Skip to content

riccio8/ThreatLab

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

497 Commits
.github
.github
 
 
lib
lib
 
 
shellcodes
shellcodes
 
 
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Offensive & Defensive Tools Repository

Golang CodeQL Advanced Build Status Version License: GPL v3

Overview

This repository includes a collection of tools, resources and libraries designed for offensive and defensive security operations, covering areas such as process and memory analysis, network security, vulnerability detection, and exploit development. It provides a versatile set of resources for researchers, cybersecurity professionals, and developers.

Directory Structure

  • lib/: Core libraries and DLLs for various security-related tasks.

    • Includes C++, Python, Go, and Assembly-based libraries for memory, network, and sandboxing functionalities.

  • shellcodes/: Pre-built shellcode examples for penetration testing and exploit development.

    • Contains scripts for reverse shells, directory hiding, and more.

  • src/: Main source files for various projects.

    • Mem/: Tools for memory analysis, hex viewers, ROP chain detection, and system calls management.
    • net/: Network-related utilities focusing on DOS/DDOS testing and network resilience.
    • processes/: Process monitoring and manipulation tools, including privilege escalation scripts and anti-debugging mechanisms.
    • resources/: That's a directory containing documents, videos and some other resources than may help u understanding deeply some args, for both beginners and advanced
    • rules/: YARA rules for malware detection, ransomware identification, keylogging detection, and other threat signatures.

Key Features

  • Process & Memory Analysis:
    Identify and analyze running processes, heap memory, and vulnerabilities in real-time.

  • Network Security Tools:
    Utilities designed to simulate and analyze various network threats like DOS and DDOS attacks.

  • Sandboxing:
    Isolated environments for malware testing and secure code execution.

  • Cross-Platform Capabilities:
    Primarily focused on Windows, with some support for Linux environments.

Technologies Used

  • Assembly: For low-level system manipulation.
  • C++: High-performance process and memory handling tools.
  • Golang: Lightweight and efficient network and process utilities.
  • Python: Scripting for process automation and vulnerability detection.
  • YARA: Advanced threat detection through rule-based signatures.

Disclaimer

⚠️ Disclaimer: All tools in this repository are intended for educational and legal security research purposes only. Misuse of these tools for malicious purposes is strictly prohibited. The author takes no responsibility for any illegal use.

Note: Continuous improvement is ongoing, especially for assembly-related tools!

About

Collection of tools for security purpouse

Topics

python golang security cpp network memo assembly processes cybersecurity net yara security-tools

Resources

Readme

License

GPL-3.0 license

Security policy

Security policy
Activity

Stars

6 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases 3

v0.3-binaries Latest
Jan 1, 2025
+ 2 releases

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages