269477772D920DF230DB9ED1CDC9715F0FDF4A9572A679B24BD116 Referenced in post(s): Quickpost: /JBIG2Decode Essentials make-pdf_V0_1_0.zip (https) MD5: 7682A66DCD0C3AF1D4A2AFA30D44AA8C SHA256: 7E92B7EE4A3EE2FCFCAF0AC1398381E4F649A6E7C899351721D78D37D6018AA0 make-pdf_V0_1_1.zip (https) MD5: 9AF2E343B78553021C989E8E22355531 SHA256: C604679ABEB0469C1463159E02E74F12487B2755A6096B416A8F4F638DEB8AA9 make-pdf_V0_1_2.zip (https) MD5: 305D57692C27DD3CD91D8C85A3932948 SHA256: A030BBCB8B54137D8047A4CB5C350725599383A4B113CABBA8871AC221378C5B Referenced in post(s): Embedding and Hiding Files in PDF Documents make-pdf_V0_1_4.zip (https) MD5: D2630ABDE44DFFDD5640AEF391CE591D SHA256: 11578A938F9FFCC16456519375AF8817C1F8F0D9C41C68BBF78882BFB36B8058 make-pdf_V0_1_5.zip (https) MD5: A6B9C9C411EDE77B95541505DC713051 SHA256: FCA43E7A47248CAB0E7E553ACE293E3D669F6F553C4C53CEE53494FF8B0D91FC make-pdf_V0_1_6.zip (https) MD5: 85DA11252AD5990A1F5514BCD5D4501B SHA256: EE23A178727C8505A864083EBA8B5464CC897D80FB8EE60D4C47B29810A056A1 make-pdf_V0_1_7.zip (https) MD5: 73DBC0CEC9A425DE3317EB48B9A7EA81 SHA256: DCEA54C2C260152A01278C6262D82255B5944ED616663B83DC158F74F27F509E Referenced in post(s): PDF Tools
md5_authenticode: MD5 Authenticode collision PoC md5_authenticode.zip (https) MD5: 332078ECB5609A09F6412450EB41CAA8 SHA256: 72E54C3F052D7E8C7414F524CD40541244BB57D1F346477CFAFC037F42DA50AA Referenced in post(s): Playing With Authenticode and MD5 Collisions
MIFAREACR122: Python program to read and write 1K MIFARE RFID tags with ACR122 contactless reader/writer MIFAREACR122_V0_0_1.zip (https) MD5: 368BE885EF3BA0E8CBDA25F8EC022833 SHA256: D721EC111C2FC7D4A9CD0A1ED4DCF29554C68E56C6F4DA789A4228715A32D732 Referenced in post(s): Shellcode On a MIFARE RFID Tag
MovingXORSelection: 010 Editor Script to perform a moving XOR of the current selection MovingXORSelection_V1_0.zip (https) MD5: C0B069044E0CA64856B74DE03250F837 SHA256: CE4D0F139728DBCD7F3B817BB3B610FFAA893B3B5BDF73715345EE170166F36C Referenced in post(s): MovingXORSelection.1sc
msoffcrypto-crack: Crack MS Office document password msoffcrypto-crack_V0_0_1.zip (https) MD5: F67060E0DE62727A1A69D0FD6F39013A SHA256: 1466B94B56595BA0B91F0A2606F699E1D737E964F3F1A4DFDF7EAA47843DD063 Referenced in post(s): New Tool: msoffcrypto-crack.py msoffcrypto-crack_V0_0_2.zip (https) MD5: 010B7FA68FCF9CE84427815EFDFE1C42 SHA256: 6B368E40EEE8A907D444A49963B37F456A3645991201CE06F0E46A0F2E188A74 Referenced in post(s): Update: msoffcrypto-crack.py Version 0.0.2 msoffcrypto-crack_V0_0_3.zip (https) MD5: 45BAB81D744DA62182EC58A8F2E05BFE SHA256: CF9DE02C72C07C07786BE09551CD17F6DBB83BCEF2A1C5435E06A695D7C6770E Referenced in post(s): Update: msoffcrypto-crack.py Version 0.0.3 msoffcrypto-crack_V0_0_4.zip (https) MD5: D3D7A0475FF1C9AAB7BE773514784465 SHA256: 4A27E0FF50863A925FEE55B8F7D16AD29C2DF5E4611F9493DAEEBA89B5F3DBA9 Referenced in post(s): Update: msoffcrypto-crack.py Version 0.0.4 msoffcrypto-crack_V0_0_5.zip (https) MD5: 1514DA367DCFF7051AB117266CE65BD3 SHA256: FEEFDD89134083EA19936494C8FCBD05804B3B9C0D4C5FBAFE06578D466B50AE Referenced in post(s): Update: msoffcrypto-crack.py Version 0.0.5
my-shellcode: My shellcode collection my-shellcode_v0_0_1.zip (https) MD5: F215B29BA3C8F24CFBA5C24BED65B68A SHA256: EA1DB8028954CEB18B8AD2EB37CA6BA0CD7CDC6B9A64F10561382152701C013F Referenced in post(s): MessageBox Shellcode my-shellcode_v0_0_2.zip (https) MD5: 324AC5DABA30198C66B58B234D4D8E80 SHA256: E947C6B3087008BFC6B327A8066D29DC4F0D3753032775A3A1B602436FF3EE0E my-shellcode_v0_0_3.zip (https) MD5: 914FB82B15D84108E023714DFF5B8658 SHA256: B72BD9DAAAD37100A6C011752E305FDDFED0F9C5ABB27EF1F19F24D05CB2C939 my-shellcode_v0_0_4.zip (https) MD5: 79A46202171D558876F41E2A9352B301 SHA256: D7D3A06BC82CE5FA5082FAA2AB266F971A5C4DDEA06645B119975EDC100730A3 my-shellcode_v0_0_5.zip (https) MD5: CFF4F0FB67C5ECCCB7EE5F3C35FB0578 SHA256: B0E444A16719B0196C4038B398DF0333D29B202283E523B1CF3D4267ECD4D0BB my-shellcode_v0_0_6.zip (https) MD5: B6BC3081E1D2CA823AC4F814FD972E6B SHA256: 414E2A933DB6C6B7F3605834F18F52DC7F39113AC7F7120EBF91F2C30B749A1F my-shellcode_v0_0_7.zip (https) MD5: E3D7866D59506696C3CEDE97FA742997 SHA256: C575FC6128ED65F83C19B2E5E6AC5554B8C1D27F27EA16E5CDC147927AD2AF76 my-shellcode_v0_0_8.zip (https) MD5: 456F014F88A759B0A5CD15DC2C9F4BBD SHA256: B924200D2F4674F9BC25AAB2C43397647E3F97AF27CBB394CBECCFBF2789D507 Referenced in post(s): Shellcode
MyEFSService: PoC for Malicious Cryptography blogpost MyEFSService.zip (https) MD5: 457B7A671AC28C533BD3B6A62FD1DF13 SHA256: 2F2D9BDA5C00E7DA3619AD86EAA6B2DC302447FBDA67399263FA2A7F71281E46 Referenced in post(s): Malicious Cryptography
MySafeModeService: PoC for Playing with Safe Mode blogpost MySafeModeService.c (https) MD5: 6A9EC31F58B803EDA6032BD5D3EB6996 SHA256: FDF45508EDC33896BB8C723492B82246AA75B5391FECF1B8ED9F5D4247739395 Referenced in post(s): Playing with Safe Mode
NAFT: Network Appliance Forensic Toolkit NAFT_V0_0_5.zip (https) MD5: DDA7D6B34DD55895F144DD2E39A96455 SHA256: A8C08580447AB5F5DAD105BFF70E3CE8DC397DA81A08C2B344DE073D4B5296C0 NAFT_V0_0_6.zip (https) MD5: 58FE5A59084B30843C44D0DF9A753B53 SHA256: 3970EE86A1747B22BE7427DD97D21398DCF3A32DBD22F11E58B5DDB10C55D362 NAFT_V0_0_7.zip (https) MD5: 247DD8703F1AB1AEF0764367706EEA19 SHA256: 0CAAD5C024E16664F5EC36CDDB19F57D2EEA402DAFB72A259F1542C99D4CC11D NAFT_V0_0_9.zip (https) MD5: FEBBDB892D631275A95A0FEA59F8519F SHA256: 95F42F109623F2BA6D8A9FFB013CBB0B5E995F02E5EB35F8E83A62B8CA8B86D0 Referenced in post(s): Network Appliance Forensic Toolkit Update: NAFT Version 0.0.9
NetworkMashup: Network utilities (ping, DNS) written in Excel/VBA NetworkMashup_V0_0_1.zip (https) MD5: AE0CD3879483930B82500FA40D6ECF20 SHA256: B46C670B7677BD08DCFC8AF5E8C16881836A8BD29CC3F574F1CB4011828BDB39 NetworkMashup_V0_0_2.zip (https) MD5: D6393F7A77517177DAE708019393E4FF SHA256: 91983017EB2C069D6EE36EF7F0CE4043C3BA7E5CB7C46D86AE8C323D7EB27B81 Referenced in post(s): Quickpost: NetworkMashup.xls
NewPasswordStats: Password auditing password filter NewPasswordStats_V0_0_0_1.zip (https) MD5: FAF362F49C7B3FA8CCE7AF600B6D91A8 SHA256: 3D9BBD195F55FBB8F6CE523B3E7BE95A531725570336C55911EE0F312FE95A4D Referenced in post(s): Password Auditing With a Password Filter
nmap-xml-script-output: nmap xml script output parser nmap-xml-script-output_V0_0_1.zip (https) MD5: 772B6371C1F5E27E68D9BF14955A02D4 SHA256: C86E42E7FA8EFA42C60062759E69DC8DE7F017D9113CF304D9515ACA59815790 Referenced in post(s): nmap Grepable Script Output – Heartbleed
nocalcpoc: No calc PoC nocalcpoc_V0_0_0_1.zip (https) MD5: 05798543571B45E19536181DC7346330 SHA256: ED0FEDC6096420F6F09F4980A1CE36F7C4BC0A8C9191F4DFC27FA4C77D547976 Referenced in post(s): Why Isn’t my PoC Launching calc.exe?
nsrl: NSRL tool nsrl_V0_0_1.zip (https) MD5: 5063EEEF7345C65D012F65463754A97C SHA256: ADD3E82EDABA7F956CDEBE93135096963B0B11BB48473EEC2C45FC21CFB32BAA Referenced in post(s): nsrl.py: Using the Reference Data Set of the National Software Reference Library nsrl_V0_0_2.zip (https) MD5: 816DD5BEF94D289F489399A95824083D SHA256: 65C4AF8F139651942062EB78D820AD3BE5DBEE2C4331B3105BAE62B220CD4F44 Referenced in post(s): Update: nsrl.py Version 0.0.2 nsrl_V0_0_3.zip (https) MD5: A86E3EB076B467C64A520256556EDADA SHA256: 8760B20A918CD135B7D79F7567C240AEF4840325BE9656D684BFD119A017E86F Referenced in post(s): Update: nsrl.py Version 0.0.3
numbers-to-hex: convert decimal numbers into hex numbers numbers-to-hex_V0_0_1.zip (https) MD5: 9050768633DDADF34900DAB0061F3B24 SHA256: 00B099F3939251F2027F2705AD08AE352C0FC447C86EB3271721FB2935CF71B6 Referenced in post(s): BlackEnergy .XLS Dropper numbers-to-hex_V0_0_2.zip (https) MD5: 911D2BF2EC0839DD595C48FF4BE5E979 SHA256: 41D5B19E401516CB134521E1F6973A16DBFE491303BD93429EEBE55C0B3AFEF6 Referenced in post(s): Update: numbers-to-hex.py Version 0.0.2 numbers-to-hex_V0_0_3.zip (https) MD5: EB8CE35EA272042211B1EADBE4606BE2 SHA256: 1CE2E7C6EF930C56024C0313C9FCE6E96A7FA6FC07893EAF06ACCC05A3D2C528 Referenced in post(s): Update: numbers-to-hex.py Version 0.0.3
numbers-to-string: convert numbers into a string numbers-to-string_v0_0_1.zip (https) MD5: A5BB5F9F711D090416431ABD0E0151A0 SHA256: 5B08018077CB6578553AA3E4D7B2FA663DCC2CF21F4C108C2B4A19680F5A4132 numbers-to-string_v0_0_10.zip (https) MD5: C7B8985C5A7D856F68A88BBD491375E6 SHA256: 8CED403C795E9287DD1500C8A0EFBF41F8837BE112113D425A7F8C97D9D1A27E Referenced in post(s): Update: numbers-to-string.py Version 0.0.10 numbers-to-string_v0_0_11.zip (https) MD5: 6824639FFEE290B83DBA328021355476 SHA256: 0E748886E97E351B64BD288D3EC6F322FFB7B1AA89410897E6B2BA03701EA852 Referenced in post(s): Update: numbers-to-string.py Version 0.0.11 numbers-to-string_v0_0_3.zip (https) MD5: 6FD49062058E6A03A4A7BF3A3D26408A SHA256: 9457AFA699B61DA52F07921D3F7AB486585036654D64AD126B933345E71BC07F Referenced in post(s): Update: numbers-to-string.py Version 0.0.3 numbers-to-string_v0_0_4.zip (https) MD5: DFBA2CE60D59A5DF25D7BE415D55B0FF SHA256: DA75A6BEB7DCD0F71C008EFE43EE3D3831B545BC916AA5176F4E2004FE97A250 Referenced in post(s): Update: numbers-to-string.py Version 0.0.4 numbers-to-string_v0_0_5.zip (https) MD5: 02119AFAC1942A3C97B8E554C03B2DB6 SHA256: 36A5C346063C93B45C50ACF82C317379496A815F166E25F969168DDAB561F92D Referenced in post(s): Update: numbers-to-string.py Version 0.0.5 numbers-to-string_v0_0_6.zip (https) MD5: 283003C9B328A3DB79BC83AD3C3B0FB1 SHA256: E96417C26EA1231748C6A5DE2F12F56D816F2F875795ED7412ED5D6458CF7B93 Referenced in post(s): Update: numbers-to-string.py Version 0.0.6 numbers-to-string_v0_0_7.zip (https) MD5: C23E49A24B54365F469BB35CCDA12701 SHA256: 3E9E7DF84359BEB4A054FC82E73C3E94219FC85E462FFBE3676C16E115F61AB3 Referenced in post(s): Update: numbers-to-string.py Version 0.0.7 numbers-to-string_v0_0_8.zip (https) MD5: 69179F5EE01F8E0102F40B768E80A82E SHA256: 535518780E9F4102320C81EF799CF1AD483C51450690A2E1FA9F2CA61B7A8A88 Referenced in post(s): Update: numbers-to-string.py Version 0.0.10 numbers-to-string_v0_0_9.zip (https) MD5: C5629F102FCF58E5CFF24472D35AFF22 SHA256: 5B1CA43EDFD7BA66CF44FB552BD7882AEB13A8765017F9F865071E187410EE63 Referenced in post(s): Update: numbers-to-string.py Version 0.0.9
oledump: Analyze OLE files (Compound Binary Files) oledump-beta.zip (https) MD5: 6B2F81410C9DB409E55A05AEB2E8342B SHA256: E80244C87E11E516F5D7245224828BA15C4079EFE16582FE785D6E307C04B657 oledump_V0_0_10.zip (https) MD5: 450C28232254F8FF3AF5E289F58D2DAB SHA256: 139671E5E69200CECCE0EF730365C1BF1B7B8904B90E3B1E08E55AB040464C73 Referenced in post(s): Update oledump.py Version 0.0.10 oledump_V0_0_11.zip (https) MD5: 02AEF764545213E1B1A5895AD0706F78 SHA256: 162EE94B1A4533956EE2CE0CB13ECDF2FF6C18A0597685E690B8524526FD694E Referenced in post(s): A New Type Of Malicious Document: XML oledump_V0_0_12.zip (https) MD5: 0AB5F77A9C0F1FF3E8BE4F675440A875 SHA256: 6F87E65729B5A921079B9E5400F63BE6721673B7AC075D809B643074B47FB8D3 Referenced in post(s): Update oledump.py Version 0.0.12 oledump_V0_0_13.zip (https) MD5: 6651A674F4981D9AEDE000C1F5895B69 SHA256: 4452DF48F7D852140B4CD662AD95C6BC695F5F04009B37A367EB392384935C51 Referenced in post(s): oledump And XML With Embedded OLE Object oledump_V0_0_14.zip (https) MD5: 5ECD8BC3BD1F6C59F57E7C74DACCF017 SHA256: 7EEF509D84F7185C299A17882D3BD71481B7B1E41654F463F58492455FBDBD11 Referenced in post(s): Update: oledump.py Version 0.0.14 oledump_V0_0_15.zip (https) MD5: 3E3930262DF06AB96B576004F8C930A5 SHA256: 2E256ACB0E8DF4174B5EB3260EF832133556A1F9CDF27212A85CB01D278C152E oledump_V0_0_16.zip (https) MD5: 774BF99A8E0607C6B611F4DBF021638A SHA256: 8C1F22E0EEDB2556641BAF5724A41E25B87AA9ECDF3FA13F175D7C81316ED7EE oledump_V0_0_17.zip (https) MD5: 5AF76C638AA300F6703C6913F80C061F SHA256: A04DDE83621770BCD96D622C7B57C424E109949FD5EE2523987F30A34FD319E1 Referenced in post(s): Update: oledump.py Version 0.0.17 – ExitCode oledump_V0_0_18.zip (https) MD5: 88C9999726C0157267E2FF31E137D66C SHA256: 1FC9EE7A0BB5A016339C73CBE5DE2F2C0A9C006BC924A5F9346F9F4EDE060939 Referenced in post(s): Dump Tools: Cut Cut Cut … oledump_V0_0_19.zip (https) MD5: DBE32C21C564DB8467D0064A7D4D92BC SHA256: 7F8DCAA2DE9BB525FB967B7AEB2F9B06AEB5F9D60357D7B3D14DEFCB12FD3F94 Referenced in post(s): Analysis Of An Office Maldoc With Encrypted Payload: oledump plugin oledump_V0_0_2.zip (https) MD5: B493FAB9AC85749D49C4E1843BE19961 SHA256: 27386E61E0B4744EB9363040649B53488DA9139B7C33AFAC6E329F8C777DAD1B oledump_V0_0_20.zip (https) MD5: 715B33E8E090F2A061DB2EA5A913055F SHA256: 056CC911AEDFFB48B756F1B941E14660EBA8B613C65B1026F5DA77FB3047DAE3 Referenced in post(s): Update: oledump V0.0.20 oledump_V0_0_21.zip (https) MD5: F72CBB797CE8FB810ACE5E54DC832129 SHA256: 016C772575DF381C274F6408B242945DE35679904B7C8B1B693ABFB2B3C023FB Referenced in post(s): Update: oledump.py Version 0.0.21 oledump_V0_0_22.zip (https) MD5: CA91850BBC92E82D705F707704000F82 SHA256: 16763BCF15BFB3301FFAE0BDA26F18EE2946EDD7478994B798127DBBEF5FF9E7 Referenced in post(s): Update: oledump.py Version 0.0.22 oledump_V0_0_23.zip (https) MD5: 991910FF4AA47808A5BBCE0CC109D41A SHA256: 612B6FD06856C7790D2F66B29286E7B89D35D8354ADB167CA512CC1CDE3F6C47 Referenced in post(s): Update: oledump.py Version 0.0.23 oledump_V0_0_24.zip (https) MD5: F1BFD24FBC72966D54C365B57E662700 SHA256: 4C175874EFDF7DB3264038BFACFD44F1B9060E834189FF3CBAA6C8EBD9D7F680 Referenced in post(s): Update:oledump.py Version 0.0.24 oledump_V0_0_25.zip (https) MD5: CED1602AEF505AE0388DB95414F9C00A SHA256: 54510A54264E4EA3C4559545B5CE43A20D8AB290B4EDDA7B57983AD1396E29FC Referenced in post(s): Update: oledump.py Version 0.0.25 oledump_V0_0_26.zip (https) MD5: 62030DEC6DBC2F69A37893FF1624F8EE SHA256: A0DE8FD414A0B78FE8D72CAA58D8FA15159A7ABEA9842181C4C3C4EC1DE2EEC5 Referenced in post(s): Update: oledump.py Version 0.0.26 oledump_V0_0_27.zip (https) MD5: A6C6728E20AE46A4FECC5F3976AF33BF SHA256: 54FE550D5102A0E9428F6BD9B5170B50797EDA2076601634519CDBB574004A3C Referenced in post(s): Update: oledump.py Version 0.0.27 oledump_V0_0_28.zip (https) MD5: D89C1E0DA9A95A166EF8F36165F6A873 SHA256: 58F44B68BC997C2A7F329978E13DC50E406CCCCD2017C0375AA144712F029BFB Referenced in post(s): Update: oledump.py Version 0.0.28 oledump_V0_0_29.zip (https) MD5: 7F98DB95E0E9FF645B8411F421387214 SHA256: E00567490A48A7749DF07F0E7ECD8FD24B3C90DC52E18AFE36253E0B37A543C5 Referenced in post(s): Update: oledump.py Version 0.0.29 oledump_V0_0_3.zip (https) MD5: 9D5AA950C9BFDB16D63D394D622C6767 SHA256: 44D8C675881245D3336D6AB6F9D7DAF152B14D7313A77CB8F84A71B62E619A70 Referenced in post(s): Introducing oledump.py oledump_V0_0_30.zip (https) MD5: BBD53C65FC40891E2125B9808F507E4A SHA256: 78CDC8C8BCD651A3578F567D24FD88300600E02520B2D75F45448E4FB480FEB0 Referenced in post(s): Update: oledump.py Version 0.0.30 oledump_V0_0_31.zip (https) MD5: 63B2B5ECE2BC46B937D33A6494F7F6A0 SHA256: D2CF42662897642DF27C863F6C246CE70019EDF03F275354A7A505DCE27632D1 Referenced in post(s): Update: plugin_biff.py Version 0.0.2 / oledump.py Version 0.0.31 oledump_V0_0_32.zip (https) MD5: 10D8995B6AF5C783B1F8AAF70B8FDB03 SHA256: 0E38BAF12B066A100F97F3362402E1999F2DE223A09491E3D44C20EA4BDBD8AB Referenced in post(s): New oledump Plugin: plugin_msg.py / oledump.py Version 0.0.32 oledump_V0_0_33.zip (https) MD5: E5F879766B5C1C899E75E2F2A8ED9533 SHA256: 2B7C9565880F14E8A431F7819926EE801DE129458E682FAAF99FEF41AFA49934 Referenced in post(s): Update: oledump.py Version 0.0.33 oledump_V0_0_34.zip (https) MD5: 1BE4E08DE1B1E73D5808AECE1BD09852 SHA256: 74F1B05E50D2AF8072505587438BB8959F174BAF76ED6255116E806642E6C4B0 Referenced in post(s): Update: oledump.py Version 0.0.34 oledump_V0_0_35.zip (https) MD5: 2089AFC496FFE2E44F67CF9C44EB101B SHA256: C232282BD8AE050EECA1455E6A58EAB8D5CBBDF0D61E9FE2077CDA3DEB15D325 Referenced in post(s): Update: oledump.py Version 0.0.35 oledump_V0_0_36.zip (https) MD5: D8C9FBFD1AA2238D6EB3CA164EE91A65 SHA256: BE609FD0D976984A8856939B76D7DF54AB5ED4934F58F7AD47E4D6E42CDFCCBF Referenced in post(s): Update: oledump.py Version 0.0.36 oledump_V0_0_37.zip (https) MD5: BBC2F3B57266B557307E12E8BC950F98 SHA256: 573C73110CA35EE6451FD14EE7B7DCA3B53FF624ECCFF824799DA59F7767DA68 Referenced in post(s): Update: oledump.py Version 0.0.37 oledump_V0_0_38.zip (https) MD5: C1D7F71A390497A516F67D798BA25128 SHA256: 4CADEE69D024E9242CDA0CE3A9C22BCB1CAFF9D5BA2D946519C6B7C18F895B81 Referenced in post(s): Update: oledump.py Version 0.0.38 Analyzing PowerPoint Maldocs with oledump Plugin plugin_ppt oledump_V0_0_39.zip (https) MD5: 5C9A1D94E1BC857877116E425D80A197 SHA256: DF7FFA0C707C8D66C0E0FBEE583286DBA9970824782C6B7AB6BFDC30A85BB419 Referenced in post(s): Update: oledump.py Version 0.0.39 oledump_V0_0_4.zip (https) MD5: 8AD542ED672E45C45222E0A934033852 SHA256: F7B8E094F5A5B31280E0CDF11E394803A6DD932A74EDD3F2FF5EC6DF99CBA6EF Referenced in post(s): oledump: Extracting Embedded EXE From DOC oledump_V0_0_40.zip (https) MD5: 4013CC3A01D4CAE481EAA099A080B07F SHA256: C5EC0B7B1EFA69D9EB6572F61D866ECEA7952FEADA06943377F8178C7A252E70 Referenced in post(s): Update:oledump.py Version 0.0.40 oledump_V0_0_41.zip (https) MD5: 4FD7E627F5078245705526EBE09D7989 SHA256: 0793CA920DA8B4BD09A040FEE12463BE7D8AF8AE6DFB0968CADCE478BC153CD8 Referenced in post(s): Update: oledump.py Version 0.0.41 oledump_V0_0_42.zip (https) MD5: C5CCF18F9F10CB6916CC74C002C78EDE SHA256: 14A1FDA4AB57B09729AEB2697818782FAE498369A760FEC8AEE5CFB0A0E9D126 Referenced in post(s): Update: oledump.py Version 0.0.42 oledump_V0_0_43.zip (https) MD5: F98A06CED73C4FC2CA153B7E751746B5 SHA256: 4FE1DBAB822CEC2489328CE3D4D272400F23F1FAD266C9D89B49D9F83F3AA27F Referenced in post(s): Update: oledump.py Version 0.0.43 oledump_V0_0_44.zip (https) MD5: 2BB2CD027327FFD8857CDADC1C988133 SHA256: 1A9C951E95E2FE0FDF3A3DC8E331205BC65C617953F0E30ED3E6AC045F4DD0C0 Referenced in post(s): Update: oledump.py Version 0.0.44 oledump_V0_0_45.zip (https) MD5: FB9694358CCEAE4AFDFCF97FDA0D5205 SHA256: FB75B1E19E5067751E2DE1AD21826245B7E11EDBE03278566484754F606F3965 Referenced in post(s): Update: oledump.py Version 0.0.45 oledump_V0_0_46.zip (https) MD5: 5B77190CA1A95B784393BBC5684BC6D3 SHA256: 0AF571EDEB42678559AFEB280C94952C32B7BBE09377B0BB113793CE6A39214B oledump_V0_0_47.zip (https) MD5: E851ED7240C08E9E9E3EBA4A412A46A4 SHA256: F35997537D5C4596E413D08C35A83EBD55CAF587D2D9898DAA9285BC83CAF287 Referenced in post(s): Update: oledump.py Version 0.0.47 oledump_V0_0_48.zip (https) MD5: B869EC84DB4F10596212A2B67CF2C684 SHA256: 0E66E3EA42D5761301E0643A27D892B3C4531CCC2E4C95373ECE9B7AD7E6DAC6 Referenced in post(s): Update: oledump.py Version 0.0.48 oledump_V0_0_49.zip (https) MD5: 1EF0B466A80C034F10770F8A235EBE7B SHA256: BD8CAD9EDB99B6063A9A36B8B83EB3416484CEC244A01CA2F08BB032402FF147 Referenced in post(s): Update: oledump.py Version 0.0.49 oledump_V0_0_5.zip (https) MD5: A712DCF508C2A0184F751B74FE7F513D SHA256: E9106A87386CF8512467FDD8BB8B280210F6A52FCBACEEECB405425EFE5532D9 Referenced in post(s): Update: oledump.py Version 0.0.5 oledump_V0_0_50.zip (https) MD5: 30EB6A0E0924E72350B268ADDE4E4EC7 SHA256: 870167AE5576B169EB52572788D04F1FFCEC5C8AFDEBCC59FE3B8B01CBDE6CD9 Referenced in post(s): Update: oledump.py Version 0.0.50 oledump_V0_0_51.zip (https) MD5: 9A55FC37AD0C4C2F3D08F252C72C1A82 SHA256: 071D1605D520A4BABBE2CDA461866C349628FE4B428AC54823492A6CD89EA487 Referenced in post(s): Update: oledump.py Version 0.0.51 oledump_V0_0_52.zip (https) MD5: 2528824D8A7CD2BE98615B1B1AE8C61A SHA256: C47A9CC658571FF23E70264B4DD4F8F47D244708E7110EA0A28128F175CF80F5 Referenced in post(s): Update: oledump.py 0.0.52 oledump_V0_0_53.zip (https) MD5: C26EB56580D65B2E856169A3EFC9BC03 SHA256: A10D90284F10C6D7811E2573049FE0F8315F04129846898C88E0184423988CD9 Referenced in post(s): Update: oledump.py 0.0.53 oledump_V0_0_54.zip (https) MD5: 23E453F553D6E0608BBB811BD87EF5C8 SHA256: D8C72126701EC26ECF993733A46E5D4630A3223A36E305020BF59F501BBB898D oledump_V0_0_55.zip (https) MD5: 499B66DC3BAF86BDA4BC0370E3C18A1A SHA256: ABEABFF0F1F5AA2239AFCDE73A676D4E8D9BA2F82C03B8663FFAB6F8D3A360E7 Referenced in post(s): Update: oledump.py Version 0.0.55 oledump_V0_0_56.zip (https) MD5: B26A75D36F3D47611F1D98200739EBB8 SHA256: C6C691E021273E75741EB1163F7FB70743EF2EC07C710EE7F15DFF513E38DAD4 Referenced in post(s): Update: oledump.py Version 0.0.56 oledump_V0_0_57.zip (https) MD5: E0C9C8706EFC3AB86EEBED03A4CCF555 SHA256: 1C4588B48A494D0C7BD6AD9600EA9F46AD472DC62BF8D58D6EA635AE7CB02502 Referenced in post(s): Update: oledump.py version 0.0.57 oledump_V0_0_58.zip (https) MD5: 46CACE8791487EC18FAC250B6F5ECC7F SHA256: 241E182CE5E1CC8B6EB612CF1EC09418BE263529501B6C54C5E683B88A3C5ABB Referenced in post(s): Update: oledump.py Version 0.0.58 oledump_V0_0_59.zip (https) MD5: 89CC85EDADA0BB6978A75BA37065A65D SHA256: BE62B45AE20D3BF5B3C335742F08067297079F6B8431A5CC82401BF67BFA50F6 Referenced in post(s): Update: oledump.py Version 0.0.59 oledump_V0_0_6.zip (https) MD5: E32069589FEB7B53707D00D7E0256F79 SHA256: 8FCEFAEF5E6A2779FC8755ED96FB1A8DACDBE037B98EE419DBB974B5F18E578B Referenced in post(s): Update: oledump.py Version 0.0.6 oledump_V0_0_60.zip (https) MD5: BC7631059077294223BB225D16FB7186 SHA256: D847E499CB84B034E08BCDDC61ADDADA39B90A5FA2E1ABA0756A05039C0D8BA2 Referenced in post(s): oledump.py Update: oledump.py Version 0.0.60 oledump_V0_0_7.zip (https) MD5: 7A953BAFFA1E5285651699996FA2DF84 SHA256: F5DC5F650F005E530A7D0CF510C33E3A4EF29AD85B1DA2618B237F53A46B86B5 Referenced in post(s): Update: oledump.py Version 0.0.7 oledump_V0_0_8.zip (https) MD5: 29EBF73F5512B0BC250CD0A0977A2C72 SHA256: 09C451116FCDE7763173E1538C687734D92267A0D192499AFD118D8D923165B9 Referenced in post(s): Update: oledump.py Version 0.0.8 oledump_V0_0_9.zip (https) MD5: 849C26F32397D2508381A8472FE40F90 SHA256: 74887EA3D4362C46CCBF67B89BB41D7AACE9E405E4CB5B63888FEDCE20FD6A07 Referenced in post(s): Update: oledump.py Version 0.0.9
OllyStepNSearch: Plugin for OllyDbg OllyStepNSearch_V0_6_0.zip (https) MD5: 6302043B90834E6EE39F720C94C9D772 SHA256: B46F3A03D6C459EC36571948D84D933E4339F225B561FAC04DE4FB4525E70C9C OllyStepNSearch_V0_6_1.zip (https) MD5: D32BA4B0042BF9342B05FCBC0CF573B6 SHA256: 61ACA61F3399322B797EB58425A13AF3E68EB590AC747D1D244385E0923ABA52 Referenced in post(s): OllyStepNSearch
password-history-analysis: Program to analyze password history password-history-analysis_v0_0_1.zip (https) MD5: 2ED7FB5E6968B25AEBF623754E5513B0 SHA256: DA75A8E2C92DCD31FB3C05732C660C3996EAEBADFA198535C051DC02AE94805B Referenced in post(s): Password History Analysis
Paste: paste does the opposite of clip, read the clipboard and write it to stdout Paste_V1_0_0_1.zip (https) MD5: 2107C78DEA38EA98825BB686DB2291AD SHA256: 329A0AA96E855219ACB99D7BC35F78CE552645F7829D1B475924F895BA614637 Referenced in post(s): The Paste Command
pcap-rename: program to rename pcap files with a timestamp pcap-rename_V0_0_1.zip (https) MD5: 5F844411E178909970BC21349A629438 SHA256: AB706DB3470A915A3031EC248B8DAF83C08F42DBF6AC2EACB1A2DB2493B0AEEE Referenced in post(s): pcap-rename.py pcap-rename_V0_0_2.zip (https) MD5: 6EFFA5313946DEAF3363835B1D3C684E SHA256: 3BA23CC936B49AF83306E486B0BFC9ABAF5BD0B5E3DEF81D8564BCC3810C06B9 Referenced in post(s): Update: pcap-rename.py Version 0.0.2
pdf-parser: PDF analysis program pdf-parser_V0_2_0.zip (https) MD5: 973E57E5EA8706F92EB0D6BA46EE9EFD SHA256: 637C95018653C406F0A3AF62E72D9BF396C4AC56A8189586EB59467BD364A7D6 pdf-parser_V0_3_0.zip (https) MD5: DC34F3B9E0436BA985B53DD44BEEBFA6 SHA256: 9DB432CDEA25E3408E07C612FED8A8B245EF378DDC737914F04248953567A691 pdf-parser_V0_3_1.zip (https) MD5: 07CDA54844CD6567473CBF2B0DFC601C SHA256: 7614AEC453502EEF43F9EA04A82092C4ACDD32AB86D1C4D744B7B590C74152EC pdf-parser_V0_3_5.zip (https) MD5: 07EA2C47766ADF248102E378C65D03F3 SHA256: 5EAD0F9BE9693EF836CF67FF2B796324ED5E7053D34BF4FA588D250A7DA2E761 Referenced in post(s): Update: pdf-parser Version 0.3.5 pdf-parser_V0_3_7.zip (https) MD5: BDC0E5A82EB6D7C287E7360D8901023D SHA256: C83D39F8938A00A3EB2BDE3134EFAF3A2BE11E72C2C8A92841D4E1E82366D7E1 pdf-parser_V0_3_9.zip (https) MD5: 6C91F8D4E8EA8BEF6F60CEDA4E1CDEA0 SHA256: 9D4549B6A93BF83EA74A905E3271272EBCEC6B6329867F1C0FCB59920C3C3CB4 pdf-parser_V0_4_0.zip (https) MD5: 9C2680974DCF11714F743F6C7885A7FA SHA256: 0035C2304FC85B696EB7E9E64B19A4E1EAE25BA4719D5B0FF91D7D306981CEE4 pdf-parser_V0_4_1.zip (https) MD5: A0314C0CD8AAE376C7448E74D4A7472C SHA256: 633B7400015B2C936103CC64C37435FB333B0F2634B2A6CD3A8949EAB1D18E9B Referenced in post(s): Update: pdf-parser Version 0.4.1 pdf-parser_V0_4_2.zip (https) MD5: B0C8F02358B386E7924DACB3059F8161 SHA256: E90620320AF6ED8E474B42BF6850E246446391878F87AE34DCDBD1D9945A6671 Referenced in post(s): pdf-parser: Searching Inside Streams pdf-parser_V0_4_3.zip (https) MD5: 2220FFE37AEA36FC593AE33440385E76 SHA256: 1416624938359FDD375108D922350D1B7B0E41B3A40A48F778D6D72D8A405DE6 Referenced in post(s): Update: pdf-parser V0.4.3 pdf-parser_V0_6_0.zip (https) MD5: 25CC4907B862259500A3EB73DE83BBFD SHA256: 8902ABE1A9BDB61887D501546CCF333724BCF7B3E3E02CE2541BC311AD8E98DF pdf-parser_V0_6_2.zip (https) MD5: D6717F1CA6B9DA2392E63F0DABF590DD SHA256: 4DC0136062E9A5B6D84C74696005531609BD0299887B70DDFFAA19115BF2E746 Referenced in post(s): pdf-parser: A Method To Manipulate PDFs Part 1 pdf-parser_V0_6_3.zip (https) MD5: 62D1AFACA8C124FB2AC279F22C088BB3 SHA256: 339E8D18BE21BAD6B2B33BDD29721F32624F3D842087D3AE353C6F8D6B92D185 pdf-parser_V0_6_4.zip (https) MD5: 47A4C70AA281E1E80A816371249DCBD6 SHA256: EC8E64E3A74FCCDB7828B8ECC07A2C33B701052D52C43C549115DDCD6F0F02FE Referenced in post(s): Update: pdf-parser Version 0.6.4 pdf-parser_V0_6_5.zip (https) MD5: 7F0880EB8A954979CA0ADAB2087E1C55 SHA256: E7D2CCA12CC43D626C53873CFF0BC0CE2875330FD5DBC8FB23B07396382DCC85 Referenced in post(s): Bugfix: pdf-parser Version 0.6.5 pdf-parser_V0_6_6.zip (https) MD5: 47326468E1B5A1AF7BB8AD63688804D9 SHA256: 51C9B25B939B135D9949E51463F58ECEC0BEBEFB9C0EAA0B93326CBFB4D8F061 Referenced in post(s): Update: pdf-parser Version 0.6.6 pdf-parser_V0_6_7.zip (https) MD5: D04D7DA42F3263139BC2C7E7B2621C91 SHA256: ED863DE952A5096FF4BE0825110D2726BA1BE75A7A6717AF0E6A153B843E3B78 Referenced in post(s): Update: pdf-parser Version 0.6.7 pdf-parser_V0_6_8.zip (https) MD5: 7702EEA1C6173CB2E91AB88C5013FAF1 SHA256: 3424E6939E79CB597D32F405E2D75B2E42EF7629750D5DFB39927D5C132446EF Referenced in post(s): Update: pdf-parser.py Version 0.6.8 pdf-parser_V0_6_9.zip (https) MD5: 27D65A96FEAF157360ACBBAAB9748D27 SHA256: 3F102595B9EAE5842A1B4723EF965344AE3AB01F90D85ECA96E9678A6C7092B7 Referenced in post(s): Update: pdf-parser.py Version 0.6.9 pdf-parser_V0_7_0.zip (https) MD5: CDE355BB3FCACE3C4EDBC762E632F9AB SHA256: 219FF0BB729C4478679A79163CA9942296ACF49E4EC06D128CBC53FBEE25FF05 Referenced in post(s): Update: pdf-parser.py Version 0.7.0 pdf-parser_V0_7_1.zip (https) MD5: 1480D3BF602686C9E7C2FE82AC6C963B SHA256: D2C8E0599A84127C36656AA2600F9668A3CB12EF306D28752D6D8AC436A89D1A Referenced in post(s): Update: pdf-parser.py Version 0.7.1 pdf-parser_V0_7_2.zip (https) MD5: 7D417F2313FF505AC96B80D80495BB78 SHA256: 3CDB98A57DAABC98382BFA361390AE3637F96852F6F078D03A7922766AE14B57 Referenced in post(s): Update: pdf-parser.py Version 0.7.2 pdf-parser_V0_7_3.zip (https) MD5: 7EB1713631D255B36BC698CD2422C7EB SHA256: D4D5AC9C26A9D8FEF65CE58A769D3F64A737860DC26606068CCDD3F04FDEA0D7 Referenced in post(s): Update Of My PDF Tools pdf-parser_V0_7_4.zip (https) MD5: 51C6925243B91931E7FCC1E39A7209CF SHA256: FC318841952190D51EB70DAFB0666D7D19652C8839829CC0C3871BBF7E155B6A Referenced in post(s): PDF Tools Update: pdf-parser.py Version 0.7.4 and pdfid.py Version 0.2.7
pdfid: PDF triage program pdfid_v0_0_10.zip (https) MD5: A06B023457DACE24FDFBF537282E1A76 SHA256: 18D88B15C90504BE6A2FF2814BD15A7B20B945337252018A0072AEFD99D5AAC8 pdfid_v0_0_11.zip (https) MD5: 99BFA4916EC5E005953E3D9D8AD96C83 SHA256: C831569C8139D5CA5709600B987C929716FE58B1DD6B65F18EC84473A83B4075 pdfid_v0_0_12.zip (https) MD5: 628BB84D7A4FE1A32F23954DD067E667 SHA256: A10B3C0B9BFB467A2C4C2EE6C786CF5E98A7CAD32AC5BEA498DD9796031A77D5 pdfid_v0_0_2.zip (https) MD5: 21093726A57F39E08A679A11B6616931 SHA256: C3B190DD5E07FCEA2954D5686096155B39B5CAB6A21C17DD0C8D1838CACD4ED3 pdfid_v0_0_6.zip (https) MD5: CE809DAC132BA2BD1C74413F125C2A70 SHA256: 0DB423F0E01197977C676C14B5BDA2FBBC9840CDD86160716A43CED0F84753FE Referenced in post(s): Quickpost: Disarming a PDF File pdfid_v0_0_7.zip (https) MD5: 06DA1B6E621F373CBAF0F9514B3F433A SHA256: 3AE403684F9EE141838C7CDAD674FCE06807C983C1078EC68EF94AF4A02823C0 pdfid_v0_0_8.zip (https) MD5: 9769FB96899F3AD15510C903A4FB29EF SHA256: 542734C2613439851AF99B59725B1607F96A6E9396B447C5BD3AF197AABB0231 Referenced in post(s): Update: PDFiD Version 0.0.8 pdfid_v0_0_9.zip (https) MD5: 1C731D6204C09AAFF219876A8FB5E834 SHA256: 24A9B16E67A84E85488A16879CB611128B2E5921044E48EFB60D784BD785CBD0 pdfid_v0_1_0.zip (https) MD5: 6A5FF56C22EF2745C3D78C8FD8ACA01F SHA256: D72FE8555DC89808EE7BFC9F791AD819A465106A95801C09C31B0FD2644B3977 Referenced in post(s): Update: PDFiD Version 0.1.0 pdfid_v0_1_1.zip (https) MD5: 069F0286A99AF03712DB2992B464833D SHA256: 875CE564837D9B72BC3055A617795A96245D337CC20BEC235A2F6857F42C9114 pdfid_v0_1_2.zip (https) MD5: 60FC17757201F014A6ADA0744B74A740 SHA256: 1CF36C50427A2206275C322A8C098CD96A844CAF6077B105ADE9B1974789856F Referenced in post(s): Update: PDFiD Version 0.1.2 pdfid_v0_2_0.zip (https) MD5: D4D07B43961D548F428C5FF6236FD6DD SHA256: 19ABC7F2B88A794A1718949020F88C80AAFA2DEC9D23891A1AF5EDF764AD1F40 pdfid_v0_2_1.zip (https) MD5: 7463412536678B321276F8720F52DE81 SHA256: F1B4728DD2CE455B863B930E12C6DEC952CB95C0BB3D6924136A6E49ACA877C2 Referenced in post(s): Update: PDFiD With Plugins Part 1 pdfid_v0_2_2.zip (https) MD5: 20614B44D97D48813D867AA8F1C87D4E SHA256: FBF668779A946C70E6C303417AFA91B1F8A672C0293F855EF85B0E347D3F3259 Referenced in post(s): Update: pdfid.py Version 0.2.2 pdfid_v0_2_3.zip (https) MD5: 65966E8BBF932D3C0830B755FDE094FE SHA256: 9482176D173EFA6F2F33EE409B091BFA45685FC285B87F7219A4E9418B47F739 Referenced in post(s): Update: pdfid.py Version 0.2.3 pdfid_v0_2_4.zip (https) MD5: 36D5554BC881E7E21382ADA1305ED6F4 SHA256: C1DA287C9C06E3158F79CECF9C2E9A7773FC57FC92021F17B79DDD4B1E5DBB2A Referenced in post(s): Update: pdfid.py Version 0.2.4 pdfid_v0_2_5.zip (https) MD5: 9B835D9E934A7AA7E68C3649A7AA5DAF SHA256: 4DD43D7BDA885C5A579FC1F797E93A536E1DB5A4AB52A9337759A69D3B0250E0 Referenced in post(s): Update: PDFiD.py Version 0.2.5 pdfid_v0_2_6.zip (https) MD5: 9CCE332914A6C76410F04B7C35DA3155 SHA256: 95F7C91EEFB561F3F3BE9809ED339D85E7109BAA7E128EF056651EE018DBDBA0 Referenced in post(s): Update Of My PDF Tools pdfid_v0_2_7.zip (https) MD5: F1852F238386681C2DC40752669B455B SHA256: FE2B59FE458ECBC1F91A40095FB1536E036BDD4B7B480907AC4E387D9ADB6E60 Referenced in post(s): PDF Tools Update: pdf-parser.py Version 0.7.4 and pdfid.py Version 0.2.7
PDFTemplate: 010 Editor Template for PDF file format PDFTemplate.zip (https) MD5: C124200C3317ACA9C17C2AE2579FCFEB SHA256: 24C4FEAD2CABAD82EC336DDCFD404915E164D7B48FBA7BA1295E12BBAF8EB15D Referenced in post(s): PDF Tools
pdftool: Tool to process PDFs pdftool_V0_0_1.zip (https) MD5: ED2BBE886008C737CC06E22F4F0FE8A1 SHA256: 401E88FBFAEC4382A50FE59430D04FE6111F9911958AB09BA7530C26043FDA87 Referenced in post(s): PDF Tools New Tool: pdftool.py
pecheck: wrapper for pefile pecheck-v0_4_0.zip (https) MD5: 27041C56B80B097436076B7366A6F3B2 SHA256: F9C73ED054AE4D5E9F495916D1B028FD8D6E9B2800DCE1993E568E2A2BFD9A71 Referenced in post(s): Update: pecheck.py Version 0.4.0 pecheck-v0_5_0.zip (https) MD5: B873F8B5F6D408E4026010F010EA5FC4 SHA256: 7FCE12A8B10BEFF0C991B652CEDE376C187E74F23C603BF1A9250C9E7756AB48 Referenced in post(s): Update: pecheck.py Version 0.5.0 pecheck-v0_5_1.zip (https) MD5: F045A67AC1ECCF129030DFCE316383A9 SHA256: 9F6EFD34455D530BD3A867FEDD40C1E9538E8B7299E538AAC73D936EDF9904EF Referenced in post(s): Update: pecheck.py Version 0.5.1 pecheck-v0_5_2.zip (https) MD5: A4FF0507C206535FA9224F65CCD3497D SHA256: DE4D06F00FD9EC74FD52689B711FBF10F953F14DAFACBDE214E0A4947E60D8A6 Referenced in post(s): Update: pecheck.py Version 0.5.2 pecheck-v0_6_0.zip (https) MD5: D3A9C71AAF63D83884B4FEF2C2C21D03 SHA256: 08DB82F190AEEB065A65FEE0DD03D20B0CC788878C4864B537BBD1807E4D6B71 Referenced in post(s): Update: pecheck.py Version 0.6.0 – Overview Of Resources pecheck-v0_7_0.zip (https) MD5: 7BE550EC71BF99FC31704C2DD4ED3C8A SHA256: 12C03369362045DF5A9AAB83002E59A4A31050EC008DF45F777C87186D611F6E Referenced in post(s): Update: pecheck.py Version 0.7.0 pecheck-v0_7_1.zip (https) MD5: D5907442424C527A9937CFA65377C9BD SHA256: BF2F162D108F17F350111645B8DFFE5D3641065CB6EE3CE318FCBEC83507917B Referenced in post(s): Update: pecheck.py Version 0.7.1 pecheck-v0_7_10.zip (https) MD5: D0C4332B1BD231AA131FBCDCD3BBBA33 SHA256: 0E57A50590D59321CCD0BECE0936CF9523668F86516F56F5B2A21B9DCA9B4788 Referenced in post(s): pecheck.py Version 0.7.10 pecheck-v0_7_11.zip (https) MD5: D3B69575F0A08377D1A08886D34230FD SHA256: 2B59F745377EABDF81118997CA70F5F4DBC1CE927370F02C6E0262869F988FA9 Referenced in post(s): Update: pecheck.py Version 0.7.11 pecheck-v0_7_12.zip (https) MD5: 0AF2A99DD5AF742C9B688466EE3087C5 SHA256: 10B3B6903AB52381F7C8687F8284270CE060983CA001B4FC5DD88174744B705F Referenced in post(s): Update: pecheck.py Version 0.7.12 pecheck-v0_7_13.zip (https) MD5: 5B5179FFBE7530AA60C7182B830B54AB SHA256: 4CFAF98CC8F3B06E3BBD7D6F37040B47641C38E49BD2975165FB328D50D3F08C Referenced in post(s): Update pecheck.py Version 0.7.13 pecheck-v0_7_2.zip (https) MD5: 2A501CD2D15E1108B909B7FCEDFBDA13 SHA256: 9CACA5A41A84049FE6B0D5807A31B7FC5B1A5AC71B3FD3BE4EAC71A96BBDFB3E Referenced in post(s): Update: pecheck.py Version 0.7.2 pecheck-v0_7_3.zip (https) MD5: 480C9AC4BEE09CAAFB1593E214A39832 SHA256: 359A44751BAA34450B2DA92539AB425507EBB90F8F57CF50E561CCE111809637 Referenced in post(s): Update: pecheck.py Version 0.7.3 pecheck-v0_7_4.zip (https) MD5: E0F90B85576F7BC42BB8601E650134FB SHA256: E011CD82F5E3244553FBA52DDF3F0D3076E88A6F35E50AA18AC0DAAC6ED91389 Referenced in post(s): Update: pecheck.py Version 0.7.4 pecheck-v0_7_5.zip (https) MD5: 62EC77D9DD51252F5E3E299574FF9395 SHA256: 983895B49A0B71A76E99568DC0D2D9B9AE6D3AFEAB7F7D22816EC718400DBB29 pecheck-v0_7_6.zip (https) MD5: C07704E37FB1C18B769BB5336CD2478A SHA256: 312E730F6DE784808B6E5BE355752803F281F7DC838E4B9C6B3FE924622F47F8 Referenced in post(s): Update: pecheck.py Version 0.7.6 pecheck-v0_7_7.zip (https) MD5: CEFCCC094EF9E29A539092A6ECB77EEE SHA256: 91041D17A39C7FA4151830AF8FBD151680A04FC617CB0EADDA32D240E9AB9C03 Referenced in post(s): Update: pecheck.py Version 0.7.7 pecheck-v0_7_8.zip (https) MD5: 616CD9159316FC2100BE3E87C5C26B2C SHA256: F734EFFFA17E4EE6CA64A67D18340B3347B72C4B1C7522BAF1B7D720FABA2389 Referenced in post(s): Update: pecheck.py Version 0.7.8 pecheck-v0_7_9.zip (https) MD5: F69709C475D513A8D2031C21EEC13284 SHA256: 99E71A9FC917BB27CDD893F14AE77F2E810A4C7BB56A6E975BB619C978B12D47 Referenced in post(s): Update: pecheck.py Version 0.7.9 pecheck.zip (https) MD5: EE42C8FF3C90B4F5466A9AEFD152156F SHA256: 679690A1377617E9FEFF31F535A3CCBB3D951FFEBA697FBBD830D653D483AA65 Referenced in post(s): Sampling a Malicious Site pecheck_v0_3_0.zip (https) MD5: C2AC9FED3C7F1787854C8D0E651B2591 SHA256: 3CDEBADA4C594DD3622E234747C6AABD41573C94087C0554CBA65D0472F6B413 Referenced in post(s): pecheck.py
peid-userdb-to-yara-rules: Convert PeID userdb to YARA rules peid-userdb-to-yara-rules_V0_0_1.zip (https) MD5: D5B9B6FA7EC50A107A70419D30FEC9ED SHA256: F8A12B5522B92AE7E3EDF11ACFAEEA7FDCC7FBDA8DC827D288A2D92B2B2CA5E2 Referenced in post(s): Converting PEiD Signatures To YARA Rules peid-userdb-to-yara-rules_V0_0_2.zip (https) MD5: BE287BE1CB4EAFC360B1105C47F81819 SHA256: DC673DC90420F880EBDC8A0298410B3B8D90AFBCCE868A3E075DB5AAF898A188 Referenced in post(s): Update: peid-userdb-to-yara-rules.py
PFTemplate: 010 Editor Template for PF file format PFTemplate.zip (https) MD5: 11F6BB8EC0D29CBCC7C2F269E9900AF0 SHA256: 4429380778C94E47427C1753BAF91E0D8AF78985AA9F3868CF3FC07456F7BAFA Referenced in post(s): Prefetch File 010 Template PFTemplate_V0_0_2.zip (https) MD5: 56A98A78BD4E8D1AED88385AF1DD8446 SHA256: E15D721E46FFB8158C6D14C9A38DE4E3DD5DCD0972896441DF17590C540DBCC3 Referenced in post(s): Update: Prefetch File 010 Template
psurveil: Photo Surveillance for N800 psurveil-0.2.1-source.zip (https) MD5: 0CFDCA784E15D45AB882BC5BB7E635ED SHA256: 0A9132C7B4A72A1289652CC307F2C92B0DAD9BB43706CDEE90BCCA06440A0A60 Referenced in post(s): Looking for N800 Beta Testers, No Voyeurs Please 😉 psurveil-0.2.1.zip (https) MD5: 6B0E8C000EA4FF7EBAA4E50A07589EB5 SHA256: B399FBDCED4F3F1CC79782652D30A9A9CD96FCE5F3F948493A0929C7DE3318FD Referenced in post(s): Looking for N800 Beta Testers, No Voyeurs Please 😉
python-per-line: Program to evaluate a Python expression for each line in the provided text file(s) python-per-line_V0_0_1.zip (https) MD5: B7C1146D44D6B3F8B04C571E8C205191 SHA256: 6D7931B33F8A1D81539E892897D301145A63502A181B2B89A01466D599D53787 Referenced in post(s): New Tool: python-per-line python-per-line_V0_0_2.zip (https) MD5: AB2377D366AB33992A535AF1EE489CBD SHA256: 045F398FBCF6DDFF4A25B38007ADDF89B3256C21C8808B58FBC96855D55E6171 Referenced in post(s): Update: python-per-line.py Version 0.0.2 python-per-line_V0_0_3.zip (https) MD5: 40B787E184EBAAD91A9104BF1BF1BF1A SHA256: 1D7CAE95B5EA169286E4B1528D834D814A474A86240B9975385968B2BADF59AB Referenced in post(s): Update: python-per-line version 0.0.3 python-per-line_V0_0_4.zip (https) MD5: FE8E875E2A7B8CD89FCAAB3B5830206C SHA256: 7A6DACBAFC13DDE164F2AAB49DA766613F23BE78FF9BCAF5392EEA01F71620D0 Referenced in post(s): Update: python-per-line.py Version 0.0.4 python-per-line_V0_0_5.zip (https) MD5: 1CED1F84FD44E64BF448558BA02E0978 SHA256: 8E6845006BD3463135CE7AA0AA05FA596AC10E6E2ACC4B45C5909B624A20D6A5 Referenced in post(s): Update: python-per-line.py Version 0.0.5 python-per-line_V0_0_6.zip (https) MD5: FDA3365E2DC54EF65B2E8F6EE8D0DB9E SHA256: E7496229BF64B2772AF5C49E4BC065281F06043192453E96A783808F6F3E61D1 Referenced in post(s): Update: python-per-line.py Version 0.0.6 python-per-line_V0_0_7.zip (https) MD5: 1AF491C2AD45E7ADB83F121B40F60BFB SHA256: 5CB1E7C17EE359090E9E7168692CF00347E9815DC47CCCA14A2B4C974832510B Referenced in post(s): Update: python-per-line.py Version 0.0.7
python-templates_V0_0_1.zip (https) MD5: 99E9D87681470F1BAE020B68F2853F49 SHA256: 2CA24AD6928FA2FE2DE894FEFBD1B41238B723D46ADED4064D26374A805BA1C4 Referenced in post(s): Release: Python Tool Templates
python-templates_V0_0_2.zip (https) MD5: 082812485D24AD0E3D12F1618BC44367 SHA256: 98DE8BEC508C7E678D294DD630466DA175524D4180C1E8C3A6C06EE11587981E Referenced in post(s): Update: Python Templates Version 0.0.2
python-templates_V0_0_3.zip (https) MD5: 177ABEC23A09F489893823C5D3409C09 SHA256: A0F5F316E4EB858F9D8257039D68CF25AE0B2ADBCB3602A5FD1C12A9FC92706A Referenced in post(s): Update: Python Templates Version 0.0.3
python-templates_V0_0_4.zip (https) MD5: 0ED3B69594A5BCD5069391177A6C1F79 SHA256: 15DBE4FD16F19FEBF4CB9381E4D59A1B7ECC11C43B48AE96FADD75FC53BB189F Referenced in post(s): Update: Python Templates Version 0.0.4
re-search: Program to use Python’s re.findall on files re-search_V0_0_1.zip (https) MD5: 5700D814CE5DD5B47F9C09CD819256BD SHA256: 8CCF0117444A2F28BAEA6281200805A07445E9A061D301CC385965F3D0E8B1AF Referenced in post(s): Extracting Dyre Configuration From A Process Dump re-search_V0_0_10.zip (https) MD5: A4A22FBA70990B57C811DD290C6F0DAA SHA256: BF5084E4CE7A528AB2701D5AAA6C7366A3A43B8768C712263133A6E302569E86 Referenced in post(s): Update: re-search.py Version 0.0.10 re-search_V0_0_11.zip (https) MD5: 72F160A83E214351162704EB4B94EB9E SHA256: 624E2864738008F6A63CC4E3F7B5FCB3738389DBC7E6EF29BC8C2F749ABAD9DE Referenced in post(s): Update: re-search.py Version 0.0.11 re-search_V0_0_12.zip (https) MD5: 8CA8D767BDB126B097E41F0D4B1F197B SHA256: 69752CF9862FC4EC29DD96289A21D1C8C82FB4C3C3083BE622C169BA658F0A40 Referenced in post(s): Update: re-search.py Version 0.0.12 re-search_V0_0_13.zip (https) MD5: 241464482856756FF1C0C2386AF84CD5 SHA256: 9409EC639C4C6E988ADFC2401CA89200712BE171894D214B56E4ACC84C32E489 Referenced in post(s): Update: re-search.py Version 0.0.13 re-search_V0_0_14.zip (https) MD5: 53CDB34174E6EFE211872D6BC64533CC SHA256: 3F55E6EA7272BFC780E159BA886932F96DC055CF533B0B3C3A5CCBAF0229682E Referenced in post(s): Update: re-search.py Version 0.0.14 re-search_V0_0_15.zip (https) MD5: E68D42F9F943335961C12BED7AD459A7 SHA256: 47F837C198CC3033B9C07086EA4FD0484BC40CE850723B4F6A849FB237D9A7E0 Referenced in post(s): Update: re-search.py Version 0.0.15 re-search_V0_0_16.zip (https) MD5: 21A7096116F50CCA051A152066B2DB50 SHA256: 4A3AC1B1BED68660316011F14EFC84B344BE3FF7E335CDFA8F1AAA2C0D2D06B0 Referenced in post(s): Update: re-search.py Version 0.0.16 re-search_V0_0_17.zip (https) MD5: 8945F435BDA03D73EF7A2BA1AA64A65E SHA256: 0D74709B9F26FC7F6EEADAEE1BAA3AF7AADAA618F88B1C267BA5A063C8E3D997 Referenced in post(s): Update: re-search.py Version 0.0.17 re-search_V0_0_2.zip (https) MD5: FC921EAF48774B6E113FAE76867B69E1 SHA256: B07BF53FE476E6FC4D5B568BA2B0B70DD3BC037478A2CBF3A08A1AA6CCDD402C Referenced in post(s): Update: re-search Version 0.0.2 re-search_V0_0_3.zip (https) MD5: 6C4F59C4BA5DAC1D16D3E09D1E333FD0 SHA256: BFB019F1350F7D63FB3704322F62894A4B17D8EE03CC186156F2A97045E47F58 Referenced in post(s): Update: re-search.py Version 0.0.3 re-search_V0_0_4.zip (https) MD5: 965C484CC5BF447B390BA4E176698972 SHA256: D2F3A52F7590CD38E796B6F6209FC87A1BD6451F1787010557FA39E25AFDBC2F Referenced in post(s): Update: re-search.py Version 0.0.4 re-search_V0_0_5.zip (https) MD5: A03CBBA9F2C5900A368BC064D3CC3D00 SHA256: 940B12CA8E3ADCC0266BC788B5A7AE2C830115BDB9FC04C3A7A178FDD7D44F02 Referenced in post(s): Update: re_search.py Version 0.0.5 re-search_V0_0_6.zip (https) MD5: 0FFBDC31D2257BA85251F9C54D0804A1 SHA256: E05008772AB3C97478749FE383E04155466D6DF6BF22E1BBDC5A6B8B6BB3E0C8 re-search_V0_0_7.zip (https) MD5: 38EBBC6B45476AA2FB03DC9604D2F7EE SHA256: 7BE3B986126C3E40A886A66A08EA360EEE01A29F064F2D3235A1311C4FB4E45E Referenced in post(s): Update: re_search.py Version 0.0.7 re-search_V0_0_8.zip (https) MD5: D4895B54268683BFBE0126D02B01A4A2 SHA256: 85919EB964FF9CF0EDE7DA64E9BCE6619480DAC71D0CB65B5EE667322B18DDBB Referenced in post(s): Update: re-search.py Version 0.0.8 re-search_V0_0_9.zip (https) MD5: E9BC3AFF3FA3D6ED0F14EC4941955C2D SHA256: 4AA92E513A478D02DD12110D3759FFCB2996A3E8A5D2D812124922C5023C3B50 Referenced in post(s): Update: re-search.py Version 0.0.9
regedit-dll: ReactOS regedit.exe transformed into a dll regedit-dll_v0_0_1.zip (https) MD5: A736AE075FE12656D4A8DB7421AB035B SHA256: 8392D6C814670F7198BFFF9741F4589D806FFF1C89A964AD14C9DA4047F45C6F Referenced in post(s): Excel with cmd.dll & regedit.dll
RegistryScanner-beta.zip (https) MD5: 5D05A681A5F3C51B61EE1D73BF76286B SHA256: 6117206A039DA6248167506EA7AC42262F2AF58D2864EF11AEF433C77397D5FF
rtfdump: Analyze RTF files rtfdump_V0_0_10.zip (https) MD5: E7D235AC14A83DAABCD433DE1948E989 SHA256: 750430C0DA0B9D25B0BBBB972F107D1459FEAF45A2D61EAB6C10E84CB8AA01F8 Referenced in post(s): Update: rtfdump.py Version 0.0.10 rtfdump_V0_0_2.zip (https) MD5: 368CCACC556E283D5E1759ED5E164BFF SHA256: DA9B0AB231B1ADBC1083FC0F915A789EF19A5F7540C317CFA80BF3DE038C7952 Referenced in post(s): Releasing rtfdump.py rtfdump_V0_0_3.zip (https) MD5: 59DC23EE55F76C065A2A718DDFDB0E4E SHA256: 46F9D768C6976AD5D4018EFDFD35DAE4212FEAE57871434A33CAEF028CB4CBA2 Referenced in post(s): rtfdump: Update And Videos rtfdump_V0_0_4.zip (https) MD5: C384FD5356DA4E2129E44903BA20966A SHA256: 0B73AB16577BDB1DC0B1431013E28893004DD563DD4C4D00BA1D20B1DBAED917 Referenced in post(s): Update: rtfdump Version 0.0.4 rtfdump_V0_0_5.zip (https) MD5: 14475C70D992FB72306D5F83815DDE19 SHA256: A26A60536509BA7CF55FF1876E8BC3A6DBA43F1EF8841F159D55411FD11B5078 Referenced in post(s): Update: rtfdump.py Version 0.0.5 rtfdump_V0_0_6.zip (https) MD5: B4F9264F2431322F52BAAB834A5A144D SHA256: C15918E89313D03F01BC8A3BCB68376B6E21558567BDFD81889F48196DC80986 Referenced in post(s): Update: rtfdump.py Version 0.0.6 rtfdump_V0_0_7.zip (https) MD5: 59F86BA57D67CB78B9D863AFEA710709 SHA256: 1A8EDD4F73F020F44B0AAB39FC3A1C313C81BF8A1E031A76D8B8C85E34116DD6 Referenced in post(s): Update: rtfdump.py Version 0.0.7 rtfdump_V0_0_8.zip (https) MD5: 5EB2E1CBD0EFFF14BC4EEC43A10B1A84 SHA256: 6B9AD22FD55D28A1CFCD5660E4200F38152601DE74DC2566B1749AD7A334B328 rtfdump_V0_0_9.zip (https) MD5: 26BE358EC8D42BB7532B6C0C1EBAD1F2 SHA256: 3F6410AC7880116CDDE4480367D3F5AA534CCA3047B75FEA0F4BA1F5EAA97B07 Referenced in post(s): Update: rtfdump.py Version 0.0.9
RTStego: Rainbow table steganography RTStego.zip (https) MD5: 8DE76B0E81314CF8614678621CB7D162 SHA256: E8E8AA7A397E576D2BEB761B045D974D4D25E22AC6E3680154940A586AFEB91F rtstego2.zip (https) MD5: E8C7CBDD6B5C2FF56A2BDC3B04401AFB SHA256: 31CBEFDCB5C865E9AE243BC1C0261DD08CF1FFABE792AEAA9DE9F903E9CAECA9 Referenced in post(s): Hiding Inside a Rainbow, Part 3
runasil: Launches program with a low integrity level runasil_V0_0_0_1.zip (https) MD5: 5B8CE64715903DD7EEF4AF3B89E6E6FD SHA256: 15841A9D9985E626C5B70B4BC3B2BF2CD68C38102B6BB1D92BA352D19F5C8A65 Referenced in post(s): Runasil
RunInsideLimitedJob: Start program and run it inside a limited job RunInsideLimitedJob-DLL64_V0_0_0_1.zip (https) MD5: A6048613CE00C9F401A8AC7943A451E3 SHA256: 279F6BE0EB124814D37A5E70F2D906B1756B27CDDC7E7AEA40B2B42B39C0CFCA Referenced in post(s): RunInsideLimitedJob 64-bit RunInsideLimitedJob_V0_0_0_1.zip (https) MD5: 90055BA2928D06EC7A883DEF6E7F37C6 SHA256: EF88A2963436F5893727A90413CE624B473352190E936E35EEF85E246655486D Referenced in post(s): RunInsideLimitedJob
SE_ASLR: Force ASLR on Windows Explorer Shell Extensions SE_ASLR_V0_0_0_1.zip (https) MD5: 9D6AE1A96D554AEE527EB802FE59FB20 SHA256: 8A6C1406A757CD9788A2630D76A497E2C058333EE4D44CA0B85B2A05A39F257E Referenced in post(s): Force “ASLR” on Shell Extensions SE_ASLR_V0_0_0_2.zip (https) MD5: C835D1DDB64A68A1CD48CCF87AE03D18 SHA256: 1560BEE96CFC956A5E8954FEFD92ED227293418B19FE6B06D4ED703B6C50F4AC Referenced in post(s): Update: SE_ASLR Version 0.0.0.2
search-and-replace-with-wildcards: 010 Editor Script for search and replace with wildcards search-and-replace-with-wildcards_v0_0_1.zip (https) MD5: 7D620E8BEFFD4ED5563D9944C9B0B859 SHA256: B7F074304660A8DBF7AB2261D8619FFFFD461EFB5EE4C6E42880C87A3C1A4AB7 Referenced in post(s): search-and-replace-with-wildcards.1sc
SelectMyParent: Launch a program and select its parent SelectMyParent_v0_0_0_1.zip (https) MD5: AF327175764886FB41304F7BC157FC58 SHA256: 16F40EB7996BAC1084DA366B1CF89ADA40093099373DB1FDBAE81CDCA5D2B560 Referenced in post(s): Quickpost: SelectMyParent or Playing With the Windows Process Tree
SendtoCLI: GUI tool for CLI commands SendtoCLIBeta.zip (https) MD5: F672206A863642E2706A328ECCC18AE2 SHA256: 3EAB27C2496233816AD76E0EB0E35D274D4C711D7EFF8AE236BF0154DE55A423
setdllcharacteristics: Tool to set DEP, ASLR, … flags of a Windows executable setdllcharacteristics_v0_0_0_1.zip (https) MD5: F96358BF90AA4D8C6B32968B2068BFCB SHA256: 5A9D3815F317C7C0FF7737F271CE0C60BE2CB0F4168C5EA5AD8CEF84AD718577 Referenced in post(s): setdllcharacteristics
sets: Set operations on 2 files: union, intersection, subtraction, exclusive or sets_V0_0_1.zip (https) MD5: DF0AE1EF67B4BA04750A39EF7FAEE09C SHA256: A5FF61610AD67CA0638E53A10DD083612C2F5BF42218DD2393AFD20035E89B9F Referenced in post(s): New Tool: sets.py sets_V0_0_2.zip (https) MD5: F744A900D3EBF7A0D0927F5244FA65F9 SHA256: B205B766D0FB4D12DD334BD6CD20748E14EF1136D545F7EFBB5CEAC6B3F0D942 Referenced in post(s): Update: sets.py Version 0.0.2 sets_V0_0_3.zip (https) MD5: F8B1EB9140EBA621CBF6F393717BF2EA SHA256: 94200F8313A66D7CAB6C200A24DD6A5B1D9644004C2ECCF01F22004A801EFE03 Referenced in post(s): Update: sets.py Version 0.0.3
shellcode2vba: Convert shellcode to VBA shellcode2vba_v0_3.zip (https) MD5: 44AF2685975346F9DE09E48E7FB855CE SHA256: 04C42FA26717CCC7BC17A7BEDA02C746CA1A8BC8C6CE184670CD686796B5FF10 Referenced in post(s): shellcode2vba shellcode2vba_v0_4.zip (https) MD5: DA1580DEF5B5CFF08ACF5FA921AF0822 SHA256: BDC0A5EC3E918B3DA27C392E1B2F909B7BDAD319C43A4250689DD38C81FF876F Referenced in post(s): Update: shellcode2vba.py Version 0.4 shellcode2vba_v0_5.zip (https) MD5: BAD6684A6887F9E90FF755609B4CA2D5 SHA256: C403CD8196593F2ADD6BED40E9E7A14E49DB48909788DE8BB27A95D71E58A13A Referenced in post(s): Update: shellcode2vba.py Version 0.5
shellcode2vbscript: Convert shellcode to VBA shellcode2vbscript_v0_1.zip (https) MD5: AAB0431127C657C9A3EF67E1C73E6711 SHA256: D1CDDAFCB734EC3F35E558DECFF2EDB73DC0C394936814B602B605F09DE4A5E5 Referenced in post(s): Shellcode 2 VBScript
ShellCodeLibLoader: ShellCode With a C-Compiler ShellCodeLibLoader_v0_0_1.zip (https) MD5: F6D4779097A8A11C412BDD47B7B1C8AE SHA256: 3294A4322926476562AF34A80B8155638EFEEF38E401E69D6DB9BBB652C3EB58 Referenced in post(s): Shellcode
ShellCodeMemoryModule: Generates DLL-loading shellcode from memory ShellCodeMemoryModule_V0_0_0_1.zip (https) MD5: CEABB3A8A9A4A507BA19C52EE2CC5DA9 SHA256: 284344C909E623B0406BB38A67F5A7A1AEE2473721244EED52CCEBB8846B0500 Referenced in post(s): Shellcode
shift: 010 Editor Script to shift bytes in a file or selection shift_v0_0_1.zip (https) MD5: 0E98DD182D12839FD86A30E696414E0A SHA256: 07D849E9E898AFA705E57474FADFF001C9CAF9DB1D51AD8C9EB7E9A2A765D714 Referenced in post(s): shift.1sc
simple-shellcode-generator: Python program to generate 32-bit shellcode (assembler code) simple-shellcode-generator_V0_0_1.zip (https) MD5: 3A6D00C6EBC1F20589C952817174653E SHA256: FEFD4059810DA7855CC3CBC6A198FD75607C4F7B7B2F71817689E1520B454C58 Referenced in post(s): simple-shellcode-generator.py
simple_ip_stats: Process PCAP files to calculate IP data statistics simple_ip_stats_V0_0_1.zip (https) MD5: 0482F3667E4EE6444350D9B0A146F764 SHA256: 480DCF2C82030EF996A6C1C3FEFCAAB77C000EC72DECA91329298C9BCC578BAD Referenced in post(s): New Tool: simple_ip_stats.py
simple_tcp_stats: Process PCAP files to calculate TCP data statistics simple_tcp_stats_V0_0_1.zip (https) MD5: 606DB4208BBC5908D9F32A68DDF90AC6 SHA256: 68B275C58736AE450D23BEA82CC1592936E541E00726D8ED95F5CA8ACB02B7CE Referenced in post(s): New Tool: simple_tcp_stats.py
SimpleEncoder: 010 Editor Script to encode current selection by shifting characters SimpleEncoder_V1_0.zip (https) MD5: 02C7BA20D8BF9EB965B3957BE8D26094 SHA256: 7C98B404F49F5E22A8A052AB4E100BF4ABCE37F39518293FC697D21C1D36A4F3 Referenced in post(s): New Tool: SimpleEncoder
snort-rules-V0_0_1.zip (https) MD5: 526AAC1CE1E8576633498223DFA07E3D SHA256: 7694E4E884E12068BC2A32714D3B0C48060B12C80E4093AFB6B1563E2EDA5E8D Referenced in post(s): Detecting Network Traffic from Metasploit’s Meterpreter Reverse HTTP Module
split: Split a text file into X number of files (2 by default) split_V0_0_1.zip (https) MD5: 49C0A77DA89376541073D09E010F7375 SHA256: 09D50C104AA4A32D963EB4254F48520ADB94A43BFF08FF68F8ADBA3C0ECC896A Referenced in post(s): split.py
ssltest.zip (https) MD5: 1B50D6A10637BB6472ED541733BBE68D SHA256: DA744643CF06645DA9C27A7DD62853E15123D7481AE5D6776E6393A6312847E1 Referenced in post(s): Heartbleed: Testing From a Cisco IOS Router – ssltest.tcl
strings: Strings command in Python strings_V0_0_3.zip (https) MD5: DE008589A0B4B3C33B52BE3A171EB14D SHA256: 9EBA69933B44DF41F4B51EE45B510E15FA85BCB38AD4CE45C863E8BBDAFED489 Referenced in post(s): Release: strings.py strings_V0_0_4.zip (https) MD5: 8B1F5A6BEBA2BC8BDFF16B99C27050E4 SHA256: 7BBAAB0E83692288BDC35BC0FBDD6B2F8A141280E506131E2818F49BEF31D01A Referenced in post(s): Update: strings.py Version 0.0.4 strings_V0_0_5.zip (https) MD5: A4BF314BE0A72972ECA7B14B558610E6 SHA256: 30E9E9BB618006445483AA78F804766D8FFA518974B81F9B68FF534BEA30B072 Referenced in post(s): Update: strings.py Version 0.0.5 Pascal Strings strings_V0_0_6.zip (https) MD5: C4633CDAF3AEADE23738AA9356F50298 SHA256: 93A87F515103A0C9DA01D6DA034CE7FB5CC7E562B095EFF614EF09C8DD92D455 Referenced in post(s): Update: strings.py Version 0.0.6 strings_V0_0_7.zip (https) MD5: 2533BF3E7CBD5526718CDE5E150039D2 SHA256: FFBE686A2E41B22858023898580419806A789349D408C24EF25E8BEBCD33A418 Referenced in post(s): Update: strings.py Version 0.0.7
Suspender: DLL that suspends its host process Suspender_V0_0_0_3.zip (https) MD5: C87FCAB2586C6154B58FB0F95FBB1FBE SHA256: 56D0C641569E99AC31C7590DE513025E21166747565B73C5EBE34346616FFB2F Referenced in post(s): Suspender.dll Suspender_V0_0_0_4.zip (https) MD5: 629255337FE0CA9F631B1A7177D158F0 SHA256: 8E63152620541314926878D01469E2E922298C147740BDEAF7FC6B70EB9305EF Referenced in post(s): Update: Suspender V0.0.0.4
TaskManager: Windows Task Manager written in Excel/VBA TaskManager_V0_0_1.zip (https) MD5: A0A7584C83F4DD85F57F8511E332893B SHA256: A0A128DA6297968CB2F434628AD4F045E14EBDC8AE3B05DD3D0F21CC954C13CE Referenced in post(s): TaskManager.xls TaskManager_V0_0_3.zip (https) MD5: BF40B4317C7E04E1F65B8CEE55ED3A7A SHA256: 0D48C2E6986F1DD8FA3A0671A1A53F0FC489923701963031FDC4FA516603EEC1 Referenced in post(s): Update: TaskManager.xls Version 0.0.3 TaskManager_V0_1_0.zip (https) MD5: 5ED2AB6036CA94FAC7DEE5352718D07C SHA256: EBCF4832C4DBAB0AFE778E19423EBB56CA4644DA1FDB5B2EB1BB4C27A26DB18C Referenced in post(s): TaskManager Runs on 64-bit Excel TaskManager_V0_1_1.zip (https) MD5: 57D0ED69E034872DE7DF217DD491B732 SHA256: 08FD64B90E34150BD48A54904F04905D84249E7042BF31E6A5AA642B2B855D91 Referenced in post(s): Signed TaskManager TaskManager_V0_1_2.zip (https) MD5: DEDB20DA6EE1A622DD3C234D07F5FE08 SHA256: 23EC10C7206BA43B56EF185E7C18EF528FD551FC0B34FFF9E4E183C37A114FF8 Referenced in post(s): Update: TaskManager.xls V0.1.2 TaskManager_V0_1_3.zip (https) MD5: 38DED14A7A468923C3552A6135CC570C SHA256: CABD1F73C8D069A85EA439D7AFF736723B5759A6ED929FB3F21A4ADD3D0605BC Referenced in post(s): Update: TaskManager.xls V0.1.3 Killer Shellcode TaskManager_V0_1_4.zip (https) MD5: FBB30486CF0E7A1BEB7342EF4672DE52 SHA256: 30779E09B5B0D1D1AFE9C33B12EDD0982E775A9FA0B0D2A1189835004750FB5F Referenced in post(s): Update & Split: TaskManager.xls Version 0.1.4 TaskManagerSC_V0_1_4.zip (https) MD5: 61C6657B2E36F3240A67960BCA413E56 SHA256: FAAB1044318A1EB6FEA09109ABDD982CDFFAEE54DC1C81D3416CC2A69DEEEC70 Referenced in post(s): Update & Split: TaskManager.xls Version 0.1.4
TestIntegrityCheckFlag: Test program for Using DLLCHARACTERISTICS’ FORCE_INTEGRITY Flag blogpost TestIntegrityCheckFlag.zip (https) MD5: 7F6E9A0B0440BE80F2287AE4C30A5176 SHA256: 2E60E121C5AE9AFDAA7595E0A2177D65A1F08D39ADA4F1E14605749DEE22B3CE Referenced in post(s): Using DLLCHARACTERISTICS’ FORCE_INTEGRITY Flag
translate: Python script to perform bitwise operations on files (like XOR, ROL/ROR, …) translate.zip (https) MD5: B76FF05E3CB8015F716AC6BF0111BC5A SHA256: F715854D5C0C7E280515B0A3496B8020C4170288BFA9930FDE58C380F2FB6670 translate_v2_0_0.zip (https) MD5: 31739EEE90E303A8DA5A995344BA6F5B SHA256: CFB11380C4193E91D7843F195D9EA086A59829F9CF3DF4016C12ACE8378B052C translate_v2_1_0.zip (https) MD5: AF8B1FB7A48AFC519F7656763A95980C SHA256: 6C65ABE811263E1F687DEDB0A1064C141FFEEA5105BE3C925972BC0B9CE73FC0 Referenced in post(s): Update: translate.py V2.1.0 translate_v2_2_0.zip (https) MD5: D561D9987A3E5264E40A4B5C4057A732 SHA256: BC532BD5C7DD86DCADDF7B7B9A34453E983E226E103E0591E7D480BB43C350E0 Referenced in post(s): Update: translate.py Version 2.2.0 for Locky JavaScript Deobfuscation translate_v2_3_0.zip (https) MD5: 3C21675A2792DCBAF2EB0222C3D14450 SHA256: B51D4D47213AE7E79E3C9D157F5FC8E26C41AB9A5F3A26CD589F588C03910F2A Referenced in post(s): Update translate.py Version 2.3.0 translate_v2_3_1.zip (https) MD5: A3C30A3534DC96B28C1C18B425E2A82D SHA256: BBD24406BC3038620807E8C4116B325BE6124BE92D041173A8E4BAB56D06C7E2 Referenced in post(s): Update: translate.py Version 2.3.1 translate_v2_4_0.zip (https) MD5: B33830C68D8A8A7534AF178243658E70 SHA256: A01AB10FCE42664869C4E31DB1AB2E1E0237172D0AE9685549A09BF866D7F885 Referenced in post(s): Update: translate.py Version 2.4.0 translate_v2_5_0.zip (https) MD5: 768F895537F977EF858B4D82E0E4387C SHA256: 5451BF8A58A04547BF1D328FC09EE8B5595C1247518115F439FC720A3436519F Referenced in post(s): Update: translate.py Version 2.5.0 translate_v2_5_1.zip (https) MD5: A73F9E76A3471C5DD48BBC69AA52EF90 SHA256: 9E47D27A6509EFD210F6F23DC19D644E61DEAEF82466254185B4DD9931B9029F translate_v2_5_10.zip (https) MD5: DB9574D664257263C51FE7C74C7B281E SHA256: E8993B3F2C25A92A9F4583636E1CEF79D79649B29FFF56EAA9AF8A30FCF9B9A6 Referenced in post(s): Update: translate.py Version 2.5.10 translate_v2_5_11.zip (https) MD5: CB3B7F284B2F5C73FC583BB8E91B33AA SHA256: 99717783D1225E1B95EE721AA2C7F3A09AE02647E28E7C6337776363B9BFFC33 Referenced in post(s): Translate Update: translate.py Version 2.5.11 translate_v2_5_2.zip (https) MD5: 1499C7D9C03928F2CE90BAA813A982DA SHA256: 34451966781CA9821CD66AEF54379A3B47576CD4FCE8CBEFD9EFA3DA06E49CE9 Referenced in post(s): Update: translate.py Version 2.5.2 translate_v2_5_3.zip (https) MD5: F3C01FCA74A84F1712BAF187E9FE479F SHA256: 4CA311456EDE5A43097D4E567F225CFF2A68D47B96A261FC935F2A0F1CD4EB0F Referenced in post(s): Update: translate.py Version 2.5.3 translate_v2_5_4.zip (https) MD5: C07B37F7AFA0386315843E6A493721C1 SHA256: A2203C643FC8BC64A98DCA3EE1F9444BE16F5D5C2036AC0200A6BA657786C5EC Referenced in post(s): Update: translate.py Version 2.5.4 translate_v2_5_5.zip (https) MD5: 0BBB0E7E569BCB08D5A9278C974A3EE6 SHA256: 78E0BAC87DF47D06BB9C351FBF3CA623EE10B3993E071E7C9A0C9C4DB0FFF1D4 Referenced in post(s): Update: translate.py Version 2.5.5 translate_v2_5_6.zip (https) MD5: 9615167810202129C0CFC3D5125CC354 SHA256: F926E474B966790A1077B76C029F912100128C4F1CE848781C14DF4B628395D7 Referenced in post(s): Update: translate.py Version 2.5.6 translate_v2_5_7.zip (https) MD5: 886C1B4C518EA58F972F87980994B976 SHA256: 01E4239E050DE4853AC53020CCE44C9804003A4A2C195974B5B16AEDD1B8E1B1 Referenced in post(s): Update: translate.py Version 0.2.7 translate_v2_5_8.zip (https) MD5: 677BD5D6007F264A05D23A9A01B3DD13 SHA256: 977D7A87F771F5E86A6B57D2B565D7C789A7AC7696599E8B7412E9051D66DCFF Referenced in post(s): Update: translate.py Version 2.5.8 translate_v2_5_9.zip (https) MD5: 8EC7A9F0738C86CCF2F0B44D3994E798 SHA256: 3C469996F7014CC1BD5D4F02157B7D5803698D93018360904B79EA2A1601BD10 Referenced in post(s): Update: translate.py version 2.5.9
ultraedit_scripts: Collection of UltraEdit scripts ultraedit_scripts_v0_0_1.zip (https) MD5: C218BF518291499600B7B769AD3D14EE SHA256: CE8FAFF9F7708B6CF596EE455735656F902C5DC99A47EB8AA35F217E6E03656C Referenced in post(s): UltraEdit Scripts ultraedit_scripts_v0_0_2.zip (https) MD5: 41AAAFEE0A7E5BAC98B754A57222C656 SHA256: 3977077CF09219E303A8F2E8FD8F6BD7784889EAA5EBBD502D3E84ACE195264B
UndeletableSafebootKey: Tool to generate an undeletable Safeboot registry key UndeletableSafebootKey_V0_0_0_1.zip (https) MD5: 2FAC291AD547657E31B157B8581D4601 SHA256: 7A1E42A57BBF8E804491318671AE992947C82DCC9C2001E3033B45E4AEAB2DDE Referenced in post(s): The Undeletable SafeBoot Key
USBVirusScan: Launch a program, like an AV scanner, each time USB removable storage is plugged-in USBVirusScan_V1_0_0.zip (https) MD5: CAC7ACD6F91C35BD5A4FBD9C3CFE92EC SHA256: BBF6A971D55FF6A5A410C29E0A65E6D53F14F607C528BEDB39C14B90CB0C0CCE Referenced in post(s): USBVirusScan USBVirusScan_V1_1_0.zip (https) MD5: AEC062146B3CF589DDE43FB912A5C6C2 SHA256: 2DDA12E79B05762A8512F27CA2D706E0807BD3542ED6D9D05BE202B764739E5E USBVirusScan_V1_2_0.zip (https) MD5: 9E9BAD87B7A16A16597A6EAB6735DB11 SHA256: 629193F33D52281CC073CAAEE0BD77D42CE0863A1E92618636F3DE9A490443F7 USBVirusScan_V1_3_0.zip (https) MD5: 603F5716EFA4AED4E874353767D32B79 SHA256: 88357BABAE2B19B37EA7C59E56A0230F0F88729DC9A709542538669856411C19 USBVirusScan_V1_4_0.zip (https) MD5: DB12C83F3ABB8BF56AA21B34E36302B2 SHA256: FC0B850E8F7B5BAED18D10CC09290BBD6FE4E23437C4BE8BD2FE24B9FC7FDBCE USBVirusScan_V1_5_0.zip (https) MD5: 93CA837B23F8428CB7C6E93A5B0658EC SHA256: 5BD2CAEC35FC6B58DF84C79AFEF62E8B8A3BF6F39E2674DCA795E40C61B193A7 USBVirusScan_V1_6_1.zip (https) MD5: 66F4B177F43ACA511B39E06F3D9EBE84 SHA256: 4618247B522294CF0D6543006892E687A2E1E42C1481648EA829B88E1F58698E USBVirusScan_V1_7_0.zip (https) MD5: 84FCDF8FF85378425A3E3F532B7E62F7 SHA256: 26C7C9346AA3B5EB90BE4962CA7CC1EAA39902528D4C954290EBA36DC3122180 USBVirusScan_V1_7_1.zip (https) MD5: A1BB3B6B92F435F12EB0C1AADA39A401 SHA256: BC79AEDB98A4DBA0AABC13C1448BF2D44B911C6AACC91CC7E1C3CF66656ABFCB USBVirusScan_V1_7_2.zip (https) MD5: BDEF7BAE13C10B2B6CD650A89FD910ED SHA256: 0090C73D6A3725E75C3388387A7A9E869C5D6BEA83E0D4D612E1CB25458163F3 Referenced in post(s): Update: USBVirusScan 1.7.2 USBVirusScan_V1_7_3.zip (https) MD5: 82A6A55D377D4DD5A200392C4117E39C SHA256: 13C1FE0DF02D600352A329D4866F76AF60BD837F50930013D2D98D5781348621 USBVirusScan_V1_7_4.zip (https) MD5: D6893EBD33FFD13C08C32B05DCD534C9 SHA256: C8187C36CBF0F46AD2D999F4EA32E9E18EE05BE9A16D9589C12E3BF91DF0FB30 USBVirusScan_V1_7_5.zip (https) MD5: 614F200C34C56C4E9FF44506B2776633 SHA256: F5525276A647747336106683D2E7DD17CDDF0E8D6580D15C0299931215954CCA Referenced in post(s): USBVirusScan
UserAssist: Decode the UserAssist registry data UserAssist.cab (https) MD5: DE9D576C0F5FF8D33E039A5064BD8AFF SHA256: C2417FDA1FE76B12D54366941CB2765AB7825F78AEDF0221C20B262010EAF2CF Referenced in post(s): A Windows Live CD plugin for my UserAssist utility UserAssist_V2_3_0.zip (https) MD5: DAB8BC639839A0CC5328BFE83B1105E6 SHA256: 887227ECBA99AE6D35FADDD549755DFF77A76C9AD24AEE806188D441B4A0C53A UserAssist_V2_4_0.zip (https) MD5: 3DA55E23088F07641914E55099913FD4 SHA256: FD10329BE02AFE504C1407EA5A7E28982BBC81C135FBF2208A1DA1DC66BFA3BD UserAssist_V2_4_1.zip (https) MD5: 306AE2A04B4B81EAEDE7FD37FDDBB9A5 SHA256: 1FE21D7F77D82B624BB41CB34BE8B7341BC267292DFD6F2DAB9B4A1D2B0D2539 UserAssist_V2_4_2.zip (https) MD5: C576E0A3F3C1999640D20C03AF815578 SHA256: B314140BEC313A227EF229F94BFE1ACA3D7308D29D7814439E51B3EBD571D1B4 UserAssist_V2_4_3.zip (https) MD5: A5244C7F83E0DE70600E27F5D3B8AD7D SHA256: 7E2D107BE84FBBF7E79F1BD11703401A374B5138B2F77E4FF8AFE1A3E749CCDA Referenced in post(s): Update: UserAssist Tool Version 2.4.3 UserAssist_V2_6_0.zip (https) MD5: 04107FE15FC676B7A701760C9C6D2F81 SHA256: F6F73F4E00905A7727ED4136DE875DD1FBCF4B90FFEE4B93D4A46E58C0314D45 Referenced in post(s): UserAssist UserAssist Windows 2000 Thru Windows 8 UserAssistWindows7LaunchParty.zip (https) MD5: 2921432E1DC65C3A4D12F738372A02BE SHA256: EB7ED7052F194B19B73E697467A1FE25D1DDF1D58F16CED60EC711EC97797667 Referenced in post(s): A Windows 7 Launch Party Trick!
virtualwill: HTML program to store your will virtualwill.html (https) MD5: C5DA37020D74F96F4D3762C9557CD15C SHA256: 59789A484F46072CE23C57005B81F487901DA6F2B5C80B018DE6C25A07EE26C0 Referenced in post(s): The Ultimate Disaster Recovery Plan
VirusAlert: C# PoC program that monitors the event log for virus alerts and displays customized messages for the user VirusAlert.zip (https) MD5: 2812C7377C9A6D185DE2F3D0B004FCC9 SHA256: 20255CEBC3341F4E28C5ABC75D388291CB5DD270109A04F35B95F5140E170BD2 Referenced in post(s): Customized Anti-Virus alert messages
virustotal-search: Search VirusTotal for provided hashes virustotal-search_V0_0_1.zip (https) MD5: 0F3A1E18C79DFDB143CCC2F860E2C4B2 SHA256: BD213BBC55A9048DBB7B890209E2831EF81049B45ABE9091E01F0692F4F23283 virustotal-search_V0_0_2.zip (https) MD5: 0D3C70213DD59CC935ED999A038237D6 SHA256: 83DBC2428901CA2AE308D6A2863EB3B0FDC170C3F0801FC755FF4EA7AAE5ADE1 Referenced in post(s): Searching With VirusTotal virustotal-search_V0_0_3.zip (https) MD5: 89D48483B8CF48A11A26314CC3A7631C SHA256: A66A264A772CB9AEE356E1CF902E93FCA8CDE77233A09DB4999BCF15FA45EDF9 Referenced in post(s): Update: virustotal-search virustotal-search_V0_0_8.zip (https) MD5: 011C88A9C9026A32DA473187A64E880C SHA256: 30711202BB0CD01A17AFA7BB8BBFE1545B6A840BDB91D83C7753300EF7E71A8F Referenced in post(s): VirusTotal: Searching And Submitting virustotal-search_V0_0_9.zip (https) MD5: FECD02796889CDFE9FA67287F2DE567C SHA256: 0CE06CBAFC6341835EB8A62377F5C4EB067747EE28E7ED8BB25FD69A4B99FA97 Referenced in post(s): Update: virustotal-search.py virustotal-search_V0_1_0.zip (https) MD5: 0141D3677F759317034C416EBF9FF30D SHA256: FE07859C3FA09DA120D3104FF982AF0D78ADFCF099A10E46E254823502DF4EE4 Referenced in post(s): 4 Times Faster virustotal-search.py virustotal-search_V0_1_1.zip (https) MD5: 67571F6926D0D652FD5E39019A503DB5 SHA256: E576E67AB3F91625942B93B106E94EFEFE769B4F19A3CD8BA1E1D506786F658F virustotal-search_V0_1_2.zip (https) MD5: 62C8031738E6E20FEC38337010496DF6 SHA256: 317AF862A62CF78FC58604EDB77AA3C00EC1543D2337EC634749C25CC5E4908C Referenced in post(s): Update: virustotal-search Version 0.1.2 Daily Quota Handling and CVEs virustotal-search_V0_1_3.zip (https) MD5: 6D93F6CCE56AA74C830D66F9AE2E88C0 SHA256: 09D3BA6BCE1A69E8292AD0D44FB216FBCBF5686EA3C64DCD5FC877E91D4141F4 Referenced in post(s): Update: virustotal-search.py Version 0.1.3 virustotal-search_V0_1_4.zip (https) MD5: 867D6272792965D11317BFB6308E20A9 SHA256: 8C033B3C46767590C54C191AEEDC0162B3B8CCDE0D7B75841A6552CA9DE76044 Referenced in post(s): VirusTotal Tools Update: virustotal-search.py Version 0.1.4 virustotal-search_V0_1_5.zip (https) MD5: 2155347687726A321D1ADBB9C9B81CFD SHA256: 4F614C9D01C694AEAA16F7D5E4DBFBCF37E8E8D01D382C1137F401612D02E110 Referenced in post(s): Update: virustotal-search.py Version 0.1.5
virustotal-submit: Submit files to VirusTotal for scanning virustotal-submit_V0_0_1.zip (https) MD5: 8793C3276822DDE36BA0804D3390AD4D SHA256: F17B9EEC408833039AE63FCED9F6114F99AADFBE9D547AE88B2C3A6E54AE91B4 Referenced in post(s): VirusTotal: Searching And Submitting virustotal-submit_V0_0_2.zip (https) MD5: 1152A8507FE7A668DCDF5C44DEAD11DF SHA256: D5A4E5C3E80F98D4A82A128D8C9DBA395C2B9CDFE9F37E2B0882904D47673CE5 Referenced in post(s): Bugfix virustotal-submit.py Version 0.0.2 virustotal-submit_V0_0_3.zip (https) MD5: 3F9F5421F711E2930AB6F80D87DF9E2B SHA256: 37CCE3E8469DE097912CB23BAC6B909C9C7F5A5CEE09C9279D32BDB9D6E23BCC Referenced in post(s): VirusTotal Tools Update: virustotal-submit.py V0.0.3
vs: Python program to take surveillance pictures from IP-cameras vs_v0_2.zip (https) MD5: DB806B49705D544F4B928A8F76622125 SHA256: 042FA2CE1F5AEBD433D59B9D4755783E6CE58014FE59086C6A2A8E8781C63B45 Referenced in post(s): Quickpost: More Picture-Taking with Python vs_v0_4.zip (https) MD5: A2AFAD9E581798F1D986A0AE9DF64577 SHA256: C3AC4892A71DF79E3BA87714CB6323D157C7E74C838EDE81013C96DD4EAD0238 Referenced in post(s): Update: vs.py vs_v0_5.zip (https) MD5: 83B6DE93E6E26B510E2FBC80C0FF3C17 SHA256: DE3D4DC8D00692BE57F4A8B0A13BB4E3FAE9564ECE444EA04A890B65EED2D538 Referenced in post(s): Update: vs.py Version 0.5
what-is-new: Tool to monitor new items what-is-new_V0_0_1.zip (https) MD5: 02067A60EA2EBEE29E98CAF31CEDDF37 SHA256: A4499A230D1925C164531A68C0E8F4FE016882A44D6EDBFF9F4D7BFFA29D14A4 Referenced in post(s): New Tool: What Is New?
whoami: Firefox addon to identify your profile whoami_-0.1.0-fx.zip (https) MD5: A786464D84C4AFD09FB76467EE8AB27C SHA256: 735B7B883ED673C3FDD439E9B3B61714ED742250B7AA43AA9CDA123CD8C4A7EC whoami_-0.1.1-fx.zip (https) MD5: BFFA2F2518146347D2067BFAA002D523 SHA256: FA90B8B4F3AB2A8CD34A2978C6C042D74BE24DC99B88840BA892DC21FC7FF90F Referenced in post(s): WhoAmI? Firefox Extension whoami_-0.1.2-fx-puzzle.zip (https) MD5: 2D68D7782B0D2249C10B5BE9AEBD9A51 SHA256: 7D9CEFEB78B6E028CE153CAF42A0D128CA8352B60886E799BF3963E1A217113F Referenced in post(s): A New Version of WhoAmI? and Another Little Puzzle whoami_-0.1.2-fx.zip (https) MD5: 0A366D2D56FC93F3A3314C09732E2377 SHA256: C53FF78CBD84F7F4E7F302D95F094456F3D20E8681B0394CA261A066265B202D Referenced in post(s): A New Version of WhoAmI? and Another Little Puzzle whoami_-0.1.3-fx.zip (https) MD5: 624548E28B6AADB6E4E7F2CA35CA62DC SHA256: BB3BFEFBBBD3AD5CDB2698375579DEF171433EE31DB661174F6475A4DEC5B181 Referenced in post(s): Update: WhoAmI? Version 0.1.3 whoami_-0.1.4-fx.zip (https) MD5: 7FFB2092549079A111C09A7E4A5EFE10 SHA256: CF9EAD524AEE04F1AD8F9893CF9DC558D03FABC25875B6BB52CAC567E3C1465E
wireshark-export_v0_0_1.zip (https) MD5: B339EFD0898B6506CBEAAFCBCE08B3A6 SHA256: 557B39246FAC3BD91CE24EAD3DF07F8B68100778241393A26C67A566756C404B Referenced in post(s): Wireshark-export
wireshark-lua-dissectors_V0_0_1.zip (https) MD5: F1F9F1E70CDC5B9931D6086E633698BB SHA256: B608A83409F2EB3D15155845D4DA5473230DCD970A18AB3DCD28A7C4211478D0
wireshark-lua-dissectors_V0_0_2.zip (https) MD5: 0C4891A9F6E7CEB809C98439D227A6DC SHA256: D5470327788FD31DDC8067C86AE1A78262010399058963E3187DD1AB6C4F4DEE
wireshark-lua-dissectors_V0_0_3.zip (https) MD5: 73F9BB860F2204DBDE7FF3A7E5CA413F SHA256: 900A21C862973294AB25A8966299386BD058A352CEA21CA97BA546DA12964465 Referenced in post(s): TCP Flags for Wireshark
wireshark-tools-v0_0_1.zip (https) MD5: 30232A81CBD0DEE275C2A3CDAF7E333C SHA256: E45CE8AF5417A8A1C857FDF84F2FD92860738CF2E723A64A730F606D2C495064 Referenced in post(s): The Credentials Listener
wireshark-tools-v0_0_2.zip (https) MD5: 0099A5AA5CBBF0789BCA2FCD9468153D SHA256: 2C367B872E3DBEAAA58F85D424F8342AB67B20FAF5E63159B4E958B2BFD166D8
WMFTemplate: 010 Editor Template for WMF file format WMFTemplate.zip (https) MD5: F3B1480744EDED9A07DE060EE04B3F33 SHA256: 9F441E5E37A93F36222307902FE167DA3D0C11EFCC63D30528928053D4798082 Referenced in post(s): Analyzing a Suspect WMF File
wmi-sc: WMI script for Security Center data wmi-sc.zip (https) MD5: 116274B40CDC5E82D9B5C7A9FFF24F2B SHA256: 6994694B622C047DFE25EED0022CECAE235BEB4CED3E2981965721568DC0C8D3 Referenced in post(s): Windows Security Center: Under the Hood
wsrradial: wi-spy radial WiFi plotting tool wsrradial.zip (https) MD5: 1BFAEC5138F76AE567BE460B1267E8BC SHA256: B3BFEF73628388E58E13DC1E1D7BED1AED3204F03AAF3A2175F2C863E6D83FF2 Referenced in post(s): wsrradial
wsrtool: wi-spy wsr files tool wsrtool.zip (https) MD5: 2781D0ED2EF6A490C5C8A857E4FD4350 SHA256: 3B2E076EBA9E73EAF8E7D70C1B155E087D9642822AD4C48FE9A82282D9CFAC3A Referenced in post(s): wsrtool wsrtool_v0_2.zip (https) MD5: 812ED5DA71AFEB55627540CB69657FF5 SHA256: 0FB288F02452D0927F9D8C36A4FADA89B4125852CBE6D0EB6FF7ED89D66F83EE Referenced in post(s): Update: wsrtool
xmldump: This is essentially a wrapper for xml.etree.ElementTree xmldump_V0_0_1.zip (https) MD5: 23D5643E45B97D6AE641DF6CAFA79370 SHA256: A999F2297EE44FAABCA5A025DAEC7E84CB30D34C68F181357BA439EBFE38A660 Referenced in post(s): New Tool: xmldump.py xmldump_V0_0_2.zip (https) MD5: 8ABFA4FFE259F61B7C42B2D19EADD8CB SHA256: 0A8B94EE8C77B404A507F4BEA4C5464146F3745A1FA9017ED3DCE8D7C2D18C15 Referenced in post(s): Update: xmldump.py Version 0.0.2 xmldump_V0_0_3.zip (https) MD5: 70D67100DDD30F6178C3E06B7CE97329 SHA256: C0A3199EA69494962CAC6EC3BA3AD47130BE5BB3D9D7D330579856AC9C314BF0 Referenced in post(s): Update: xmldump.py Version 0.0.3 xmldump_V0_0_4.zip (https) MD5: A97F4048226BD9A0BE47D1ABDEC5D770 SHA256: 2636D10294C5BCD8B1E97DFE30745FF91496FB9F87ABB8D99371B379AA711B25 Referenced in post(s): Update: xmldump.py Version 0.0.4 xmldump_V0_0_6.zip (https) MD5: 74BE27A8F45F1814341DCB7AEF6AE8BC SHA256: 1767C27D9907FDDF88015D938EFF47782C06547CEEF0493F67D85FF4A06656DA Referenced in post(s): Update: xmldump.py Version 0.0.6
xor-kpa: XOR known-plaintext attack xor-kpa_V0_0_1.zip (https) MD5: 4265BB1AFCD470A98070FFBDFCB1B52A SHA256: CF41CEDE7281459FA47061B366AA9B4A5F579CC9BA46E73098B52EA8CAB6E816 Referenced in post(s): XOR Known-Plaintext Attack xor-kpa_V0_0_2.zip (https) MD5: CA4DB797A7C12E3E81F55D9634EE77BF SHA256: 76344E06A2C1F121D4CDD1B063DC109E59B9D2351BA5CFDDEE8613DCD220283B Referenced in post(s): Update: xor-kpa.py Version 0.0.2 xor-kpa_V0_0_3.zip (https) MD5: 228B9DE1D3005F75190113369A91E1D4 SHA256: A30C20668BA0939DD936BB2706AEC636E5260EFB0B0F16F4770F9B1B59E780A9 Referenced in post(s): Update: xor-kpa.py Version 0.0.3 With Man Page xor-kpa_V0_0_4.zip (https) MD5: FCE75B6125104D8AFC56A67B65FF75C0 SHA256: 3DCCA479D4C8CAC9B248B24F799184A69D0F10403593CB002248DD35CCE60FD4 Referenced in post(s): Update: xor-kpa.py Version 0.0.4 xor-kpa_V0_0_5.zip (https) MD5: 023D8E3725E0EF7CEC449085AA96BB3A SHA256: 7517DD44AFBFA11122FD940D76878482F50B7A2A2BCD1D7A2AF030F6CAC4F4E3 Referenced in post(s): Update: xor-kpa.py Version 0.0.5
XORSearch: Bruteforce a file for XOR, ROL, ROT, SHIFT, … encoding and search for a string XORSearch_V1_0.zip (https) MD5: 3BECC4447C7318E4122503AD20606E93 SHA256: E6A52997C5AE7F2DBF32D1400FE4726314B0D9E2A369932FE46C5542EDB98B87 XORSearch_V1_10_0.zip (https) MD5: 23809A03C63914B0742B7F75B73E1597 SHA256: 97BFBC5E8C59F60E10ABDA2D65DF4200B10BE14662D4A447797B341C9AAE17D8 Referenced in post(s): XORSearch: Finding Embedded Executables XORSearch_V1_11_0.zip (https) MD5: 7313A198033C0A1F69B79F96894462C7 SHA256: 1700D037D7A9902108F3986D75A9BA250ACBD96E38CC43C5B4BC1FB90761B320 Referenced in post(s): Update: XORSearch With Shellcode Detector XORSearch_V1_11_1.zip (https) MD5: D5EA1E30B2C2C7FEBE7AE7AD6E826BF5 SHA256: 15E9AAE87E7F25CF7966CDF0F8DFCB2648099585D08EAD522737E72C5FACA50A Referenced in post(s): XORSearch: Hexdump Support XORSearch_V1_11_2.zip (https) MD5: 2B76F6C730BAC6324E92A731F42FEB74 SHA256: 4206B843AC2B9417A85A4B5381023EC4613C5B5095A6A0A19A072C21C66DE93F Referenced in post(s): Update: XORSearch Version 1.11.2 XORSearch_V1_1_0.zip (https) MD5: 6783AE78ECCE5FEBA3FF6128D0BB0FA8 SHA256: 819CC5BF930059EB8A19C95C6C5BE8EC5722BBC79A843DA8D198603B23FB09BE XORSearch_V1_2_0.zip (https) MD5: F4AECC366048AA429A1FE1E6EA220C8E SHA256: 04AACEED17AFA98283110BDE49B6A72988BCE0E2328575F37253DB3958E03AD2 XORSearch_V1_3_0.zip (https) MD5: 0A1F5DD50924E574A6624DF872A98C78 SHA256: FFC7E2D48512DB0BD2F13A0074E374E1BFE658A620A40E38FC451E07C9F7807C XORSearch_V1_4_0.zip (https) MD5: AA04084644BD49174CDD41020E16396E SHA256: 6E41A34C1867F78FC28533FFBDC793AD46C5F927088CBF9828D9A774BB2D7986 XORSearch_V1_6_0.zip (https) MD5: F672F95F49DD72ECCF93D1779BB0EBCC SHA256: B2D0E60C5A04164E176A3B3CA8C91631FFE145D3E4DFE0118C091262626B6242 XORSearch_V1_7_0.zip (https) MD5: EA4C659568720CE69EC5DF6EA5688C3F SHA256: E14584DE3ECE565CFCA2D1D193E6F6DCD0348FE6C80F949784CF3F4F56191E69 XORSearch_V1_8_0.zip (https) MD5: 0C252EDEBC85D8F0F9DDB8D1AA11E12E SHA256: C193D8275C80BE64D7734D8464C7F7F4AA394A983BC4939D531DD488E8550E66 XORSearch_V1_9_0.zip (https) MD5: 6DA3B4ADD5187067D26FEBFD341502CA SHA256: DC9283222D68696E67ED7D8BCBFD043F1ABF2B67C8DB8E9B29072948EFD3890D XORSearch_V1_9_1.zip (https) MD5: A2B82226E7B5D38BEF0981A815A96864 SHA256: BD6D9A88E673119D37A52D2F224A12B2F7CCABC1EB84D1F75CA3DE1D172E6DEB XORSearch_V1_9_2.zip (https) MD5: BF1AC6CAA325B6D1AF339B45782B8623 SHA256: 90793BEB9D429EF40458AE224117A90E6C4282DD1C9B0456E7E7148165B8EF32 Referenced in post(s): Update: XORSearch Version 1.9.2
XORSelection: 010 Editor Script to encode current selection with XOR XORSelection_V3_0.zip (https) MD5: EAF49C31C20F52DDEF74C1B50DC4EFA1 SHA256: 755913C46F8620E6865337F621FC46EA416893E28A4193E42228767D9BD7804A Referenced in post(s): XORSelection.1sc XORSelection_V4_0.zip (https) MD5: 1B3DB8C8DA51224DDE7CA0E4BDAAC945 SHA256: 22E60E10BC99BD24A408C12CC674858DB6F318088CD34B7C70782833401AACF2 Referenced in post(s): Update: XORSelection.1sc Version 4.0 XORSelection_V5_0.zip (https) MD5: 0C2776C7E02235C4949A81AAEF079F66 SHA256: 4F82BC180264FC21802A43E2E5B078EDA7B24FC655815A37948317E8F043A5CA Referenced in post(s): Update: XORSelection.1sc Version 5.0 XORSelection_V6_0.zip (https) MD5: C1872C275B59E236906D38B2302F3F4B SHA256: 1970A506299878FAC2DDD193F9CE230FD717854AC1C85554610DDD95E04DE9E9 Referenced in post(s): Update: XORSelection.1sc Version 6.0
XORStrings: Bruteforce a file for XOR, ROL, ROT, SHIFT, … encoding and dump strings XORStrings_V0_0_1.zip (https) MD5: 27DA0B3BC5296179CB58181BDFF99F8D SHA256: 5EA7E063A41E38E9E6277F1CD73FCEA2AEF50C33C44D75C226900314FF84A1B5 Referenced in post(s): XORSearch & XORStrings New Tool: XORStrings
yara-rules-V0.0.1.zip (https) MD5: 4D869BD838E662E050BBFCB0B89732E4 SHA256: 0CA778EAD97FF43CF7961E3C17A88B77E8782D082CE170FC779543D67B58FC72 Referenced in post(s): YARA Rules
yara-rules-V0.0.2.zip (https) MD5: 701B40BB29D8D05EB0C76DFD4F48F9F5 SHA256: E040D142B091FD41640431FF692D924BD7C74AA42D348A6BD2C510B4C3A1698D
yara-rules-V0.0.3.zip (https) MD5: EC51148410A3581320C51D6038B2C892 SHA256: 3E7A2AA90B0E4E851D58D4E8B69176C2903ACDD6B181A07EE51E2D13B96AC788
yara-rules-V0.0.4.zip (https) MD5: 0B56680932AE24B57FCA998FBC60A0D4 SHA256: 369B0E9A51976FE4F08F7FA08834889B81216E97720307BDBAAF0F68E4E83211
yara-rules-V0.0.5.zip (https) MD5: 298EB636B3A3CB6A073815A83A6D1BA6 SHA256: EA00D044A3A0FE29265817407E382034593E0DAAD9887416E7FC128DA24B8830 Referenced in post(s): Update: YARA Rule JPEG_EXIF_Contains_eval
yara-rules-V0.0.6.zip (https) MD5: 01CB37759AC30EEA8D2B66226609C73E SHA256: 1B56C1D7D0E1A8F500674B74F93F3E7DE6B2EFC85259ABE3A57F1DCA458CCFF8 Referenced in post(s): YARA Rule To Detect VBE Scripts
yara-rules-V0.0.7.zip (https) MD5: F290FEB72CAA3D8305E649CBA8A6DB6A SHA256: F72EEA1209EF77EBFD67615DEE366E5E2D76A4D7DE010E59DC4914D844734F4E
yara-rules-V0.0.8.zip (https) MD5: 83D10B0A18D3F8E2C744B8FEA10F5E67 SHA256: 2D47165757F909440F6D1A95FF5C0EA1355B355AE7475D2A0CF821D3B9A6235A Referenced in post(s): YARA Rules New YARA Rule: PE_File_pyinstaller
zipdump: ZIP dump utility zipdump_v0_0_1.zip (https) MD5: 72594B985FDBE326C6852D9E34DFFA73 SHA256: 7BD6377885A218D691077C837BBCB33B0DC3BA1C673495EF6CE8A5C5C5E8E8AB zipdump_v0_0_10.zip (https) MD5: 71B2483D24C4258DD34406CC433A3AF0 SHA256: 1259ABC36FDC13A2738D9C38549AB95A83D5039190ADAF44590E07AF6785BF7A Referenced in post(s): Update: zipdump.py Version 0.0.10 zipdump_v0_0_11.zip (https) MD5: E97E0191757230D2C7F9109B91636BF7 SHA256: 6640F971F61F7915D89388D3072854C00C81C47476A96CAC7BE6740DA348467B Referenced in post(s): Update:zipdump.py Version 0.0.11 zipdump_v0_0_12.zip (https) MD5: 7110FB8B873BFDCF10E4A1C2AB89ACC2 SHA256: EA2D852C132DEF7947EBA0FFDB3E4CC8C69032413D36E67BBB3F943FA7B44B18 Referenced in post(s): Update: zipdump.py Version 0.0.12 zipdump_v0_0_13.zip (https) MD5: 264D32D0DC863FC29FED161D4A73560F SHA256: 14D11D5244973A484E5754F20747D4B544C228AC951C885FE8B9FC6D26C86088 Referenced in post(s): Update: zipdump.py Version 0.0.13 zipdump_v0_0_14.zip (https) MD5: FB7D1A9F90E8453DF7F3154EC52AF4E7 SHA256: ADFF99677DB512A27EBDEBBAC77FA08FFF8B180EF620CB6F9725C06511FC38BF Referenced in post(s): Update: zipdump.py Version 0.0.14 zipdump_v0_0_15.zip (https) MD5: 148D49FC54477C12EBB620FDCEF61AA2 SHA256: DE6FE35FA281FAD9BBF8C56883212519E60FDF0BCAFB3AFBBF964E5C808CCA2D Referenced in post(s): Update: zipdump Version 0.0.15 zipdump_v0_0_16.zip (https) MD5: 616654BDAFFDA1DDE074E6D1A41E8A42 SHA256: F3B6D52BA32D6BA3836D0919F2BBC262F043EF6E26D173DD0965735D4F3B5598 Referenced in post(s): Update: zipdump.py Version 0.0.16 zipdump_v0_0_17.zip (https) MD5: E61843BC5B42F4129A4664CD0A5FF93C SHA256: 72C8AA31F143575E7F77027A7C186484E810F8E400285B6D3785C33C0408F4BF Referenced in post(s): Update: zipdump.py Version 0.0.17 zipdump_v0_0_18.zip (https) MD5: 34DC469E8CD4E5D3E9520517DEFED888 SHA256: 270B26217755D7ECBCB6D642FBB349856FAA1AE668DB37D8D106B37D062FADBB Referenced in post(s): Analyzing Malformed ZIP Files Update: zipdump.py Version 0.0.18 zipdump_v0_0_19.zip (https) MD5: 6DDE072811D4B44B15D0B8EE4E7B4C03 SHA256: EB38D57E63B12EFAC531B4F0BA866BF47CAEC7F64E0C3CCF4557476FFF1C6226 Referenced in post(s): Update: zipdump.py Version 0.0.19 zipdump_v0_0_20.zip (https) MD5: A0A826BB92805997ED3D9793C8B24385 SHA256: AC626299A6048FA4A7E8BE2993411870F77B4B89F647B6C4264E0CC22E180999 Referenced in post(s): Update: zipdump.py Version 0.0.20 zipdump_v0_0_21.zip (https) MD5: 9B2839C1028FA5D07F2E07FDB56306D9 SHA256: 48653BB2B3009241C4C536BF64D16A6DFDA4B66D6658EC6BCFA79647AE4D5FA8 Referenced in post(s): Update: zipdump.py Version 0.0.21 zipdump_v0_0_3.zip (https) MD5: 100E4B1E1E9F542EB244C9A0766C35FF SHA256: A5219D7C88FF78A8D7C93B9EEF19D085F9FA92944CAE492F293164213329988F Referenced in post(s): Major Update For zipdump.py zipdump_v0_0_4.zip (https) MD5: 64EE6575309654B6671554D0A4DA50E5 SHA256: C323C0580E95F87406A72A542A7FBF5DE39EBEF7CAFC970A7C428CA1E870F9CF Referenced in post(s): Update: zipdump.py Version 0.0.4 zipdump_v0_0_5.zip (https) MD5: 5F49895D3EA97A870ECB1E262A738A04 SHA256: E16CE5A426840D2804E5EF544CF334715F501D0892496D02B6C5000B18CE10BA Referenced in post(s): Update: zipdump.py Version 0.0.5 zipdump_v0_0_6.zip (https) MD5: B605DEABFC5458488B6487B1E9104085 SHA256: DDC2CE94D250CBDE62AD1EBE650654E4A50C51F97CADF412B16A553242819772 Referenced in post(s): Crack A ZIP Password, And Fly To Dubai … zipdump_v0_0_7.zip (https) MD5: 7B3D165B68B4E66D7EFCF54B25E08115 SHA256: DC794679CFDEA57AC532E11BC338F6823EECC26A36CB844B29EF15F93B6BA1C1 Referenced in post(s): Update: zipdump.py Version 0.0.7 zipdump_v0_0_8.zip (https) MD5: 51B971B57800D126B2067DC53303355A SHA256: 095EE6000E99B9193C830B8BA11139907CB9445FD7D94D81E3F97A8B458D5D16 Referenced in post(s): Update: zipdump.py Version 0.0.8 zipdump_v0_0_9.zip (https) MD5: 2700AF663980204075107164AA12750A SHA256: 5686F24373AF64E1F5D866C71B29A22CE97964EC563A2219681A6268CC9A1153 Referenced in post(s): Update: zipdump.py Version 0.0.9
ZIPEncryptFTP: Zip files, encrypt ZIP file, upload via FTP ZIPEncryptFTP_V1_2_1.zip (https) MD5: 8C11212F459BF9D540F53D1213BC1323 SHA256: 90BA06D33B09F1E0150830A243FDBB052D4AD24CAC5403847A39995DDD1F6929 Referenced in post(s): ZIPEncryptFTP ZIPEncryptFTP_V1_2_1_Source.zip (https) MD5: 75DC4992552A1A07F634A989D5E1436B SHA256: A575D77D96C089CDA54E9EC2054B200B6C50830206E2498D40D9A0333A60F52C Referenced in post(s): ZIPEncryptFTP
zoneidentifier: Manage Zone.Identifier ADS zoneidentifier_V0_0_1.zip (https) MD5: CB1EB21013C6124CB3C1320F6A12207F SHA256: E867AE693CB5EEA8CF0D252421E347B1309D7F36C9C6A427F7361CD5DD619839 Referenced in post(s): zoneidentifier.exe
Hi I saw you XLS its really impressive .
Comment by sanjay — Thursday 12 May 2011 @ 13:47
good day sir, I’m from the Philippines and running a small coin operated computer cafe. Players/user in my shop can now disable/stop the timer using your post here. https://blog.didierstevens.com/2012/05/01/update-taskmanager-xls-v0-1-3-killer-shellcode/. I was just worndering if you could show me how to restrict this from running. I know nothing about codes I’m just a small fellow who wants to earn money to support my family..
Thank you and have a good one..
Comment by reo — Tuesday 12 November 2013 @ 20:47
@reo You can restrict this by disabling Excel macros, or uninstalling Excel.
But that is not the root cause. The root cause is that a user in your cafe has the right to open the timer process. This is because a) users are running as local admin or b) the timer process is running with the account of the user.
So you should resolve a or b.
Comment by Didier Stevens — Thursday 14 November 2013 @ 0:15
[…] I finally compiled a list of the software I published. You can find it under My Software. […]
Pingback by My Software | Didier Stevens — Wednesday 26 February 2014 @ 21:33
[…] tools have a dedicated page, but even more tools have no dedicated page but a few blogposts. Check “My Software” list for the latest […]
Pingback by If You Have A Problem Running My Tools | Didier Stevens — Monday 20 July 2015 @ 0:00
Hi Didier.. this stuff is fantastic. Have you considered adding your tools to a “suite” that could be downloaded for those of us who want to keep all of your very handy stuff on-hand?
Comment by Chad — Thursday 6 August 2015 @ 8:21
@Chad I did, I call it Didier Stevens Suite https://blog.didierstevens.com/didier-stevens-suite/
Comment by Didier Stevens — Thursday 6 August 2015 @ 8:32
[…] I added a feature similar to “here files” to translate.py. It’s something I already did in xor-kpa.py. […]
Pingback by Update: translate.py Version 2.4.0 | Didier Stevens — Sunday 26 February 2017 @ 9:19
[…] very small update to re-search.py: I added a regular expression for strings to the […]
Pingback by Update: re-search.py Version 0.0.3 | Didier Stevens — Sunday 5 March 2017 @ 0:00
[…] I could convert this back to text with my tool hex-to-bin.py: […]
Pingback by Extracting “Stack Strings” from Shellcode | Didier Stevens — Saturday 20 April 2019 @ 0:00
Hi, I have a query related to msi files. As per my understanding, these are non-PE binary files so the security flags such as ASLR, DEP, SafeSEH should not be applicable. These files are not recognized by debuggers as well. But the tool “setdllcharacteristics” considers it as a supported format and parses the binary with flag status. So I consider this as a bug in the tool or else please correct me otherwise.
Comment by Ishan — Monday 24 June 2019 @ 10:21
MSI files are OLE files, you can analyze them with my oledump.py tool. By design, setdllcharacteristics does not check the file type it is passed as argument. Feel free to consider this a bug.
Comment by Didier Stevens — Monday 24 June 2019 @ 22:26
[…] new version of python-per-line.py, a utility to execute a Python expression for every line in its input text files(s), adds option […]
Pingback by Update: python-per-line.py Version 0.0.7 — Monday 20 April 2020 @ 2:13
[…] We call them “brown bags”.In this brown bag, I talk about the development of my free, open source tools. As an example, I explain how to make your own tool to analyze ISO files using my […]
Pingback by The Security Toolsmith (NVISO Brown Bag 2021) – Didier Stevens Videos — Sunday 25 April 2021 @ 9:56