This list is a work in progress (i.e. it will never be completely up-to-date). It will list all my published software with cross-referenced blogposts.

I try to update it monthly (last update 2020/07/31).

If you get errors running one of my programs, read this first.

If you can’t find one of my programs, read this first.

Applications:

amsiscan: Scan input with AmsiScanBuffer

AnalyzePESig: Analyze digital signature of PE file

apc-b: Send beacon frames with AirPcap

apc-channel: AirPcap channel hopper

apc-pr-log: AirPcap probe requests logger

Ariad: Tool (driver) to prevent inserted USB sticks from executing code

avr-teensy-pdf-dropper: WinAVR PoC to program Teensy to drop PDF file

base64dump: Extract base64 strings from file

BinaryTools: simple binary tools: reverse (reverses a file) and middle (extract sequence from file)

bpmtk: Basic Process Manipulation Tool Kit

BruteForceEnigma: C# program to bruteforce ENIGMA encoded text

byte-stats: Calculate byte statistics

CASToggle: Utility providing more control over .NET CAS enforcement

Challenger: Small program for simple reverse-engineering challenges

cipher-tool: tool to encode and decode with simple ciphers

cisco-calculate-ssh-fingerprint: Calculate the SSH fingerprint of a Cisco IOS device

ClipboardTransformer: Clipboard utility

cmd-dll: ReactOS cmd.exe transformed into a dll

count: count unique items

CounterHeapSpray: Process hardening tool, my PoC for Microsoft BlueHat Prize Contest

CreateCertGUI: Generate your own OpenSSL certificate

cut-bytes: Cut a section of bytes out of a file

decode-vbe: Decode VBE files

decompress_rtf: Tool to decompress compressed RTF

defuzzer: Generate the original file by combining fuzzed files.

disinformational-tweets: Python program to Tweet (obsolete)

disitool: Tool to work with Windows executables digital signatures

DumpStrings: 010 Editor Script to dump strings (integrated since version 4)

EICARgen: Program to generate an EICAR file (EICAR AV test file)

emldump: Analyze MIME files

EnforcePermanentDEP: Enable permanent DEP in the loading process (Windows XP)

extractscripts: Utility to check HTML file and generate a separate file for each script in the HTML file

file-magic: Essentialy a wrapper for file (libmagic)

file2vbscript: Embeds executable into vbscript script

FileGen: Command-line program to create test files of different lengths

FileScanner: Tool to scan files for patterns

find-file-in-file: Check if a file is embedded inside another file, even non-contiguous

format-bytes: This is essentialy a wrapper for the struct module

fuzzer: 010 Editor Script implementing a simple fuzzer

hash: This is essentialy a wrapper for the hashlib module

headtail: Output head and tail of input

HeapLocker: Process hardening tool, a bit like EMET, but open source

hex-to-bin: convert hexadecimal to binary

InstalledPrograms: List installed programs with Excel/VBA

InteractiveSieve: GUI tool to visualize and analyze logs, data, … by “sifting”

jpegdump: JPEG file analysis tool

js-1.5-mod: SpiderMonkey JavaScript interpreter modifications

js-1.7.0-mod: SpiderMonkey JavaScript interpreter modifications

js-unicode-escape: 010 Editor Script to convert bytes to a Unicode escape encoded string for JavaScript

js-unicode-unescape: 010 Editor Script to convert a Unicode escape encoded string to bytes

keihash: Calculate SSH Key Exchange Init (KEI) hash: KEIHash

ListModules: Analyze digital signature of all executables in processes

ListSharesSecurityWithWMI-VS2001: C# example for share security enumeration with WMI

LNKTemplate: 010 Editor Template for LNK file format

LoadDLLViaAppInit: DLL to load other DLLs via appinit registry key

LockIfNotHot: Automatically lock Windows computer when user walks away, requires IR thermometer

lookup-tools: IP-address and hosts lookup tools

LowerMyRights: Restricts the rights of an existing process

make-pdf: Set of Python programs to generate all kinds of PDF files

md5_authenticode: MD5 Authenticode collision PoC

MIFAREACR122: Python program to read and write 1K MIFARE RFID tags with ACR122 contactless reader/writer

MovingXORSelection: 010 Editor Script to perform a moving XOR of the current selection

msoffcrypto-crack: Crack MS Office document password

my-shellcode: My shellcode collection

MyEFSService: PoC for Malicious Cryptography blogpost

MySafeModeService: PoC for Playing with Safe Mode blogpost

NAFT: Network Appliance Forensic Toolkit

NetworkMashup: Network utilities (ping, DNS) written in Excel/VBA

NewPasswordStats: Password auditing password filter

nmap-xml-script-output: nmap xml script output parser

nocalcpoc: No calc PoC

nsrl: NSRL tool

numbers-to-hex: convert decimal numbers into hex numbers

numbers-to-string: convert numbers into a string

oledump: Analyze OLE files (Compound Binary Files)

OllyStepNSearch: Plugin for OllyDbg

password-history-analysis: Program to analyze password history

Paste: paste does the opposite of clip, read the clipboard and write it to stdout

pcap-rename: program to rename pcap files with a timestamp

pdf-parser: PDF analysis program

pdfid: PDF triage program

PDFTemplate: 010 Editor Template for PDF file format

pecheck: wrapper for pefile

peid-userdb-to-yara-rules: Convert PeID userdb to YARA rules

PFTemplate: 010 Editor Template for PF file format

psurveil: Photo Surveillance for N800

python-per-line: Program to evaluate a Python expression for each line in the provided text file(s)

re-search: Program to use Python’s re.findall on files

regedit-dll: ReactOS regedit.exe transformed into a dll

rtfdump: Analyze RTF files

RTStego: Rainbow table steganography

runasil: Launches program with a low integrity level

RunInsideLimitedJob: Start program and run it inside a limited job

SE_ASLR: Force ASLR on Windows Explorer Shell Extensions

search-and-replace-with-wildcards: 010 Editor Script for search and replace with wildcards

SelectMyParent: Launch a program and select its parent

SendtoCLI: GUI tool for CLI commands

setdllcharacteristics: Tool to set DEP, ASLR, … flags of a Windows executable

sets: Set operations on 2 files: union, intersection, subtraction, exclusive or

shellcode2vba: Convert shellcode to VBA

shellcode2vbscript: Convert shellcode to VBA

ShellCodeLibLoader: ShellCode With a C-Compiler

ShellCodeMemoryModule: Generates DLL-loading shellcode from memory

shift: 010 Editor Script to shift bytes in a file or selection

simple-shellcode-generator: Python program to generate 32-bit shellcode (assembler code)

simple_ip_stats: Process PCAP files to calculate IP data statistics

simple_tcp_stats: Process PCAP files to calculate TCP data statistics

SimpleEncoder: 010 Editor Script to encode current selection by shifting characters

split: Split a text file into X number of files (2 by default)

strings: Strings command in Python

Suspender: DLL that suspends its host process

TaskManager: Windows Task Manager written in Excel/VBA

TestIntegrityCheckFlag: Test program for Using DLLCHARACTERISTICS’ FORCE_INTEGRITY Flag blogpost

translate: Python script to perform bitwise operations on files (like XOR, ROL/ROR, …)

ultraedit_scripts: Collection of UltraEdit scripts

UndeletableSafebootKey: Tool to generate an undeletable Safeboot registry key

USBVirusScan: Launch a program, like an AV scanner, each time USB removable storage is plugged-in

UserAssist: Decode the UserAssist registry data

virtualwill: HTML program to store your will

VirusAlert: C# PoC program that monitors the event log for virus alerts and displays customized messages for the user

virustotal-search: Search VirusTotal for provided hashes

virustotal-submit: Submit files to VirusTotal for scanning

vs: Python program to take surveillance pictures from IP-cameras

what-is-new: Tool to monitor new items

whoami: Firefox addon to identify your profile

WMFTemplate: 010 Editor Template for WMF file format

wmi-sc: WMI script for Security Center data

wsrradial: wi-spy radial WiFi plotting tool

wsrtool: wi-spy wsr files tool

xmldump: This is essentially a wrapper for xml.etree.ElementTree

xor-kpa: XOR known-plaintext attack

XORSearch: Bruteforce a file for XOR, ROL, ROT, SHIFT, … encoding and search for a string

XORSelection: 010 Editor Script to encode current selection with XOR

XORStrings: Bruteforce a file for XOR, ROL, ROT, SHIFT, … encoding and dump strings

zipdump: ZIP dump utility

ZIPEncryptFTP: Zip files, encrypt ZIP file, upload via FTP

zoneidentifier: Manage Zone.Identifier ADS

amsiscan: Scan input with AmsiScanBuffer

amsiscan_V0_0_1.zip (https)

MD5: 47E50599E0CFAF1D27416E68394289A0

SHA256: 044E41D7F31D8333CB5295FD6E430933CA67F9AC37CD400D38189C96AE48544D

Referenced in post(s):

New Tool: amsiscan.py

AnalyzePESig: Analyze digital signature of PE file

AnalyzePESig_V0_0_0_1.zip (https)

MD5: 4BE29E4A5DE470C6040241FD069010C4

SHA256: FB83C6491690402273D42A3335777E77EA29328F5FE8503FF6F5EF62833D1FBC

Referenced in post(s):

Searching For That Adobe Cert

AnalyzePESig_V0_0_0_2.zip (https)

MD5: 738F97F76921FA2220368B3F4190F534

SHA256: E0D43E04AFD242307E3E6B675A650952D2605F45FE55F0B883ACF5B22BA32A01

Referenced in post(s):

Update: AnalyzePESig Version 0.0.0.2

AnalyzePESig_V0_0_0_3.zip (https)

MD5: C012D41535CC570F3C4947FDA9559489

SHA256: 3C26F3BEA2B20AA65F2384AC8B709AB7C0D9A51ED544987C9932994536884BD7

AnalyzePESig_V0_0_0_4.zip (https)

MD5: 3E90FFE0C9D42A16EB7903CE0C27B778

SHA256: 6953C838F9710E8ED0E28D7F062D89B0381BACB162C8C09D192E83BD745789B6

AnalyzePESig_V0_0_0_5.zip (https)

MD5: EC65D3F269445B7E876F232CE5C57A16

SHA256: 897EE65C741D2FEEF23C512FE43D9E477F9CAB0B338078703F8D860257D0C437

Referenced in post(s):

Authenticode Tools

apc-b: Send beacon frames with AirPcap

apc-b_v0_1_1.zip (https)

MD5: 9FC457B8CC646BEA2BC6E28AB8E43376

SHA256: 45B6F92362EBEC877F04D92C38E4362187410855DCB6C913771B055BDFC338F8

Referenced in post(s):

Quickpost: Sending WiFi Beacon Frames with an AirPcap Adapter

apc-b_v0_2_0.zip (https)

MD5: 849DE418A1F325B9DC133DBE2E7CC501

SHA256: C3F28DCEFE6FF747780E384E49BB4D373BC983518C592E1BB18E8455F78E7F95

Referenced in post(s):

_nomap, _nomap, _nomap, …

apc-channel: AirPcap channel hopper

apc-channel_v0_1.zip (https)

MD5: DB385401E39C0FB0C8278DE9D76E6A14

SHA256: 09E6A7DE54B339CA8EACBBD7A944214CA0FD466B93CFAA818B38D2AD30551C2B

Referenced in post(s):

Quickpost: WiFi Channel Hopping with an AirPcap Adapter

apc-channel_v0_2.zip (https)

MD5: 52169F5CB679E6C0DF1F8D47DA38F779

SHA256: 59F4BEE229F5EF5B7AF27BAF6AA972DCDC9E6A6007E8E468AE7BC7C3F1CB89DD

Referenced in post(s):

AirPcap Channel Hopping With Python

apc-pr-log: AirPcap probe requests logger

apc-pr-log_v0_1.zip (https)

MD5: 63C0F6F130DC186925BE1B9A66152455

SHA256: CC9D3EFE893BE6F6C263D248C695DFAB08548AE246E1772C2EBF220EB43F7277

Referenced in post(s):

Quickpost: WiFi Probe Request Logging with an AirPcap Adapter

Ariad: Tool (driver) to prevent inserted USB sticks from executing code

Ariad_V0_0_0_1.zip (https)

MD5: 31FC46BBE3216413848C146899F08C07

SHA256: ADA979C5F2D1FA414EF834191289CF819810131516E913DBCD82132E519A24D2

Ariad_V0_0_0_2.zip (https)

MD5: B828254F54132BD9C61D7EA0E4646983

SHA256: 98AB541AC1F392159A4428BC23C48153CE784FED0A44E950CC45D2DF14738708

Ariad_V0_0_0_7.zip (https)

MD5: A1F48BF9568A19E4344CE872A7B433DD

SHA256: 7CF8D0F47C44D4AF58C8B13B488189D2CFC63B47139C634FF06114C0C9DFD3DC

Ariad_V0_0_0_8.zip (https)

MD5: B8E46212CA56B7BD056BA30E84DF8596

SHA256: 99620D77B23C21BC1C020352C5E9CCC467A4C450E0C69AA6FFBCE7227063964C

Referenced in post(s):

Ariad

Ariad_V0_0_0_9.zip (https)

MD5: C41EFF12D1C454595C5F8B8EBB09DA69

SHA256: DC0F40BA397E19FDFED67E287E0CF24FB55314B9760477D3783D492043FFF698

Referenced in post(s):

Ariad

avr-teensy-pdf-dropper: WinAVR PoC to program Teensy to drop PDF file

avr-teensy-pdf-dropper_V0_0_0_1.zip (https)

MD5: EA14100A1BEDA4614D1AE9DE0F71B747

SHA256: 2C9A5DF1831B564D82548C72F1050737BCF17E5A25DCDC41D7FA4EA446A8FDED

Referenced in post(s):

Teensy PDF Dropper Part 2

base64dump: Extract base64 strings from file

base64dump_V0_0_1.zip (https)

MD5: 350C12F677E08030E0DD95339AC3604D

SHA256: 1F8156B43C8B52B7E5620B7A8CD19CFB48F42972E8625994603DDA47E07C9B35

Referenced in post(s):

base64dump.py Version 0.0.1

base64dump_V0_0_10.zip (https)

MD5: 6670ACD88FD384BA9172F2B98E72D0D4

SHA256: C080F2A5F60A8E9593AE789A69D233EFC86AEF9BD319C409229B3E518E15C725

Referenced in post(s):

Update: base64dump.py Version 0.0.10

base64dump_V0_0_11.zip (https)

MD5: BF9D9EB3E6D574633D7F85345213E3E8

SHA256: 2741F9C3FD7B0897A04F60C741D7125568C8355A82FCF0FD4BB80877EE7FB935

Referenced in post(s):

Update: base64dump.py Version 0.0.11

base64dump_V0_0_12.zip (https)

MD5: 834B0D2DB5915ECE1C2F016B9E8462D1

SHA256: 952A5009C945AF350DB0875E8F025E3B5D271FB54AC60BE7569CFBD949DD7B77

Referenced in post(s):

Update: base64dump.py Version 0.0.12

base64dump_V0_0_2.zip (https)

MD5: EE032FAB256D44B2907EAA716AD812C5

SHA256: 1E5801DD71C0FFA9CA90D2803B46275662E222D874E409FF31F83B21E6DEC080

Referenced in post(s):

Update: base64dump.py Version 0.0.2

base64dump_V0_0_3.zip (https)

MD5: CF214FDFE9B83E39DC8484C137050569

SHA256: 4F1B2764CCD40E0276FFC3F81E3C0B55E4C844D469C4E313A99FB13F0B5621C0

Referenced in post(s):

Update: base64dump.py Version 0.0.3

base64dump_V0_0_4.zip (https)

MD5: 5864B1AF997EBA6E5F6DD0C3B8ADBE56

SHA256: 1B01023A97361A9DBBB16B9D8851FFD757F03FA3964C0ED72067F9117F283992

Referenced in post(s):

Update: base64dump.py Version 0.0.4

base64dump_V0_0_5.zip (https)

MD5: 7AACFD3E34FEAAF41897F60FBC5279A3

SHA256: B4AB7B3A9D2947F08C6CC94F88CD825C9B2B63EE65AF7475E66BE9565EC4337A

Referenced in post(s):

Update: base64dump.py Version 0.0.5

base64dump_V0_0_6.zip (https)

MD5: CDC956FAFD7AC2A86C9CD40EC188C7FC

SHA256: BFBCFA51DDC47793C8CA397B261E036701543610F637CE8813BC5870FC4B2C2F

Referenced in post(s):

Update: base64dump.py Version 0.0.6

base64dump_V0_0_7.zip (https)

MD5: D37DE7CEFDA55ADD1822EADDD84D5FFB

SHA256: 5F676DF8B36172A1D7B29F03E2B0CCB026BB9A96DF8830FDB137E65CBB59DD63

Referenced in post(s):

Update; base64dump.py Version 0.0.7

base64dump_V0_0_8.zip (https)

MD5: 1B379A08FBC6E7686A89AF099699B076

SHA256: A81AE1AACCB168787CAF6355D582BB5096760893F5CB60E93E408A0475B4FDAC

Referenced in post(s):

Update: base64dump.py Version 0.0.8

base64dump_V0_0_9.zip (https)

MD5: 4CF9F57AD34CC728B05F1307219864BB

SHA256: 01264F82CEFB7B1D2DF51A8DB190840FE6C368C9C3D63566CF14CE4983F73D5A

Referenced in post(s):

Update: base64dump.py Version 0.0.9

BinaryTools: simple binary tools: reverse (reverses a file) and middle (extract sequence from file)

BinaryTools.zip (https)

MD5: 7A70F0E6A6F89550E0B65BE5611339F8

SHA256: 26A03D0B3E8CDE768976D006F1C187E5B0EF3BB51663403964BDEDF4C606E9CB

Referenced in post(s):

Binary Tools

bpmtk: Basic Process Manipulation Tool Kit

bpmtk_v0_1_1_1.zip (https)

MD5: E33F7F95B409E1A0B65766821F7E26F5

SHA256: 8C0E5A04B0F5909462505582873A34AAEA5B6DC8469D3784FEAE7E9FBD349EFA

bpmtk_v0_1_2_0.zip (https)

MD5: 6ABDF2E69F153E8C6282C2DD934735DF

SHA256: 9F3328AD39F318A7F61071EC0C9341C6228B02E9F91F035E6EA8769EF27D3A34

bpmtk_v0_1_3_0.zip (https)

MD5: ECC621E653BCC32694B56AEBDABE6140

SHA256: E39C04C3CF35B8642255CF03E4185490C0FB6A0AEDBD73551E2851A0E5E5069B

bpmtk_v0_1_4_0.zip (https)

MD5: 1BF31C6885326C3C7A1B37C42E9F9DFA

SHA256: 5DF5AFDB93F19974CCDCCEFADAE52A3277AAA31FC24DCAAE6259F9DB9DA865C1

bpmtk_V0_1_5_0.zip (https)

MD5: 3F24041EE1C5C681D3EB3E7481ABC776

SHA256: B08233F9EBC541676B0807FEA7075D324ACC7B1679B130AEE8556DFD797B5EC2

Referenced in post(s):

bpmtk: Injecting VBScript

bpmtk_V0_1_6_0.zip (https)

MD5: FD4DA1B404961E6DB45469A27A201F41

SHA256: 5667AD1D153C5F93E509042D94491654AB742C6880DFE10366CA44E8D7EFE0D1

Referenced in post(s):

Update: bpmtk with hook-createprocess.dll

BruteForceEnigma: C# program to bruteforce ENIGMA encoded text

BruteForceEnigma.zip (https)

MD5: A9FEBBABA207E7C3790D075FD3A3D22B

SHA256: DE15922575F3F5BC56F7528F7F8C7F33D70B3163A2B33B503CA8B7C3BC4492E8

Referenced in post(s):

Brute Forcing Enigma

byte-stats: Calculate byte statistics

byte-stats_V0_0_1.zip (https)

MD5: A884E999B58A54A1C2F83C8E592CD01B

SHA256: B9D55B02534F1B1C158CE9CB067F4E5B37E47FA2A6CA4677F0E29DD3A160731E

byte-stats_V0_0_2.zip (https)

MD5: E7225860207EB93F2F6C2A808C7FA720

SHA256: FD1D733B4DAC1B7FFAB5B6279619D8B97A76049C86C110DCFB5C3EDFA53F328D

byte-stats_V0_0_3.zip (https)

MD5: 4287A94EC56E0BF5A936C2A16DA7F2B4

SHA256: 310B15865B332FF62F2C70CE441D322491DB79BC5D1C8D8BBC9A7245005491B5

Referenced in post(s):

byte-stats.py

byte-stats_V0_0_4.zip (https)

MD5: B53CE5444618DCA78C46C7F72E356D8D

SHA256: 81EFED375FF666BFFDDB82D094ECE17074182F5016FE3BFA4D1CA33DE838754C

Referenced in post(s):

Update: byte_stats.py Version 0.0.4

byte-stats_V0_0_5.zip (https)

MD5: B79C6DF0964C9BA676D88E2085ACF037

SHA256: B9112274BD757FB3311883B0CF179ABDEC149C421EFEB335D70AF972495A5C20

Referenced in post(s):

Update: byte-stats.py Version 0.0.5

byte-stats_V0_0_6.zip (https)

MD5: CA729FF05E314A9CF5C348CB4A720F13

SHA256: 11E41F51EC9911741D71C8BC3278FA22AADBD865F2BF7BE4E73E82A7736A8FA8

Referenced in post(s):

Update: byte-stats.py Version 0.0.6

byte-stats_V0_0_7.zip (https)

MD5: 9991B5C5BEB3CB7989FE6DC30789EB49

SHA256: 82198195EA9C92832027CC8E2E3ABE161787551A06750E042096CF2DF0AC9384

Referenced in post(s):

Update: byte-stats.py Version 0.0.7

CASToggle: Utility providing more control over .NET CAS enforcement

CASToggle_V0_1_1_0.zip (https)

MD5: D565937B49DF96E6A8B88FEDCF15D82A

SHA256: 6DC6913136C74592C4833D1EEF5D70B4DA83AA9A111BC8DE6DDF16A709EF7E91

Referenced in post(s):

CASToggle

Challenger: Small program for simple reverse-engineering challenges

Challenger_V1_0_0.zip (https)

MD5: FC71CAA3F99CB6EE9094098D60B7E4C3

SHA256: 9CBE129AC7161B12FAE4A65078159350624703CB8A4604F63694322064A2962C

Referenced in post(s):

Challenger

cipher-tool: tool to encode and decode with simple ciphers

cipher-tool_V0_0_1.zip (https)

MD5: B7D44090A76F66D7194D0A0D890E2CEB

SHA256: 1E8E1F112595FC08C3C20A06D172C21DDE6375EC8651A8DE6EF57B938F3E67E8

Referenced in post(s):

Simple Ciphers: cipher-tool.py

cisco-calculate-ssh-fingerprint: Calculate the SSH fingerprint of a Cisco IOS device

cisco-calculate-ssh-fingerprint_V0_0_1.zip (https)

MD5: 5A6C3A2C466908EE7EFB06727E8D02B7

SHA256: 831CAF7BBF0F6C584436C42D9CEB252A089487B715ADBB81F9547EEB3ED6B0B8

Referenced in post(s):

Calculating a SSH Fingerprint From a (Cisco) Public Key

cisco-calculate-ssh-fingerprint_V0_0_2.zip (https)

MD5: C304299624F12341F9935263304F725B

SHA256: 2F2BF65E6903BE3D9ED99D06F0F38B599079CCE920222D55CC5C3D7350BD20FB

Referenced in post(s):

Update: Calculating a SSH Fingerprint From a (Cisco) Public Key

ClipboardTransformer: Clipboard utility

ClipboardTransformerBeta.zip (https)

MD5: FF653016801DA4D12F5BB852703E2D7D

SHA256: 2B9F54145F1396D7FEB259F987DA0315AB168F3FDA03EEEE5AF3BD046223AF7B

ClipboardTransformerBeta2.zip (https)

MD5: D52B3B1BF0D69F0376EA49CB1A6AC108

SHA256: 41392B9DD88B530B747CD9CC16CDC0AC724272B103D665F8BE65041C0AD86295

cmd-dll: ReactOS cmd.exe transformed into a dll

cmd-dll_v0_0_1.zip (https)

MD5: 4BC42E3744FA780C5C2442F7836B8287

SHA256: BC7656E52476387650E2894C6D3952807BED5D3BFCFCCC4516B44A60DBDB3563

Referenced in post(s):

cmd.dll

cmd-dll_v0_0_2.zip (https)

MD5: 9B3C1FA7EB7F7F8528D27CE2DD5C24B5

SHA256: 83D6397F4D75195C73394075522C1E7F5C96E1F3B5C4E70DAED34955C8B613C7

Referenced in post(s):

Excel with cmd.dll & regedit.dll

cmd-dll_v0_0_3.zip (https)

MD5: 88FB19DCB612F588CAF7508232F64DDE

SHA256: 111458061018D9133347D56CE9E58ADBC7CA167AD69E04F8036DFD5008ADEA99

cmd-dll_v0_0_4.zip (https)

MD5: D9D75A10F2C328B708303F9BD24B9AD3

SHA256: 952CFB833D4F22093D7DF837372239A1199C1738FFFFED76124AF8668F4D3877

Referenced in post(s):

Windows Backup Privilege: CMD.EXE

count: count unique items

count_v0_1_0.zip (https)

MD5: B96B5ECF9361D44D9366071C9C07FF86

SHA256: 102F346529F34C0EF932ADC3D3CF003ADBA2DFCD8BCE23DBF36425A555345DB5

count_v0_2_0.zip (https)

MD5: ACF1982045ABEF86FCDBA87A84F5F588

SHA256: 373DDA0B2C176624998B5907261477943F677855CCECCDD42D6BEB758F8E7B79

Referenced in post(s):

Update: count.py Version 0.2.0

CounterHeapSpray: Process hardening tool, my PoC for Microsoft BlueHat Prize Contest

CounterHeapSpray.zip (https)

MD5: 1947380F935AE0B1A8828DE79621F82F

SHA256: CA0BF635655EE05ABED117C858BC86ECDF3EBB4C39544D7D0C396D7C457F1BBC

Referenced in post(s):

My BlueHat Prize Entry: CounterHeapSpray

CreateCertGUI: Generate your own OpenSSL certificate

CreateCertGUI_source_V1_0_0_1.zip (https)

MD5: 790CA083407032434A8DA1FF8AC1E512

SHA256: B15BB8A3504EF56D1C6C84CA181FFB6E5A73956EC79757C62B87B520C136AA2D

Referenced in post(s):

Howto CreateCertGUI: Create Your Own Certificate On Windows (OpenSSL Library)

CreateCertGUI_V1_0_0_1.zip (https)

MD5: F5400736E7E38F30D35A02FEB6D99651

SHA256: 82D59AC494FEF1A8B219C591717359712C19E8845D02A457017045A9A4C3D989

Referenced in post(s):

Howto CreateCertGUI: Create Your Own Certificate On Windows (OpenSSL Library)

cut-bytes: Cut a section of bytes out of a file

cut-bytes_V0_0_1.zip (https)

MD5: 48CEBD6748E152CBF619EF10B58E8DFF

SHA256: E99BC09DA0F1310085ED1520D52FB188D06456D030BD05A941FCE2B5FE21A661

Referenced in post(s):

cut-bytes.py

cut-bytes_V0_0_10.zip (https)

MD5: C14F60F9843F4C2A40A05A52CBE16AB8

SHA256: AD3ADBF30B09DB77B17FEF62C40CDC138516FD24B077201D126D259D1953792B

Referenced in post(s):

Update: cut-bytes.py Version 0.0.10

cut-bytes_V0_0_11.zip (https)

MD5: 51F90BBBDE845DEC3EAB94FD30AFCF9B

SHA256: C805CBD23E09D80EB2AF39F8F940CC9188EF7F6B27197D018DA95093AC5D0932

Referenced in post(s):

Update: cut-bytes.py Version 0.0.11

cut-bytes_V0_0_2.zip (https)

MD5: B70F851CE74859B38AC3ABA9688593EB

SHA256: 1A0BD64334DA90B21888020B383004A18C3BAEE211D24AA91FF12719F8581AE9

Referenced in post(s):

Update: cut-bytes.py Version 0.0.2

cut-bytes_V0_0_3.zip (https)

MD5: 211B96F715FD6AB4696D6E58D6DA924D

SHA256: 9D5D38AF1375FFBDE705280F99758FF4C7D9751B81C46D80681740C43D6B94C6

Referenced in post(s):

Update: cut-bytes.py Version 0.0.3

cut-bytes_V0_0_4.zip (https)

MD5: A44D8BBE9BAB9309E732F8995CB5C7BB

SHA256: F95453DE1CC5855C320AB947D9AE354BE8E3ABFA52418C0CF623351A9DBF6344

Referenced in post(s):

Update: cut-bytes.py Version 0.0.4

cut-bytes_V0_0_5.zip (https)

MD5: B20B9758D50C846CD0E0AEB9E0B15101

SHA256: B12D1E1C510ED4CC820C5D2F62897DF71E567B0D3B23AC36653236D30104157F

Referenced in post(s):

Update: cut-bytes.py Version 0.0.5

cut-bytes_V0_0_6.zip (https)

MD5: 7F726219F6F601018B4BD39E9A407728

SHA256: BFD80EF00455CD938A05A18EAA33551ABEC6B0298A0AEE81052E6F5A12BB86F7

Referenced in post(s):

Update: cut-bytes.py Version 0.0.6

cut-bytes_V0_0_7.zip (https)

MD5: 95CF8E5D2BC2790B25101FC2BFF769FB

SHA256: F1112C96872D15C2CD3F6AF9828C7E39F5EB115D20FB62AAD1C1357D75E3485B

Referenced in post(s):

Update: cut-bytes.py Version 0.0.7

cut-bytes_V0_0_8.zip (https)

MD5: 1A69542E7E9D7348101B7E91884674B7

SHA256: 15BC253323FF162F26BEF784172A502383970E63514DF6B88A09952A19DAE826

Referenced in post(s):

Update: cut-bytes.py Version 0.0.8

cut-bytes_V0_0_9.zip (https)

MD5: 3D11868F238AF4369372CA083303716D

SHA256: AB3EA61B0F519AB99E659F73C263A0F4C2C9DB851314C49C5DA5A5F434E0CA4E

Referenced in post(s):

Update: cut-bytes.py Version 0.0.9

datapipe_V0_0_0_1.zip (https)

MD5: 5BF1594E8144B694431E7A7E3BDF33F7

SHA256: 57CD06EBFEC1C5C2661E44260A7304DFCDEEB2F54132E0627A474AF756AFA956

Referenced in post(s):

MVP – Promo – Datapipe.xls

decode-vbe: Decode VBE files

decode-vbe_V0_0_1.zip (https)

MD5: 87E61217BC77275DBACEA77B8EDF12B5

SHA256: 11A9B5D47657C123845007E3E29FB331CAE7483B6A4A3AC54276DB90116911B5

Referenced in post(s):

Decoding VBE

decode-vbe_V0_0_2.zip (https)

MD5: 35612087E2D62669E2690573FDE543F2

SHA256: 91A7465FE1F4D291751E6C5D88C51888C914B40C6F187709E33343FF121A116F

Referenced in post(s):

Update: decode-vbe.py Version 0.0.2

decompress_rtf: Tool to decompress compressed RTF

decompress_rtf_V0_0_1.zip (https)

MD5: 41127F62897479FB5135D36675C396F5

SHA256: 581F2E1B2B508C3941EC22040FB0C76999E5DF293C8AD0DC1FDE921D121F3A26

Referenced in post(s):

New tool: decompress_rtf.py

defuzzer: Generate the original file by combining fuzzed files.

defuzzer_v0_0_2.zip (https)

MD5: 75188EF950625B78937C3473D825C582

SHA256: 056AB8BA7F3B2B52F8C7BFC2959D7F1AE3FEAC4BE90C675B2DFF6B521225D93E

Referenced in post(s):

The Art Of Defuzzing

DemoDll_V0_0_0_1.zip (https)

MD5: 51ED8255B71097269BFF9B5ADBFDC392

SHA256: 599BA297705B15580A297C3F47429225C38EA9FAA4A8DF27BCE49C918964AD30

Referenced in post(s):

Quickpost: DllDemo

DemoResource_V_0_0_0_1.zip (https)

MD5: 9104DDC70264A9C2397258F292CC8FE4

SHA256: 722B3B52BAE6C675852A4AC728C08DBEEF4EC9C96F81229EF36E30FB54DC49DE

Referenced in post(s):

Quickpost: Compiling EXEs and Resources with MinGW on Kali

DidierStevensSuite.zip (https)

MD5: B45437747F5E2E8936202F970573F6AB

SHA256: 000F59229E4990BF1F16B48A275442026316D081B839A63DD9909336AA621E06

Referenced in post(s):

Didier Stevens Suite

disinformational-tweets: Python program to Tweet (obsolete)

disinformational-tweets_v0_0_1.zip (https)

MD5: 36CDB584634ED299E7ACE0D64E846003

SHA256: C5FCE76443549C3A8882B799B6F7A754EF6AEE5F11F3E94FF255EE541205C17B

Referenced in post(s):

Quickpost: Disinformational Tweets

disitool: Tool to work with Windows executables digital signatures

disitool.zip (https)

MD5: 896121FBECEF00C4DE84743A13D3E696

SHA256: AFB374E06760470D070022BD97C518808545435910CF13472398B1FA15E50B9C

disitool_v0_2.zip (https)

MD5: 4C7196F5AD581275B8B8CBC4930FF338

SHA256: 075CED9FDD633A6D0A11029107206F845AF055AFC3872E7D82801A1D83AED64F

disitool_v0_3.zip (https)

MD5: 08D1CA036DC905D8E42AB3016A1B7821

SHA256: AEF923F49E53C7C2194058F34A73B293D21448DEB7E2112819FC1B3B450347B8

Referenced in post(s):

Disitool

DumpStrings: 010 Editor Script to dump strings (integrated since version 4)

DumpStrings_V0_0_1.zip (https)

MD5: 50C0C92F28020E7BCABBF46CA8775CCE

SHA256: 7EC688DBB0FD95C828067662C9ED8BBCFFEFBE5EA37B607DC8DFA1BDCB94365C

Referenced in post(s):

DumpStrings.1sc

EICARgen: Program to generate an EICAR file (EICAR AV test file)

EICARgen_V1_1.zip (https)

MD5: EACBE699FFB0B9B56B6F2BCDBA810D6E

SHA256: 5D44B15BDE92679DF0C216D5890C7EE9345B8782D25B01324B27CACAC918EFB6

EICARgen_V2_0.zip (https)

MD5: D346A3725622F981DDA7221799EF08E8

SHA256: 2DF76319D8513B1AD70D327816D3C1028B261EF1E314243DCD0DEC14FF1FC7CE

Referenced in post(s):

EICARgen: An Arms Race

EICARgen_V2_1.zip (https)

MD5: CE65A30355B059C4A099BEC6837DF19C

SHA256: 58CF69C21FF948B77055952E2F1681467DDB100FF5D90CA268B7A701167FCD3D

Referenced in post(s):

EICARgen

emldump: Analyze MIME files

emldump_V0_0_1.zip (https)

MD5: F31810449FB83ACF687BB994270E71C8

SHA256: 83647569AEBF85337B86F30ED3C55A085268D6C3B575225FE695C7A130D9A0E7

emldump_V0_0_10.zip (https)

MD5: 34DBB3BCB1A2B04C45286C0583F11C07

SHA256: C5877E252DDB61B40BFFCC5403DB500E672DACFE96FAA7D1E0668246C5202DE5

Referenced in post(s):

Update: emldump.py Version 0.0.10

emldump_V0_0_2.zip (https)

MD5: 0EBFEC3A207B2629B702FF8D0F4F5406

SHA256: C1DC65DE5092C2F35C5EAE2E8CE38B531B8F28051195EE12B11ED8830C9B9896

emldump_V0_0_3.zip (https)

MD5: FB080006C2653F3A2AD6E889FC957D5F

SHA256: 0D55DE704BDE558B6E8E5F823C513F19F8A5FD5B2A97BB8BD5EBB5FAD18FA658

Referenced in post(s):

Release: emldump.py Version 0.0.3

emldump_V0_0_4.zip (https)

MD5: 79DF66048849439E6034F082606A37A1

SHA256: B4AFDE89B6F3B025595A6FD1ACC5F60498BF900D18E624F134F618115DAC0E08

Referenced in post(s):

Update: emldump.py Version 0.0.4

emldump_V0_0_5.zip (https)

MD5: 5FAEDF1459114306D57FEABEF3CDDEFD

SHA256: B3D08E1768E1211C44680DD502AC096A324FF209330657F4ABC0CD09B888254C

Referenced in post(s):

Update: emldump.py Version 0.0.5

emldump_V0_0_6.zip (https)

MD5: 682793840D895E473647F2A1F85A9867

SHA256: D76BADF2A332C3417BB7DD46B783CE90757DD76648D2313083982BFD74902C41

Referenced in post(s):

Update: emldump.py Version 0.0.6

emldump_V0_0_7.zip (https)

MD5: 819D4AF55F556B2AF08DCFB3F7A8C878

SHA256: D5C7C2A1DD3744CB0F50EEDFA727FF0487A32330FF5B7498349E4CB96E4AB284

Referenced in post(s):

More Obfuscated MIME Type Files

emldump_V0_0_8.zip (https)

MD5: B6FBAF2AB403AFE30F7C3D7CA166793B

SHA256: 7A7016B29F291C3D42B43D43B265DAD86B96DA519DB426163CC2D15C556896E3

Referenced in post(s):

Even More Obfuscated MIME Type Files

emldump_V0_0_9.zip (https)

MD5: 752A6F06290E2A35ACB4C564FA7D72C5

SHA256: 52CA4FB61B3B6FD9AECBA974AB73DCFA5D667086EBE7FDC84DE6F90E4DCC6853

Referenced in post(s):

Update: emldump.py Version 0.0.9

EnforcePermanentDEP: Enable permanent DEP in the loading process (Windows XP)

EnforcePermanentDEP_V0_0_0_1.zip (https)

MD5: B0A89B0CE8DC5BA2472B3D744D40E4A3

SHA256: 525BA6EF82BD2B0ABD30DAD0D676CE085A9FA6E0DE3E3A8A0ADD6DF050F5A635

Referenced in post(s):

EnforcePermanentDEP

extractscripts: Utility to check HTML file and generate a separate file for each script in the HTML file

extractscripts.zip (https)

MD5: D40AFBB62A304C20B0BF06DA70B6DBF4

SHA256: 23245B1999973E6D8619BCEDB9090CF94D7ECD3F0865B1F47402AD77B18CD356

Referenced in post(s):

ExtractScripts

file-magic: Essentialy a wrapper for file (libmagic)

file-magic_V0_0_2.zip (https)

MD5: EAE684E74731FF493D5EC5D243EB16B6

SHA256: 9B0E7B47CAED8F5627DEFCE19B737554BBF998EF380187D6DE4FC1C9572EC9ED

Referenced in post(s):

New Tool: file-magic.py

file-magic_V0_0_4.zip (https)

MD5: CCF170F09B1442D27AE6519A0BB0CBAB

SHA256: F240BAEE78C8AE4DB29724D8A8F2A5DEDEFE47570219D700FB3BB9A6707432BB

Referenced in post(s):

Update: file-magic.py Version 0.0.4

file2vbscript: Embeds executable into vbscript script

file2vbscript_v0_3.zip (https)

MD5: B6B364BE69F8B2A4D554E9196B3D5A6D

SHA256: 2091DDB9C4B9F0A7450DD7B9BF0731D4C9D38BD5B145C1B151FC2E508DEA0ADE

Referenced in post(s):

Quickpost: Embedding an Executable in a VBscript

FileGen: Command-line program to create test files of different lengths

FileGen_V1_0_0.zip (https)

MD5: 6AAAB254D4BB10AC6320C7106C04FA79

SHA256: D7BE1E64BAD8DE33EDAD6A218E0B8E4BC53E011E3B1175F05E384A63C4BF24D7

Referenced in post(s):

FileGen

FileScanner: Tool to scan files for patterns

FileScanner_V0_0_0_1.zip (https)

MD5: 9EE883A4E28A6D0649F6D7787BD76ED4

SHA256: 5AA71E6F4FED8E45A22B49FD9A0417933F7218AF9300FDEF24FEF696CF012F61

Referenced in post(s):

Introducing Filescanner.exe

FileScanner_V0_0_0_2.zip (https)

MD5: 9A89333C13DBB669A94226F57E5D919A

SHA256: 5F46312B06AE865957A36B95A4C2DDC41F20113B0E51B7F083A50929B38BD0F9

Referenced in post(s):

FileScanner.exe Part 2

FileScanner_V0_0_0_3.zip (https)

MD5: D9A7BA5874C10B10BF380D03E49C82A6

SHA256: C89FF7DBDB71A22E2A88C16ECD65E36619BD8EA39A77036404B6F4B1049D21E5

Referenced in post(s):

FileScanner.exe Part 4

FileScanner_V0_0_0_4.zip (https)

MD5: 4BB8F475328B9EB214E6B9405F84816E

SHA256: 5D3B1408C5D2BD17C0441D0D9D0DA565E8D690DE792971092956F4CA10D5A071

Referenced in post(s):

Update: FileScanner Version 0.0.0.4

find-file-in-file: Check if a file is embedded inside another file, even non-contiguous

find-file-in-file_v0_0_1.zip (https)

MD5: 2984F01404770B92953823D39907B055

SHA256: 1AD124A9A31DACFE1FC9F3B89B3117D3A70D5BC15B712CC1748BEA893612686C

Referenced in post(s):

Finding Contained Files

find-file-in-file_v0_0_3.zip (https)

MD5: 8691158700079C786F6905F0CA0F32BC

SHA256: 84506CED140F309503E723831A9EFB99A8CC213532BEB56E00BC4BA5FE235797

Referenced in post(s):

Update: find-file-in-file.py Version 0.0.3

find-file-in-file_v0_0_4.zip (https)

MD5: CD381616158BD233D94B368554B824C6

SHA256: FD5C4E3EC99371754E58B93D3D96CBA7A86C230C47FC9C27C9B871ED8BFB9149

Referenced in post(s):

Update: find-file-in-file.py Version 0.0.4

find-file-in-file_v0_0_5.zip (https)

MD5: 1463DBAB808BBE40AC7919BC9A77303D

SHA256: C269B1995B61F0EDE24E4E9C64D5DD64E79B5ED6DD2126E94AF52E15D90C427F

Referenced in post(s):

Update: find-file-in-file.py Version 0.0.5

format-bytes: This is essentialy a wrapper for the struct module

format-bytes_V0_0_10.zip (https)

MD5: 3349E2F8C84AE644C0AEFDA4410297C5

SHA256: F75C3A353E42D847264702B1F316A65657E6375EF979B8EF21B282D4676BE4C3

Referenced in post(s):

Update: format-bytes.py Version 0.0.10

format-bytes_V0_0_11.zip (https)

MD5: D73D5FA410F882F03176CF5FD3E0D90A

SHA256: 34B37CA4E45E4EF0F36F5460CAD429343C0AE993297C104AA8A29C2EE4E7904F

Referenced in post(s):

Update: format-bytes.py Version 0.0.11

format-bytes_V0_0_13.zip (https)

MD5: E7A7A344B3B8753553FC5B2E4084D8DA

SHA256: 1F22A1D784DCF1269FFD12E2C9467EE0FB93B0895CC24D04CBBD9696D50945DB

Referenced in post(s):

Update: format-bytes.py Version 0.0.13

format-bytes_V0_0_2.zip (https)

MD5: A859C5B5789246734647322CDEE38001

SHA256: 8FD7EEDB57ED257EAED67EAE30CF820C10B1845BC547EEC727268B46426E0F2D

format-bytes_V0_0_3.zip (https)

MD5: CFE426B605DEDA6E388C1F62D2655A31

SHA256: 227C3911A0D2B9D8E524B44D5B4F80EBAABD34810A11A9189B09ADFA5D2FB67A

Referenced in post(s):

New Tool: format-bytes.py

format-bytes_V0_0_4.zip (https)

MD5: EBCF854E9525D470171D7D8E99F836FD

SHA256: CEE2E5B71E1BE8E5D5C934ACCD10BC0FEE2B60DFB6FDB6472F1014CEC4E509EC

Referenced in post(s):

Update: format-bytes.py Version 0.0.4

format-bytes_V0_0_5.zip (https)

MD5: 3D92BCAF8E31BFBF6F4917B3AAB64AEF

SHA256: AD43756F69C8C2ABF0F5778BC466AD480630727FA7B03A6D4DEC80743549845A

Referenced in post(s):

Update: format-bytes Version 0.0.5

format-bytes_V0_0_6.zip (https)

MD5: D73C88AB15B8AE3B30BA2C5EBE8CC77E

SHA256: 3FB480B52F5BF535A54B66CABBD853666B3E306EFAE4BD9247B45255F223E0B6

Referenced in post(s):

Update: format-bytes.py Version 0.0.6

format-bytes_V0_0_7.zip (https)

MD5: 58D3380B48593B3497AD04ACB1719CF3

SHA256: 8E07C1462AE88416CF8D5218A70BCFAE34F89B284684BFD0AC6B943A39E3CA8E

Referenced in post(s):

Update: format-bytes.py Version 0.0.7

format-bytes_V0_0_8.zip (https)

MD5: 22F216C2304434A302B0904A9D4AF1FE

SHA256: A38D9B57DDB23543E2D462CD0AF51A4DCEDA1814CF9EAD315716D471EAACEF19

Referenced in post(s):

Update: format-bytes.py Version 0.0.8

format-bytes_V0_0_9.zip (https)

MD5: 2F97370D12A7DBB53EB8B30AA0A40463

SHA256: 87C9F3120673C0E92C9562EC2687B60AA93DAF612CE854939E48F6E902BFBBB4

Referenced in post(s):

Update: format-bytes.py Version 0.0.9

fuzzer: 010 Editor Script implementing a simple fuzzer

fuzzer_v0_0_1.zip (https)

MD5: E9B7114952E81A504C7CF3B06B99B5CF

SHA256: CF399EE2D86B6039236608F4FE882E579D7DCFED1DA980B4124ED06FD0C5807A

Referenced in post(s):

fuzzer.1sc

generate-hashcat-toggle-rules_v0_0_1.zip (https)

MD5: 170F54D69C8581B9379E11E14F31C39E

SHA256: 93AE3CC8123425CEBC85D6CA4DE1ED1DD14F492AB744368729FB38D24436B5D9

Referenced in post(s):

Tool To Generate Hashcat Toggle Rules

hash: This is essentialy a wrapper for the hashlib module

hash_V0_0_1.zip (https)

MD5: 8ECC05DEFBD4AB494A37DE02615A8FE1

SHA256: 07A1ED7FD00FB18B616540CB108AA1D2134B07CC509E11257E4E43FFF9A185C2

Referenced in post(s):

New Tool: hash.py

hash_V0_0_2.zip (https)

MD5: 7C9EF6D52793D6FFAAF4EB6FCEB934B4

SHA256: F768BCBE035ADF099C2AFA41CADB2ABD9514D54E6D361AF5610277B8A70D6B7D

Referenced in post(s):

Update: hash.py Version 0.0.2

hash_V0_0_3.zip (https)

MD5: CB4BCB40CA50ED23AC7E47510B308811

SHA256: 6C3C44C5B98C7C7415E332D15B6EA887CD54170DADDDC726B3544F1696F4E324

Referenced in post(s):

Update: hash.py Version 0.0.3

hash_V0_0_4.zip (https)

MD5: 6DAC25432338BEA40B9141A791B8A958

SHA256: D66BF64B91B1BCBA5EA99EA03439A12835C5427BB1C447E6B515F94D9F468137

Referenced in post(s):

“Here Files” and my Tools

hash_V0_0_5.zip (https)

MD5: 2A4D61F692D935E27E4BECA642F19D97

SHA256: 5DA5B59EBC6EB0FADEA868E631057BF14C29486405F75D8183C48FE4631B81A2

Referenced in post(s):

Update: hash.py version 0.0.5

Validating Your Downloads

hash_V0_0_6.zip (https)

MD5: DE0AC3F7809E55E1577EB049A5F34EDF

SHA256: D66FF1D5173E3DDAFC842087B9E4E8447C18EF0AA8C03E02A365E3F9028BA8D9

Referenced in post(s):

Update: hash.py Version 0.0.6

hash_V0_0_7.zip (https)

MD5: 9BE8A26F2940FA2FF5C3671B7BB6DC6F

SHA256: CFA2767F0FAA792F9B75344B2F15FF40267F3EDE77D221B0134F07FDB04E515B

Referenced in post(s):

Update: hash.py Version 0.0.7

hash_V0_0_8.zip (https)

MD5: 03F928332874447F6198A9FDE46E3AA7

SHA256: 80C493639CA7160D1455FABA38A2A04556240326D4BA78B8207CA8FF8B09E1B2

Referenced in post(s):

Update: hash.py Version 0.0.8

headtail: Output head and tail of input

headtail_V0_0_1.zip (https)

MD5: F5FD067F94411D22B939D753B803ACFE

SHA256: CBB66EA335299801A4D3D80A6A9BD686C56058B203ABB1BC6144B3A2E2370979

Referenced in post(s):

New Tool: headtail.py

HeapLocker: Process hardening tool, a bit like EMET, but open source

HeapLocker64_V0_0_1_0.zip (https)

MD5: F3D43A29CE64F9418AA154C66B0B06A4

SHA256: 7EFF1D9EA20B522D76034DC4CB66E2FD7AC43E585987FC9ABF7EF8EB801FBC6C

Referenced in post(s):

HeapLocker

HeapLocker 64-bit

HeapLocker_V0_0_0_1.zip (https)

MD5: EE0ED3FC2C9A5A3497A7286BFB476978

SHA256: C2B7F0BB8F1D1EDCCFCFE612412B40A12B89F4BE888BB50F872E04FD2F9BBA5F

HeapLocker_V0_0_0_2.zip (https)

MD5: 66204745155E8F75B9A152F2E8D416EB

SHA256: A334957AC8707DFC947C6B70F8F3D7337902969CFF3D6099597B3CB31BC3D4A8

HeapLocker_V0_0_0_3.zip (https)

MD5: F4F9AD7139C4D7FB3B0B149FA5961A56

SHA256: 7DD72256EE9C189A234234FD7758E9251F813FF253E0387C9D8188D8155FDDA4

Referenced in post(s):

HeapLocker

hex-to-bin: convert hexadecimal to binary

hex-to-bin_V0_0_1.zip (https)

MD5: 18FC870888B333D8B081CE3E31428A1B

SHA256: 17B4257C6951C792FFE64EDDDFF20674AD07DE2699EF066BDF7A548DA09E6592

Referenced in post(s):

BlackEnergy .XLS Dropper

hex-to-bin_V0_0_2.zip (https)

MD5: 4F415E4117EC497C52E244A7087E36B9

SHA256: D283C312CC169419BC16D9199F5EC850D5D7565B9FDB272CA5236F97EDAD22C3

Referenced in post(s):

Update: hex-to-bin.py Version 0.0.2

hex-to-bin_V0_0_3.zip (https)

MD5: 0F87942CC9EF566D4C3B5A34073D5399

SHA256: 02447247C59F530CD6559B0FB287E314AC3AB807D843729CA9CE3F16D0930CAB

Referenced in post(s):

Update: hex-to-bin.py Version 0.0.3

hex-to-bin_V0_0_4.zip (https)

MD5: CBD3D27A2BC703F51FB23F757084BBE1

SHA256: CD70D7644BB353C64DD37AA0717B14967176A1A5E35E5DC6AE163D929BE13AAD

Referenced in post(s):

Update: hex-to-bin.py Version 0.0.4

hex-to-bin_V0_0_5.zip (https)

MD5: 6247279785AB80F4B0A91E0316D8695C

SHA256: C55246D653F1804DFB2C2EBEC0471AF42A89E9F080DCC87DC673BC9FEAD1949D

Referenced in post(s):

Update: hex-to-bin.py Version 0.0.5

InstalledPrograms: List installed programs with Excel/VBA

InstalledPrograms_V0_0_1.zip (https)

MD5: 0BF27B9D4B6316381E0AADC1777B7F8F

SHA256: 60AF8234BD10E12221CAD3D2544222819CB0CC0834E339084590860F30E0D580

Referenced in post(s):

InstalledPrograms.xls

InstalledPrograms_V0_0_2.zip (https)

MD5: 383D9EC2B520E930A8484F1BD0B99534

SHA256: B174A5A9A366799B5C7CB99D6FD83643E5AE8155FBC52ADCEDA836FFF9281766

Referenced in post(s):

Update: InstalledPrograms.xls V0.0.2

InteractiveSieve: GUI tool to visualize and analyze logs, data, … by “sifting”

InteractiveSieve_V_0_6_0.zip (https)

MD5: 37DDEA0A289AB7E6F826A7BDF46B5C81

SHA256: 2AA5F24A3432C4D16837A7B9BA818D19C54C6047745A9B3E1DE30B51BE9B2AC5

InteractiveSieve_V_0_7_2_1.zip (https)

MD5: 0312B5884B59619AFD2BD8C2A087E333

SHA256: 79DF1AF0020B0A8174F1A745EFBC922509990CE643703E69FFDA96FA4ACD3D78

InteractiveSieve_V_0_7_3_0.zip (https)

MD5: F36B245584DE143A15F484AA6220D67F

SHA256: AE0804EA739AEDC5FA32B7F6FD99AB99A35F7742B98953A653E0C24725E0FE6F

Referenced in post(s):

InteractiveSieve

InteractiveSieve_V_0_7_5_0.zip (https)

MD5: F9E3D74F4BE3C140FA415C6E525A5346

SHA256: 1981665BEF13E52A03A53AD4755891D25AE6A3D8D986666107D295CE8AE31C02

InteractiveSieve_V_0_7_6_0.zip (https)

MD5: 37C18D2E41CB311442E033F253818057

SHA256: 5758289A939388FDB73617DAD686EBD2B79D1E48444A772946E7606DAF49DB05

Referenced in post(s):

Update: InteractiveSieve 0.7.6

InteractiveSieve_V_0_9_1_0.zip (https)

MD5: C8B5B3E768FB62B7508F055122453594

SHA256: 063A83D9DBA900C8B245532D510E822A305B258C9A3DD05F19F4F0ED2753B6E1

Referenced in post(s):

Update: InteractiveSieve 0.9.1

jpegdump: JPEG file analysis tool

jpegdump_V0_0_1.zip (https)

MD5: 8266BD2E8190AD8FBD727AC3B5C30758

SHA256: 68EE75A22C2EC27569AB40358EB1CE0CFF4EBBD8C3A70F497602681A7E1F669D

jpegdump_V0_0_3.zip (https)

MD5: 929F3EC096AEBEC642C44C6A6EE2895E

SHA256: C5C1CA151C7E24FB6E305E5116BE7B6BC4C417810217249D3831BE5805BBAA9F

Referenced in post(s):

New Tool: jpegdump.py

jpegdump_V0_0_4.zip (https)

MD5: 496B6F2B0C0EEF919F7C6E20B9C1ADF6

SHA256: 5D150AE050610B6DB11FBE8B44E385A80800971AF1810F67531BB17A1373C770

Referenced in post(s):

Update: jpegdump.py Version 0.0.4

jpegdump_V0_0_5.zip (https)

MD5: D7157E7FDEEA4257220F60E0081EE138

SHA256: D6940A82CDECEB9D1FB27561E7B748837D666568FC857AEB6680E135D08E897C

Referenced in post(s):

Update: jpegdump.py Version 0.0.5

jpegdump_V0_0_6.zip (https)

MD5: 14FFB9016A9181DB3A59370B2E0DAFF2

SHA256: 13B610A9BDE68CDB64E482AADBC522DDAABD6F6D746AA032C6FEDDAF6BF4169B

Referenced in post(s):

Update: jpegdump.py Version 0.0.6

jpegdump_V0_0_7.zip (https)

MD5: DF600AAADD1E6335CB1DC5FEF895B2AE

SHA256: 123CDBACA0533BE975751F935EA9C6CEF75B7F8E67CC0FBAD36F8C66DD9354D8

Referenced in post(s):

Update: jpegdump.py Version 0.0.7

js-1.5-mod: SpiderMonkey JavaScript interpreter modifications

js-1.5-mod-0.3.tar.gz (https)

MD5: 59D7C7F67903A00AFC97C9BEDD7E1F54

SHA256: B1B51F3FD357635AD6BE90D183416DAA7783972F9BAF15E36B0A5B9BF748A570

js-1.7.0-mod: SpiderMonkey JavaScript interpreter modifications

js-1.7.0-mod-b.zip (https)

MD5: 85B369B5650D4C041D21E8574CF09B9A

SHA256: D3827DF7B2EA81EEE91181B2DE045320E1CFEC46EED33F7CD84CA63C3A36BC38

Referenced in post(s):

Update: SpiderMonkey

js-1.7.0-mod-c.zip (https)

MD5: B14B522E81366D6AAF3B7EB235B62707

SHA256: 2CCB2F57DF706A8EE689C54B18A0EA7BB052EF08BA233F1319119825DB32927B

Referenced in post(s):

SpiderMonkey

Update: Patched SpiderMonkey

js-1.7.0-mod.tar.gz (https)

MD5: A64B079FAEFD6BA23CAC3FCC7EF41AC7

SHA256: 74DD063F13647505ABB11FA3D1A5D44DA35A3F73F18FE973F93FBA5E349B8BA9

js-unicode-escape: 010 Editor Script to convert bytes to a Unicode escape encoded string for JavaScript

js-unicode-escape_v0_0_3.zip (https)

MD5: B86B7E73D93C5A4C086384C2FF89303C

SHA256: 81F26C328FD67FB7512CD60485481D7FFD8B7FE5ACE95455D45F4F635EADF81C

Referenced in post(s):

js-unicode-escape.1sc

js-unicode-unescape: 010 Editor Script to convert a Unicode escape encoded string to bytes

js-unicode-unescape_v0_0_1.zip (https)

MD5: E4FF29FB631142AC995636EED4CFB2AB

SHA256: C5659BCED1C6A7F92C2F7F9058DAA5807D2907283041E4F9DD1E4B6F318F2BBD

Referenced in post(s):

js-unicode-unescape.1sc

js-unicode-unescape_v0_0_2.zip (https)

MD5: 6200C4F235CA527E8C0DCD5076CB1C09

SHA256: 2CACC9EE1BB1D1BC4C9FABC6EC3B3440CFF304AA560966B0B531279C369549BB

Referenced in post(s):

Update: js-unicode-unescape.1sc

keihash: Calculate SSH Key Exchange Init (KEI) hash: KEIHash

keihash_V0_0_1.zip (https)

MD5: 674D019A739679D9659D2D512A60BDD8

SHA256: DB7471F1253E3AEA6BFD0BA38C154AF3E1D1967F13980AC3F42BB61BBB750490

Referenced in post(s):

KEIHash: Fingerprinting SSH

ListModules: Analyze digital signature of all executables in processes

ListModules_V0_0_0_1.zip (https)

MD5: 56D6BD9479915E6FF1C29A9D9F8F7950

SHA256: 43DFAD3F18C2F317E283BCDD453311BB17F6216C6748C25D102778DF63021069

Referenced in post(s):

ListModules V0.0.0.1

ListModules_V0_0_0_2.zip (https)

MD5: F1FDFAA37D23E3B61E2E1F018C1D2B83

SHA256: F0AE681AB70281920B219B6733A2F0D7BC8AE959621DC3107B49F1EED4A1E523

ListModules_V0_0_0_3.zip (https)

MD5: 872C03B1C3FACBA81B79BE3884466EC5

SHA256: FFFEC015E6F5916EEF018A5ABFDBB8FE45614DC8EDB23123523D3BBF9DD1C558

ListModules_V0_0_0_4.zip (https)

MD5: 36D05A56C06493A3EB1BAD6F9F5BB2E5

SHA256: FDB262E043F86EA4F147D50B2DD48707C63E0751B655AB3AF9577C1E54017CE6

Referenced in post(s):

Authenticode Tools

ListSharesSecurityWithWMI-VS2001: C# example for share security enumeration with WMI

ListSharesSecurityWithWMI-VS2001.zip (https)

MD5: A27793BB9C3F19AFB25F1F64CEBE5C94

SHA256: 10FF939F3B73BDF383EA330B89B5B3BD794FD78EA66DEE564C94380F1A9E7E5D

Referenced in post(s):

Programs

LNKTemplate: 010 Editor Template for LNK file format

LNKTemplate.zip (https)

MD5: CD7C486DBB9A1CA48D0A3CD67492B404

SHA256: EDECFE72280DB904969C599E313CB6DD93BB37A0B55B5786014DEC1BC1B61738

Referenced in post(s):

Quickpost: 2 .LNK Tools

Quickpost: .LNK Template Update

LoadDLLViaAppInit: DLL to load other DLLs via appinit registry key

LoadDLLViaAppInit64_V0_0_0_1.zip (https)

MD5: 94C38717690CE849976883FFE4B22CA1

SHA256: 447C8F61A6398CBE6BD5E681FCE28C55D426D4E4EA49BBE367AE5B334B073A55

Referenced in post(s):

LoadDLLViaAppInit 64-bit

LoadDLLViaAppInit_FI.zip (https)

MD5: 2867B6AADF6C9FFA224D2D6A0153AD91

SHA256: E732451401B37087FAC619BD500E370FE3C21FB764F2E2E99C76EDBADEC86204

Referenced in post(s):

LoadDLLViaAppInit with FORCE_INTEGRITY

LoadDLLViaAppInit_V0_0_0_1.zip (https)

MD5: 60B93BAF4B0F973C3EC920F2F4A180E8

SHA256: 3B528A3BAF593A2740D5655CF18BC0932801D4DF1750DE8F9C8229C0FF51E8BE

Referenced in post(s):

LoadDLLViaAppInit

LoadDLLViaAppInit_V0_0_0_2.zip (https)

MD5: F458DAEAB1A3E68870EE0608E2A1FFFC

SHA256: 9C8BA52A68893F33E0019CC64264C24A7EEC09C5D0DAE6F43C110ACFD45E621F

Referenced in post(s):

Update: LoadDLLViaAppInit

LockIfNotHot: Automatically lock Windows computer when user walks away, requires IR thermometer

LockIfNotHot_V0_0_1.zip (https)

MD5: 188BE76E0A5BCCA26A8736F8F0C4061C

SHA256: CA915265D3B224DF3AA95E5C59B7C0E7EDF239DF50FC1C03F2C991A8B1800AD2

Referenced in post(s):

LockIfNotHot

lookup-tools: IP-address and hosts lookup tools

lookup-tools_V0_0_1.zip (https)

MD5: EB9C5BEF25EC5ED0F44297AA8A04679E

SHA256: 755E98BA0BC09C31E58ED4BF7B08CD42467BBF9B129C77DD6D558FD6B6E27124

Referenced in post(s):

Looking Up Hosts and IP Addresses: Yet Another Tool

lookup-tools_V0_0_2.zip (https)

MD5: 310904722F900FA34C567FC38634124E

SHA256: 85626574A99BF4D2AB786D8C2FF5B8F6649F1FC7410F1786A24EF0201AAF64AA

Referenced in post(s):

Update: Lookup Tools

LowerMyRights: Restricts the rights of an existing process

LowerMyRights_V0_0_0_3.zip (https)

MD5: FF937173AB1CD2C7A9DF050D7ADF0696

SHA256: 9AA83F24031029F60862CAAE477B02DF0C0887BD6E9078A1E186FEF6DF873253

Referenced in post(s):

LowerMyRights

make-pdf: Set of Python programs to generate all kinds of PDF files

make-pdf-jbig2_V_0_0_1.zip (https)

MD5: 334D59CE634914CA89661A6DE03CE78C

SHA256: 153AFCA0E5269477772D920DF230DB9ED1CDC9715F0FDF4A9572A679B24BD116

Referenced in post(s):

Quickpost: /JBIG2Decode Essentials

make-pdf_V0_1_0.zip (https)

MD5: 7682A66DCD0C3AF1D4A2AFA30D44AA8C

SHA256: 7E92B7EE4A3EE2FCFCAF0AC1398381E4F649A6E7C899351721D78D37D6018AA0

make-pdf_V0_1_1.zip (https)

MD5: 9AF2E343B78553021C989E8E22355531

SHA256: C604679ABEB0469C1463159E02E74F12487B2755A6096B416A8F4F638DEB8AA9

make-pdf_V0_1_2.zip (https)

MD5: 305D57692C27DD3CD91D8C85A3932948

SHA256: A030BBCB8B54137D8047A4CB5C350725599383A4B113CABBA8871AC221378C5B

Referenced in post(s):

Embedding and Hiding Files in PDF Documents

make-pdf_V0_1_4.zip (https)

MD5: D2630ABDE44DFFDD5640AEF391CE591D

SHA256: 11578A938F9FFCC16456519375AF8817C1F8F0D9C41C68BBF78882BFB36B8058

make-pdf_V0_1_5.zip (https)

MD5: A6B9C9C411EDE77B95541505DC713051

SHA256: FCA43E7A47248CAB0E7E553ACE293E3D669F6F553C4C53CEE53494FF8B0D91FC

make-pdf_V0_1_6.zip (https)

MD5: 85DA11252AD5990A1F5514BCD5D4501B

SHA256: EE23A178727C8505A864083EBA8B5464CC897D80FB8EE60D4C47B29810A056A1

make-pdf_V0_1_7.zip (https)

MD5: 73DBC0CEC9A425DE3317EB48B9A7EA81

SHA256: DCEA54C2C260152A01278C6262D82255B5944ED616663B83DC158F74F27F509E

Referenced in post(s):

PDF Tools

md5_authenticode: MD5 Authenticode collision PoC

md5_authenticode.zip (https)

MD5: 332078ECB5609A09F6412450EB41CAA8

SHA256: 72E54C3F052D7E8C7414F524CD40541244BB57D1F346477CFAFC037F42DA50AA

Referenced in post(s):

Playing With Authenticode and MD5 Collisions

MIFAREACR122: Python program to read and write 1K MIFARE RFID tags with ACR122 contactless reader/writer

MIFAREACR122_V0_0_1.zip (https)

MD5: 368BE885EF3BA0E8CBDA25F8EC022833

SHA256: D721EC111C2FC7D4A9CD0A1ED4DCF29554C68E56C6F4DA789A4228715A32D732

Referenced in post(s):

Shellcode On a MIFARE RFID Tag

MovingXORSelection: 010 Editor Script to perform a moving XOR of the current selection

MovingXORSelection_V1_0.zip (https)

MD5: C0B069044E0CA64856B74DE03250F837

SHA256: CE4D0F139728DBCD7F3B817BB3B610FFAA893B3B5BDF73715345EE170166F36C

Referenced in post(s):

MovingXORSelection.1sc

msoffcrypto-crack: Crack MS Office document password

msoffcrypto-crack_V0_0_1.zip (https)

MD5: F67060E0DE62727A1A69D0FD6F39013A

SHA256: 1466B94B56595BA0B91F0A2606F699E1D737E964F3F1A4DFDF7EAA47843DD063

Referenced in post(s):

New Tool: msoffcrypto-crack.py

msoffcrypto-crack_V0_0_2.zip (https)

MD5: 010B7FA68FCF9CE84427815EFDFE1C42

SHA256: 6B368E40EEE8A907D444A49963B37F456A3645991201CE06F0E46A0F2E188A74

Referenced in post(s):

Update: msoffcrypto-crack.py Version 0.0.2

msoffcrypto-crack_V0_0_3.zip (https)

MD5: 45BAB81D744DA62182EC58A8F2E05BFE

SHA256: CF9DE02C72C07C07786BE09551CD17F6DBB83BCEF2A1C5435E06A695D7C6770E

Referenced in post(s):

Update: msoffcrypto-crack.py Version 0.0.3

msoffcrypto-crack_V0_0_4.zip (https)

MD5: D3D7A0475FF1C9AAB7BE773514784465

SHA256: 4A27E0FF50863A925FEE55B8F7D16AD29C2DF5E4611F9493DAEEBA89B5F3DBA9

Referenced in post(s):

Update: msoffcrypto-crack.py Version 0.0.4

msoffcrypto-crack_V0_0_5.zip (https)

MD5: 1514DA367DCFF7051AB117266CE65BD3

SHA256: FEEFDD89134083EA19936494C8FCBD05804B3B9C0D4C5FBAFE06578D466B50AE

Referenced in post(s):

Update: msoffcrypto-crack.py Version 0.0.5

my-shellcode: My shellcode collection

my-shellcode_v0_0_1.zip (https)

MD5: F215B29BA3C8F24CFBA5C24BED65B68A

SHA256: EA1DB8028954CEB18B8AD2EB37CA6BA0CD7CDC6B9A64F10561382152701C013F

Referenced in post(s):

MessageBox Shellcode

my-shellcode_v0_0_2.zip (https)

MD5: 324AC5DABA30198C66B58B234D4D8E80

SHA256: E947C6B3087008BFC6B327A8066D29DC4F0D3753032775A3A1B602436FF3EE0E

my-shellcode_v0_0_3.zip (https)

MD5: 914FB82B15D84108E023714DFF5B8658

SHA256: B72BD9DAAAD37100A6C011752E305FDDFED0F9C5ABB27EF1F19F24D05CB2C939

my-shellcode_v0_0_4.zip (https)

MD5: 79A46202171D558876F41E2A9352B301

SHA256: D7D3A06BC82CE5FA5082FAA2AB266F971A5C4DDEA06645B119975EDC100730A3

my-shellcode_v0_0_5.zip (https)

MD5: CFF4F0FB67C5ECCCB7EE5F3C35FB0578

SHA256: B0E444A16719B0196C4038B398DF0333D29B202283E523B1CF3D4267ECD4D0BB

my-shellcode_v0_0_6.zip (https)

MD5: B6BC3081E1D2CA823AC4F814FD972E6B

SHA256: 414E2A933DB6C6B7F3605834F18F52DC7F39113AC7F7120EBF91F2C30B749A1F

my-shellcode_v0_0_7.zip (https)

MD5: E3D7866D59506696C3CEDE97FA742997

SHA256: C575FC6128ED65F83C19B2E5E6AC5554B8C1D27F27EA16E5CDC147927AD2AF76

my-shellcode_v0_0_8.zip (https)

MD5: 456F014F88A759B0A5CD15DC2C9F4BBD

SHA256: B924200D2F4674F9BC25AAB2C43397647E3F97AF27CBB394CBECCFBF2789D507

Referenced in post(s):

Shellcode

MyEFSService: PoC for Malicious Cryptography blogpost

MyEFSService.zip (https)

MD5: 457B7A671AC28C533BD3B6A62FD1DF13

SHA256: 2F2D9BDA5C00E7DA3619AD86EAA6B2DC302447FBDA67399263FA2A7F71281E46

Referenced in post(s):

Malicious Cryptography

MySafeModeService: PoC for Playing with Safe Mode blogpost

MySafeModeService.c (https)

MD5: 6A9EC31F58B803EDA6032BD5D3EB6996

SHA256: FDF45508EDC33896BB8C723492B82246AA75B5391FECF1B8ED9F5D4247739395

Referenced in post(s):

Playing with Safe Mode

NAFT: Network Appliance Forensic Toolkit

NAFT_V0_0_5.zip (https)

MD5: DDA7D6B34DD55895F144DD2E39A96455

SHA256: A8C08580447AB5F5DAD105BFF70E3CE8DC397DA81A08C2B344DE073D4B5296C0

NAFT_V0_0_6.zip (https)

MD5: 58FE5A59084B30843C44D0DF9A753B53

SHA256: 3970EE86A1747B22BE7427DD97D21398DCF3A32DBD22F11E58B5DDB10C55D362

NAFT_V0_0_7.zip (https)

MD5: 247DD8703F1AB1AEF0764367706EEA19

SHA256: 0CAAD5C024E16664F5EC36CDDB19F57D2EEA402DAFB72A259F1542C99D4CC11D

NAFT_V0_0_9.zip (https)

MD5: FEBBDB892D631275A95A0FEA59F8519F

SHA256: 95F42F109623F2BA6D8A9FFB013CBB0B5E995F02E5EB35F8E83A62B8CA8B86D0

Referenced in post(s):

Network Appliance Forensic Toolkit

Update: NAFT Version 0.0.9

NetworkMashup: Network utilities (ping, DNS) written in Excel/VBA

NetworkMashup_V0_0_1.zip (https)

MD5: AE0CD3879483930B82500FA40D6ECF20

SHA256: B46C670B7677BD08DCFC8AF5E8C16881836A8BD29CC3F574F1CB4011828BDB39

NetworkMashup_V0_0_2.zip (https)

MD5: D6393F7A77517177DAE708019393E4FF

SHA256: 91983017EB2C069D6EE36EF7F0CE4043C3BA7E5CB7C46D86AE8C323D7EB27B81

Referenced in post(s):

Quickpost: NetworkMashup.xls

NewPasswordStats: Password auditing password filter

NewPasswordStats_V0_0_0_1.zip (https)

MD5: FAF362F49C7B3FA8CCE7AF600B6D91A8

SHA256: 3D9BBD195F55FBB8F6CE523B3E7BE95A531725570336C55911EE0F312FE95A4D

Referenced in post(s):

Password Auditing With a Password Filter

nmap-xml-script-output: nmap xml script output parser

nmap-xml-script-output_V0_0_1.zip (https)

MD5: 772B6371C1F5E27E68D9BF14955A02D4

SHA256: C86E42E7FA8EFA42C60062759E69DC8DE7F017D9113CF304D9515ACA59815790

Referenced in post(s):

nmap Grepable Script Output – Heartbleed

nocalcpoc: No calc PoC

nocalcpoc_V0_0_0_1.zip (https)

MD5: 05798543571B45E19536181DC7346330

SHA256: ED0FEDC6096420F6F09F4980A1CE36F7C4BC0A8C9191F4DFC27FA4C77D547976

Referenced in post(s):

Why Isn’t my PoC Launching calc.exe?

nsrl: NSRL tool

nsrl_V0_0_1.zip (https)

MD5: 5063EEEF7345C65D012F65463754A97C

SHA256: ADD3E82EDABA7F956CDEBE93135096963B0B11BB48473EEC2C45FC21CFB32BAA

Referenced in post(s):

nsrl.py: Using the Reference Data Set of the National Software Reference Library

nsrl_V0_0_2.zip (https)

MD5: 816DD5BEF94D289F489399A95824083D

SHA256: 65C4AF8F139651942062EB78D820AD3BE5DBEE2C4331B3105BAE62B220CD4F44

Referenced in post(s):

Update: nsrl.py Version 0.0.2

numbers-to-hex: convert decimal numbers into hex numbers

numbers-to-hex_V0_0_1.zip (https)

MD5: 9050768633DDADF34900DAB0061F3B24

SHA256: 00B099F3939251F2027F2705AD08AE352C0FC447C86EB3271721FB2935CF71B6

Referenced in post(s):

BlackEnergy .XLS Dropper

numbers-to-hex_V0_0_2.zip (https)

MD5: 911D2BF2EC0839DD595C48FF4BE5E979

SHA256: 41D5B19E401516CB134521E1F6973A16DBFE491303BD93429EEBE55C0B3AFEF6

Referenced in post(s):

Update: numbers-to-hex.py Version 0.0.2

numbers-to-hex_V0_0_3.zip (https)

MD5: EB8CE35EA272042211B1EADBE4606BE2

SHA256: 1CE2E7C6EF930C56024C0313C9FCE6E96A7FA6FC07893EAF06ACCC05A3D2C528

Referenced in post(s):

Update: numbers-to-hex.py Version 0.0.3

numbers-to-string: convert numbers into a string

numbers-to-string_v0_0_1.zip (https)

MD5: A5BB5F9F711D090416431ABD0E0151A0

SHA256: 5B08018077CB6578553AA3E4D7B2FA663DCC2CF21F4C108C2B4A19680F5A4132

numbers-to-string_v0_0_3.zip (https)

MD5: 6FD49062058E6A03A4A7BF3A3D26408A

SHA256: 9457AFA699B61DA52F07921D3F7AB486585036654D64AD126B933345E71BC07F

Referenced in post(s):

Update: numbers-to-string.py Version 0.0.3

numbers-to-string_v0_0_4.zip (https)

MD5: DFBA2CE60D59A5DF25D7BE415D55B0FF

SHA256: DA75A6BEB7DCD0F71C008EFE43EE3D3831B545BC916AA5176F4E2004FE97A250

Referenced in post(s):

Update: numbers-to-string.py Version 0.0.4

numbers-to-string_v0_0_6.zip (https)

MD5: 283003C9B328A3DB79BC83AD3C3B0FB1

SHA256: E96417C26EA1231748C6A5DE2F12F56D816F2F875795ED7412ED5D6458CF7B93

Referenced in post(s):

Update: numbers-to-string.py Version 0.0.6

numbers-to-string_v0_0_7.zip (https)

MD5: C23E49A24B54365F469BB35CCDA12701

SHA256: 3E9E7DF84359BEB4A054FC82E73C3E94219FC85E462FFBE3676C16E115F61AB3

Referenced in post(s):

Update: numbers-to-string.py Version 0.0.7

numbers-to-string_v0_0_8.zip (https)

MD5: 69179F5EE01F8E0102F40B768E80A82E

SHA256: 535518780E9F4102320C81EF799CF1AD483C51450690A2E1FA9F2CA61B7A8A88

Referenced in post(s):

Update: numbers-to-string.py Version 0.0.10

numbers-to-string_v0_0_9.zip (https)

MD5: C5629F102FCF58E5CFF24472D35AFF22

SHA256: 5B1CA43EDFD7BA66CF44FB552BD7882AEB13A8765017F9F865071E187410EE63

Referenced in post(s):

Update: numbers-to-string.py Version 0.0.9

oledump: Analyze OLE files (Compound Binary Files)

oledump-beta.zip (https)

MD5: 6B2F81410C9DB409E55A05AEB2E8342B

SHA256: E80244C87E11E516F5D7245224828BA15C4079EFE16582FE785D6E307C04B657

oledump_V0_0_10.zip (https)

MD5: 450C28232254F8FF3AF5E289F58D2DAB

SHA256: 139671E5E69200CECCE0EF730365C1BF1B7B8904B90E3B1E08E55AB040464C73

Referenced in post(s):

Update oledump.py Version 0.0.10

oledump_V0_0_11.zip (https)

MD5: 02AEF764545213E1B1A5895AD0706F78

SHA256: 162EE94B1A4533956EE2CE0CB13ECDF2FF6C18A0597685E690B8524526FD694E

Referenced in post(s):

A New Type Of Malicious Document: XML

oledump_V0_0_12.zip (https)

MD5: 0AB5F77A9C0F1FF3E8BE4F675440A875

SHA256: 6F87E65729B5A921079B9E5400F63BE6721673B7AC075D809B643074B47FB8D3

Referenced in post(s):

Update oledump.py Version 0.0.12

oledump_V0_0_13.zip (https)

MD5: 6651A674F4981D9AEDE000C1F5895B69

SHA256: 4452DF48F7D852140B4CD662AD95C6BC695F5F04009B37A367EB392384935C51

Referenced in post(s):

oledump And XML With Embedded OLE Object

oledump_V0_0_14.zip (https)

MD5: 5ECD8BC3BD1F6C59F57E7C74DACCF017

SHA256: 7EEF509D84F7185C299A17882D3BD71481B7B1E41654F463F58492455FBDBD11

Referenced in post(s):

Update: oledump.py Version 0.0.14

oledump_V0_0_15.zip (https)

MD5: 3E3930262DF06AB96B576004F8C930A5

SHA256: 2E256ACB0E8DF4174B5EB3260EF832133556A1F9CDF27212A85CB01D278C152E

oledump_V0_0_16.zip (https)

MD5: 774BF99A8E0607C6B611F4DBF021638A

SHA256: 8C1F22E0EEDB2556641BAF5724A41E25B87AA9ECDF3FA13F175D7C81316ED7EE

oledump_V0_0_17.zip (https)

MD5: 5AF76C638AA300F6703C6913F80C061F

SHA256: A04DDE83621770BCD96D622C7B57C424E109949FD5EE2523987F30A34FD319E1

Referenced in post(s):

Update: oledump.py Version 0.0.17 – ExitCode

oledump_V0_0_18.zip (https)

MD5: 88C9999726C0157267E2FF31E137D66C

SHA256: 1FC9EE7A0BB5A016339C73CBE5DE2F2C0A9C006BC924A5F9346F9F4EDE060939

Referenced in post(s):

Dump Tools: Cut Cut Cut …

oledump_V0_0_19.zip (https)

MD5: DBE32C21C564DB8467D0064A7D4D92BC

SHA256: 7F8DCAA2DE9BB525FB967B7AEB2F9B06AEB5F9D60357D7B3D14DEFCB12FD3F94

Referenced in post(s):

Analysis Of An Office Maldoc With Encrypted Payload: oledump plugin

oledump_V0_0_2.zip (https)

MD5: B493FAB9AC85749D49C4E1843BE19961

SHA256: 27386E61E0B4744EB9363040649B53488DA9139B7C33AFAC6E329F8C777DAD1B

oledump_V0_0_20.zip (https)

MD5: 715B33E8E090F2A061DB2EA5A913055F

SHA256: 056CC911AEDFFB48B756F1B941E14660EBA8B613C65B1026F5DA77FB3047DAE3

Referenced in post(s):

Update: oledump V0.0.20

oledump_V0_0_21.zip (https)

MD5: F72CBB797CE8FB810ACE5E54DC832129

SHA256: 016C772575DF381C274F6408B242945DE35679904B7C8B1B693ABFB2B3C023FB

Referenced in post(s):

Update: oledump.py Version 0.0.21

oledump_V0_0_22.zip (https)

MD5: CA91850BBC92E82D705F707704000F82

SHA256: 16763BCF15BFB3301FFAE0BDA26F18EE2946EDD7478994B798127DBBEF5FF9E7

Referenced in post(s):

Update: oledump.py Version 0.0.22

oledump_V0_0_23.zip (https)

MD5: 991910FF4AA47808A5BBCE0CC109D41A

SHA256: 612B6FD06856C7790D2F66B29286E7B89D35D8354ADB167CA512CC1CDE3F6C47

Referenced in post(s):

Update: oledump.py Version 0.0.23

oledump_V0_0_24.zip (https)

MD5: F1BFD24FBC72966D54C365B57E662700

SHA256: 4C175874EFDF7DB3264038BFACFD44F1B9060E834189FF3CBAA6C8EBD9D7F680

Referenced in post(s):

Update:oledump.py Version 0.0.24

oledump_V0_0_25.zip (https)

MD5: CED1602AEF505AE0388DB95414F9C00A

SHA256: 54510A54264E4EA3C4559545B5CE43A20D8AB290B4EDDA7B57983AD1396E29FC

Referenced in post(s):

Update: oledump.py Version 0.0.25

oledump_V0_0_26.zip (https)

MD5: 62030DEC6DBC2F69A37893FF1624F8EE

SHA256: A0DE8FD414A0B78FE8D72CAA58D8FA15159A7ABEA9842181C4C3C4EC1DE2EEC5

Referenced in post(s):

Update: oledump.py Version 0.0.26

oledump_V0_0_27.zip (https)

MD5: A6C6728E20AE46A4FECC5F3976AF33BF

SHA256: 54FE550D5102A0E9428F6BD9B5170B50797EDA2076601634519CDBB574004A3C

Referenced in post(s):

Update: oledump.py Version 0.0.27

oledump_V0_0_28.zip (https)

MD5: D89C1E0DA9A95A166EF8F36165F6A873

SHA256: 58F44B68BC997C2A7F329978E13DC50E406CCCCD2017C0375AA144712F029BFB

Referenced in post(s):

Update: oledump.py Version 0.0.28

oledump_V0_0_29.zip (https)

MD5: 7F98DB95E0E9FF645B8411F421387214

SHA256: E00567490A48A7749DF07F0E7ECD8FD24B3C90DC52E18AFE36253E0B37A543C5

Referenced in post(s):

Update: oledump.py Version 0.0.29

oledump_V0_0_3.zip (https)

MD5: 9D5AA950C9BFDB16D63D394D622C6767

SHA256: 44D8C675881245D3336D6AB6F9D7DAF152B14D7313A77CB8F84A71B62E619A70

Referenced in post(s):

Introducing oledump.py

oledump_V0_0_30.zip (https)

MD5: BBD53C65FC40891E2125B9808F507E4A

SHA256: 78CDC8C8BCD651A3578F567D24FD88300600E02520B2D75F45448E4FB480FEB0

Referenced in post(s):

Update: oledump.py Version 0.0.30

oledump_V0_0_31.zip (https)

MD5: 63B2B5ECE2BC46B937D33A6494F7F6A0

SHA256: D2CF42662897642DF27C863F6C246CE70019EDF03F275354A7A505DCE27632D1

Referenced in post(s):

Update: plugin_biff.py Version 0.0.2 / oledump.py Version 0.0.31

oledump_V0_0_32.zip (https)

MD5: 10D8995B6AF5C783B1F8AAF70B8FDB03

SHA256: 0E38BAF12B066A100F97F3362402E1999F2DE223A09491E3D44C20EA4BDBD8AB

Referenced in post(s):

New oledump Plugin: plugin_msg.py / oledump.py Version 0.0.32

oledump_V0_0_33.zip (https)

MD5: E5F879766B5C1C899E75E2F2A8ED9533

SHA256: 2B7C9565880F14E8A431F7819926EE801DE129458E682FAAF99FEF41AFA49934

Referenced in post(s):

Update: oledump.py Version 0.0.33

oledump_V0_0_34.zip (https)

MD5: 1BE4E08DE1B1E73D5808AECE1BD09852

SHA256: 74F1B05E50D2AF8072505587438BB8959F174BAF76ED6255116E806642E6C4B0

Referenced in post(s):

Update: oledump.py Version 0.0.34

oledump_V0_0_35.zip (https)

MD5: 2089AFC496FFE2E44F67CF9C44EB101B

SHA256: C232282BD8AE050EECA1455E6A58EAB8D5CBBDF0D61E9FE2077CDA3DEB15D325

Referenced in post(s):

Update: oledump.py Version 0.0.35

oledump_V0_0_36.zip (https)

MD5: D8C9FBFD1AA2238D6EB3CA164EE91A65

SHA256: BE609FD0D976984A8856939B76D7DF54AB5ED4934F58F7AD47E4D6E42CDFCCBF

Referenced in post(s):

Update: oledump.py Version 0.0.36

oledump_V0_0_37.zip (https)

MD5: BBC2F3B57266B557307E12E8BC950F98

SHA256: 573C73110CA35EE6451FD14EE7B7DCA3B53FF624ECCFF824799DA59F7767DA68

Referenced in post(s):

Update: oledump.py Version 0.0.37

oledump_V0_0_38.zip (https)

MD5: C1D7F71A390497A516F67D798BA25128

SHA256: 4CADEE69D024E9242CDA0CE3A9C22BCB1CAFF9D5BA2D946519C6B7C18F895B81

Referenced in post(s):

Update: oledump.py Version 0.0.38

Analyzing PowerPoint Maldocs with oledump Plugin plugin_ppt

oledump_V0_0_39.zip (https)

MD5: 5C9A1D94E1BC857877116E425D80A197

SHA256: DF7FFA0C707C8D66C0E0FBEE583286DBA9970824782C6B7AB6BFDC30A85BB419

Referenced in post(s):

Update: oledump.py Version 0.0.39

oledump_V0_0_4.zip (https)

MD5: 8AD542ED672E45C45222E0A934033852

SHA256: F7B8E094F5A5B31280E0CDF11E394803A6DD932A74EDD3F2FF5EC6DF99CBA6EF

Referenced in post(s):

oledump: Extracting Embedded EXE From DOC

oledump_V0_0_40.zip (https)

MD5: 4013CC3A01D4CAE481EAA099A080B07F

SHA256: C5EC0B7B1EFA69D9EB6572F61D866ECEA7952FEADA06943377F8178C7A252E70

Referenced in post(s):

Update:oledump.py Version 0.0.40

oledump_V0_0_41.zip (https)

MD5: 4FD7E627F5078245705526EBE09D7989

SHA256: 0793CA920DA8B4BD09A040FEE12463BE7D8AF8AE6DFB0968CADCE478BC153CD8

Referenced in post(s):

Update: oledump.py Version 0.0.41

oledump_V0_0_42.zip (https)

MD5: C5CCF18F9F10CB6916CC74C002C78EDE

SHA256: 14A1FDA4AB57B09729AEB2697818782FAE498369A760FEC8AEE5CFB0A0E9D126

Referenced in post(s):

Update: oledump.py Version 0.0.42

oledump_V0_0_43.zip (https)

MD5: F98A06CED73C4FC2CA153B7E751746B5

SHA256: 4FE1DBAB822CEC2489328CE3D4D272400F23F1FAD266C9D89B49D9F83F3AA27F

Referenced in post(s):

Update: oledump.py Version 0.0.43

oledump_V0_0_44.zip (https)

MD5: 2BB2CD027327FFD8857CDADC1C988133

SHA256: 1A9C951E95E2FE0FDF3A3DC8E331205BC65C617953F0E30ED3E6AC045F4DD0C0

Referenced in post(s):

Update: oledump.py Version 0.0.44

oledump_V0_0_45.zip (https)

MD5: FB9694358CCEAE4AFDFCF97FDA0D5205

SHA256: FB75B1E19E5067751E2DE1AD21826245B7E11EDBE03278566484754F606F3965

Referenced in post(s):

Update: oledump.py Version 0.0.45

oledump_V0_0_46.zip (https)

MD5: 5B77190CA1A95B784393BBC5684BC6D3

SHA256: 0AF571EDEB42678559AFEB280C94952C32B7BBE09377B0BB113793CE6A39214B

oledump_V0_0_47.zip (https)

MD5: E851ED7240C08E9E9E3EBA4A412A46A4

SHA256: F35997537D5C4596E413D08C35A83EBD55CAF587D2D9898DAA9285BC83CAF287

Referenced in post(s):

Update: oledump.py Version 0.0.47

oledump_V0_0_48.zip (https)

MD5: B869EC84DB4F10596212A2B67CF2C684

SHA256: 0E66E3EA42D5761301E0643A27D892B3C4531CCC2E4C95373ECE9B7AD7E6DAC6

Referenced in post(s):

Update: oledump.py Version 0.0.48

oledump_V0_0_49.zip (https)

MD5: 1EF0B466A80C034F10770F8A235EBE7B

SHA256: BD8CAD9EDB99B6063A9A36B8B83EB3416484CEC244A01CA2F08BB032402FF147

Referenced in post(s):

Update: oledump.py Version 0.0.49

oledump_V0_0_5.zip (https)

MD5: A712DCF508C2A0184F751B74FE7F513D

SHA256: E9106A87386CF8512467FDD8BB8B280210F6A52FCBACEEECB405425EFE5532D9

Referenced in post(s):

Update: oledump.py Version 0.0.5

oledump_V0_0_50.zip (https)

MD5: 30EB6A0E0924E72350B268ADDE4E4EC7

SHA256: 870167AE5576B169EB52572788D04F1FFCEC5C8AFDEBCC59FE3B8B01CBDE6CD9

Referenced in post(s):

Update: oledump.py Version 0.0.50

oledump_V0_0_51.zip (https)

MD5: 9A55FC37AD0C4C2F3D08F252C72C1A82

SHA256: 071D1605D520A4BABBE2CDA461866C349628FE4B428AC54823492A6CD89EA487

Referenced in post(s):

Update: oledump.py Version 0.0.51

oledump_V0_0_52.zip (https)

MD5: 2528824D8A7CD2BE98615B1B1AE8C61A

SHA256: C47A9CC658571FF23E70264B4DD4F8F47D244708E7110EA0A28128F175CF80F5

Referenced in post(s):

oledump.py

Update: oledump.py 0.0.52

oledump_V0_0_6.zip (https)

MD5: E32069589FEB7B53707D00D7E0256F79

SHA256: 8FCEFAEF5E6A2779FC8755ED96FB1A8DACDBE037B98EE419DBB974B5F18E578B

Referenced in post(s):

Update: oledump.py Version 0.0.6

oledump_V0_0_7.zip (https)

MD5: 7A953BAFFA1E5285651699996FA2DF84

SHA256: F5DC5F650F005E530A7D0CF510C33E3A4EF29AD85B1DA2618B237F53A46B86B5

Referenced in post(s):

Update: oledump.py Version 0.0.7

oledump_V0_0_8.zip (https)

MD5: 29EBF73F5512B0BC250CD0A0977A2C72

SHA256: 09C451116FCDE7763173E1538C687734D92267A0D192499AFD118D8D923165B9

Referenced in post(s):

Update: oledump.py Version 0.0.8

oledump_V0_0_9.zip (https)

MD5: 849C26F32397D2508381A8472FE40F90

SHA256: 74887EA3D4362C46CCBF67B89BB41D7AACE9E405E4CB5B63888FEDCE20FD6A07

Referenced in post(s):

Update: oledump.py Version 0.0.9

OllyStepNSearch: Plugin for OllyDbg

OllyStepNSearch_V0_6_0.zip (https)

MD5: 6302043B90834E6EE39F720C94C9D772

SHA256: B46F3A03D6C459EC36571948D84D933E4339F225B561FAC04DE4FB4525E70C9C

OllyStepNSearch_V0_6_1.zip (https)

MD5: D32BA4B0042BF9342B05FCBC0CF573B6

SHA256: 61ACA61F3399322B797EB58425A13AF3E68EB590AC747D1D244385E0923ABA52

Referenced in post(s):

OllyStepNSearch

password-history-analysis: Program to analyze password history

password-history-analysis_v0_0_1.zip (https)

MD5: 2ED7FB5E6968B25AEBF623754E5513B0

SHA256: DA75A8E2C92DCD31FB3C05732C660C3996EAEBADFA198535C051DC02AE94805B

Referenced in post(s):

Password History Analysis

Paste: paste does the opposite of clip, read the clipboard and write it to stdout

Paste_V1_0_0_1.zip (https)

MD5: 2107C78DEA38EA98825BB686DB2291AD

SHA256: 329A0AA96E855219ACB99D7BC35F78CE552645F7829D1B475924F895BA614637

Referenced in post(s):

The Paste Command

pcap-rename: program to rename pcap files with a timestamp

pcap-rename_V0_0_1.zip (https)

MD5: 5F844411E178909970BC21349A629438

SHA256: AB706DB3470A915A3031EC248B8DAF83C08F42DBF6AC2EACB1A2DB2493B0AEEE

Referenced in post(s):

pcap-rename.py

pcap-rename_V0_0_2.zip (https)

MD5: 6EFFA5313946DEAF3363835B1D3C684E

SHA256: 3BA23CC936B49AF83306E486B0BFC9ABAF5BD0B5E3DEF81D8564BCC3810C06B9

Referenced in post(s):

Update: pcap-rename.py Version 0.0.2

pdf-parser: PDF analysis program

pdf-parser_V0_2_0.zip (https)

MD5: 973E57E5EA8706F92EB0D6BA46EE9EFD

SHA256: 637C95018653C406F0A3AF62E72D9BF396C4AC56A8189586EB59467BD364A7D6

pdf-parser_V0_3_0.zip (https)

MD5: DC34F3B9E0436BA985B53DD44BEEBFA6

SHA256: 9DB432CDEA25E3408E07C612FED8A8B245EF378DDC737914F04248953567A691

pdf-parser_V0_3_1.zip (https)

MD5: 07CDA54844CD6567473CBF2B0DFC601C

SHA256: 7614AEC453502EEF43F9EA04A82092C4ACDD32AB86D1C4D744B7B590C74152EC

pdf-parser_V0_3_5.zip (https)

MD5: 07EA2C47766ADF248102E378C65D03F3

SHA256: 5EAD0F9BE9693EF836CF67FF2B796324ED5E7053D34BF4FA588D250A7DA2E761

Referenced in post(s):

Update: pdf-parser Version 0.3.5

pdf-parser_V0_3_7.zip (https)

MD5: BDC0E5A82EB6D7C287E7360D8901023D

SHA256: C83D39F8938A00A3EB2BDE3134EFAF3A2BE11E72C2C8A92841D4E1E82366D7E1

pdf-parser_V0_3_9.zip (https)

MD5: 6C91F8D4E8EA8BEF6F60CEDA4E1CDEA0

SHA256: 9D4549B6A93BF83EA74A905E3271272EBCEC6B6329867F1C0FCB59920C3C3CB4

pdf-parser_V0_4_0.zip (https)

MD5: 9C2680974DCF11714F743F6C7885A7FA

SHA256: 0035C2304FC85B696EB7E9E64B19A4E1EAE25BA4719D5B0FF91D7D306981CEE4

pdf-parser_V0_4_1.zip (https)

MD5: A0314C0CD8AAE376C7448E74D4A7472C

SHA256: 633B7400015B2C936103CC64C37435FB333B0F2634B2A6CD3A8949EAB1D18E9B

Referenced in post(s):

Update: pdf-parser Version 0.4.1

pdf-parser_V0_4_2.zip (https)

MD5: B0C8F02358B386E7924DACB3059F8161

SHA256: E90620320AF6ED8E474B42BF6850E246446391878F87AE34DCDBD1D9945A6671

Referenced in post(s):

pdf-parser: Searching Inside Streams

pdf-parser_V0_4_3.zip (https)

MD5: 2220FFE37AEA36FC593AE33440385E76

SHA256: 1416624938359FDD375108D922350D1B7B0E41B3A40A48F778D6D72D8A405DE6

Referenced in post(s):

Update: pdf-parser V0.4.3

pdf-parser_V0_6_0.zip (https)

MD5: 25CC4907B862259500A3EB73DE83BBFD

SHA256: 8902ABE1A9BDB61887D501546CCF333724BCF7B3E3E02CE2541BC311AD8E98DF

pdf-parser_V0_6_2.zip (https)

MD5: D6717F1CA6B9DA2392E63F0DABF590DD

SHA256: 4DC0136062E9A5B6D84C74696005531609BD0299887B70DDFFAA19115BF2E746

Referenced in post(s):

pdf-parser: A Method To Manipulate PDFs Part 1

pdf-parser_V0_6_3.zip (https)

MD5: 62D1AFACA8C124FB2AC279F22C088BB3

SHA256: 339E8D18BE21BAD6B2B33BDD29721F32624F3D842087D3AE353C6F8D6B92D185

pdf-parser_V0_6_4.zip (https)

MD5: 47A4C70AA281E1E80A816371249DCBD6

SHA256: EC8E64E3A74FCCDB7828B8ECC07A2C33B701052D52C43C549115DDCD6F0F02FE

Referenced in post(s):

Update: pdf-parser Version 0.6.4

pdf-parser_V0_6_5.zip (https)

MD5: 7F0880EB8A954979CA0ADAB2087E1C55

SHA256: E7D2CCA12CC43D626C53873CFF0BC0CE2875330FD5DBC8FB23B07396382DCC85

Referenced in post(s):

Bugfix: pdf-parser Version 0.6.5

pdf-parser_V0_6_6.zip (https)

MD5: 47326468E1B5A1AF7BB8AD63688804D9

SHA256: 51C9B25B939B135D9949E51463F58ECEC0BEBEFB9C0EAA0B93326CBFB4D8F061

Referenced in post(s):

Update: pdf-parser Version 0.6.6

pdf-parser_V0_6_7.zip (https)

MD5: D04D7DA42F3263139BC2C7E7B2621C91

SHA256: ED863DE952A5096FF4BE0825110D2726BA1BE75A7A6717AF0E6A153B843E3B78

Referenced in post(s):

Update: pdf-parser Version 0.6.7

pdf-parser_V0_6_8.zip (https)

MD5: 7702EEA1C6173CB2E91AB88C5013FAF1

SHA256: 3424E6939E79CB597D32F405E2D75B2E42EF7629750D5DFB39927D5C132446EF

Referenced in post(s):

Update: pdf-parser.py Version 0.6.8

pdf-parser_V0_6_9.zip (https)

MD5: 27D65A96FEAF157360ACBBAAB9748D27

SHA256: 3F102595B9EAE5842A1B4723EF965344AE3AB01F90D85ECA96E9678A6C7092B7

Referenced in post(s):

Update: pdf-parser.py Version 0.6.9

pdf-parser_V0_7_0.zip (https)

MD5: CDE355BB3FCACE3C4EDBC762E632F9AB

SHA256: 219FF0BB729C4478679A79163CA9942296ACF49E4EC06D128CBC53FBEE25FF05

Referenced in post(s):

Update: pdf-parser.py Version 0.7.0

pdf-parser_V0_7_1.zip (https)

MD5: 1480D3BF602686C9E7C2FE82AC6C963B

SHA256: D2C8E0599A84127C36656AA2600F9668A3CB12EF306D28752D6D8AC436A89D1A

Referenced in post(s):

Update: pdf-parser.py Version 0.7.1

pdf-parser_V0_7_2.zip (https)

MD5: 7D417F2313FF505AC96B80D80495BB78

SHA256: 3CDB98A57DAABC98382BFA361390AE3637F96852F6F078D03A7922766AE14B57

Referenced in post(s):

Update: pdf-parser.py Version 0.7.2

pdf-parser_V0_7_3.zip (https)

MD5: 7EB1713631D255B36BC698CD2422C7EB

SHA256: D4D5AC9C26A9D8FEF65CE58A769D3F64A737860DC26606068CCDD3F04FDEA0D7

Referenced in post(s):

Update Of My PDF Tools

pdf-parser_V0_7_4.zip (https)

MD5: 51C6925243B91931E7FCC1E39A7209CF

SHA256: FC318841952190D51EB70DAFB0666D7D19652C8839829CC0C3871BBF7E155B6A

Referenced in post(s):

PDF Tools

Update: pdf-parser.py Version 0.7.4 and pdfid.py Version 0.2.7

pdfid: PDF triage program

pdfid_v0_0_10.zip (https)

MD5: A06B023457DACE24FDFBF537282E1A76

SHA256: 18D88B15C90504BE6A2FF2814BD15A7B20B945337252018A0072AEFD99D5AAC8

pdfid_v0_0_11.zip (https)

MD5: 99BFA4916EC5E005953E3D9D8AD96C83

SHA256: C831569C8139D5CA5709600B987C929716FE58B1DD6B65F18EC84473A83B4075

pdfid_v0_0_12.zip (https)

MD5: 628BB84D7A4FE1A32F23954DD067E667

SHA256: A10B3C0B9BFB467A2C4C2EE6C786CF5E98A7CAD32AC5BEA498DD9796031A77D5

pdfid_v0_0_2.zip (https)

MD5: 21093726A57F39E08A679A11B6616931

SHA256: C3B190DD5E07FCEA2954D5686096155B39B5CAB6A21C17DD0C8D1838CACD4ED3

pdfid_v0_0_6.zip (https)

MD5: CE809DAC132BA2BD1C74413F125C2A70

SHA256: 0DB423F0E01197977C676C14B5BDA2FBBC9840CDD86160716A43CED0F84753FE

Referenced in post(s):

Quickpost: Disarming a PDF File

pdfid_v0_0_7.zip (https)

MD5: 06DA1B6E621F373CBAF0F9514B3F433A

SHA256: 3AE403684F9EE141838C7CDAD674FCE06807C983C1078EC68EF94AF4A02823C0

pdfid_v0_0_8.zip (https)

MD5: 9769FB96899F3AD15510C903A4FB29EF

SHA256: 542734C2613439851AF99B59725B1607F96A6E9396B447C5BD3AF197AABB0231

Referenced in post(s):

Update: PDFiD Version 0.0.8

pdfid_v0_0_9.zip (https)

MD5: 1C731D6204C09AAFF219876A8FB5E834

SHA256: 24A9B16E67A84E85488A16879CB611128B2E5921044E48EFB60D784BD785CBD0

pdfid_v0_1_0.zip (https)

MD5: 6A5FF56C22EF2745C3D78C8FD8ACA01F

SHA256: D72FE8555DC89808EE7BFC9F791AD819A465106A95801C09C31B0FD2644B3977

Referenced in post(s):

Update: PDFiD Version 0.1.0

pdfid_v0_1_1.zip (https)

MD5: 069F0286A99AF03712DB2992B464833D

SHA256: 875CE564837D9B72BC3055A617795A96245D337CC20BEC235A2F6857F42C9114

pdfid_v0_1_2.zip (https)

MD5: 60FC17757201F014A6ADA0744B74A740

SHA256: 1CF36C50427A2206275C322A8C098CD96A844CAF6077B105ADE9B1974789856F

Referenced in post(s):

Update: PDFiD Version 0.1.2

pdfid_v0_2_0.zip (https)

MD5: D4D07B43961D548F428C5FF6236FD6DD

SHA256: 19ABC7F2B88A794A1718949020F88C80AAFA2DEC9D23891A1AF5EDF764AD1F40

pdfid_v0_2_1.zip (https)

MD5: 7463412536678B321276F8720F52DE81

SHA256: F1B4728DD2CE455B863B930E12C6DEC952CB95C0BB3D6924136A6E49ACA877C2

Referenced in post(s):

Update: PDFiD With Plugins Part 1

pdfid_v0_2_2.zip (https)

MD5: 20614B44D97D48813D867AA8F1C87D4E

SHA256: FBF668779A946C70E6C303417AFA91B1F8A672C0293F855EF85B0E347D3F3259

Referenced in post(s):

Update: pdfid.py Version 0.2.2

pdfid_v0_2_3.zip (https)

MD5: 65966E8BBF932D3C0830B755FDE094FE

SHA256: 9482176D173EFA6F2F33EE409B091BFA45685FC285B87F7219A4E9418B47F739

Referenced in post(s):

Update: pdfid.py Version 0.2.3

pdfid_v0_2_4.zip (https)

MD5: 36D5554BC881E7E21382ADA1305ED6F4

SHA256: C1DA287C9C06E3158F79CECF9C2E9A7773FC57FC92021F17B79DDD4B1E5DBB2A

Referenced in post(s):

Update: pdfid.py Version 0.2.4

pdfid_v0_2_5.zip (https)

MD5: 9B835D9E934A7AA7E68C3649A7AA5DAF

SHA256: 4DD43D7BDA885C5A579FC1F797E93A536E1DB5A4AB52A9337759A69D3B0250E0

Referenced in post(s):

Update: PDFiD.py Version 0.2.5

pdfid_v0_2_6.zip (https)

MD5: 9CCE332914A6C76410F04B7C35DA3155

SHA256: 95F7C91EEFB561F3F3BE9809ED339D85E7109BAA7E128EF056651EE018DBDBA0

Referenced in post(s):

Update Of My PDF Tools

pdfid_v0_2_7.zip (https)

MD5: F1852F238386681C2DC40752669B455B

SHA256: FE2B59FE458ECBC1F91A40095FB1536E036BDD4B7B480907AC4E387D9ADB6E60

Referenced in post(s):

PDF Tools

Update: pdf-parser.py Version 0.7.4 and pdfid.py Version 0.2.7

PDFTemplate: 010 Editor Template for PDF file format

PDFTemplate.zip (https)

MD5: C124200C3317ACA9C17C2AE2579FCFEB

SHA256: 24C4FEAD2CABAD82EC336DDCFD404915E164D7B48FBA7BA1295E12BBAF8EB15D

Referenced in post(s):

PDF Tools

pecheck: wrapper for pefile

pecheck-v0_4_0.zip (https)

MD5: 27041C56B80B097436076B7366A6F3B2

SHA256: F9C73ED054AE4D5E9F495916D1B028FD8D6E9B2800DCE1993E568E2A2BFD9A71

Referenced in post(s):

Update: pecheck.py Version 0.4.0

pecheck-v0_5_0.zip (https)

MD5: B873F8B5F6D408E4026010F010EA5FC4

SHA256: 7FCE12A8B10BEFF0C991B652CEDE376C187E74F23C603BF1A9250C9E7756AB48

Referenced in post(s):

Update: pecheck.py Version 0.5.0

pecheck-v0_5_1.zip (https)

MD5: F045A67AC1ECCF129030DFCE316383A9

SHA256: 9F6EFD34455D530BD3A867FEDD40C1E9538E8B7299E538AAC73D936EDF9904EF

Referenced in post(s):

Update: pecheck.py Version 0.5.1

pecheck-v0_5_2.zip (https)

MD5: A4FF0507C206535FA9224F65CCD3497D

SHA256: DE4D06F00FD9EC74FD52689B711FBF10F953F14DAFACBDE214E0A4947E60D8A6

Referenced in post(s):

Update: pecheck.py Version 0.5.2

pecheck-v0_6_0.zip (https)

MD5: D3A9C71AAF63D83884B4FEF2C2C21D03

SHA256: 08DB82F190AEEB065A65FEE0DD03D20B0CC788878C4864B537BBD1807E4D6B71

Referenced in post(s):

Update: pecheck.py Version 0.6.0 – Overview Of Resources

pecheck-v0_7_0.zip (https)

MD5: 7BE550EC71BF99FC31704C2DD4ED3C8A

SHA256: 12C03369362045DF5A9AAB83002E59A4A31050EC008DF45F777C87186D611F6E

Referenced in post(s):

Update: pecheck.py Version 0.7.0

pecheck-v0_7_1.zip (https)

MD5: D5907442424C527A9937CFA65377C9BD

SHA256: BF2F162D108F17F350111645B8DFFE5D3641065CB6EE3CE318FCBEC83507917B

Referenced in post(s):

Update: pecheck.py Version 0.7.1

pecheck-v0_7_10.zip (https)

MD5: D0C4332B1BD231AA131FBCDCD3BBBA33

SHA256: 0E57A50590D59321CCD0BECE0936CF9523668F86516F56F5B2A21B9DCA9B4788

Referenced in post(s):

pecheck.py Version 0.7.10

pecheck-v0_7_11.zip (https)

MD5: D3B69575F0A08377D1A08886D34230FD

SHA256: 2B59F745377EABDF81118997CA70F5F4DBC1CE927370F02C6E0262869F988FA9

Referenced in post(s):

Update: pecheck.py Version 0.7.11

pecheck-v0_7_2.zip (https)

MD5: 2A501CD2D15E1108B909B7FCEDFBDA13

SHA256: 9CACA5A41A84049FE6B0D5807A31B7FC5B1A5AC71B3FD3BE4EAC71A96BBDFB3E

Referenced in post(s):

Update: pecheck.py Version 0.7.2

pecheck-v0_7_3.zip (https)

MD5: 480C9AC4BEE09CAAFB1593E214A39832

SHA256: 359A44751BAA34450B2DA92539AB425507EBB90F8F57CF50E561CCE111809637

Referenced in post(s):

Update: pecheck.py Version 0.7.3

pecheck-v0_7_4.zip (https)

MD5: E0F90B85576F7BC42BB8601E650134FB

SHA256: E011CD82F5E3244553FBA52DDF3F0D3076E88A6F35E50AA18AC0DAAC6ED91389

Referenced in post(s):

Update: pecheck.py Version 0.7.4

pecheck-v0_7_5.zip (https)

MD5: 62EC77D9DD51252F5E3E299574FF9395

SHA256: 983895B49A0B71A76E99568DC0D2D9B9AE6D3AFEAB7F7D22816EC718400DBB29

pecheck-v0_7_6.zip (https)

MD5: C07704E37FB1C18B769BB5336CD2478A

SHA256: 312E730F6DE784808B6E5BE355752803F281F7DC838E4B9C6B3FE924622F47F8

Referenced in post(s):

Update: pecheck.py Version 0.7.6

pecheck-v0_7_7.zip (https)

MD5: CEFCCC094EF9E29A539092A6ECB77EEE

SHA256: 91041D17A39C7FA4151830AF8FBD151680A04FC617CB0EADDA32D240E9AB9C03

Referenced in post(s):

Update: pecheck.py Version 0.7.7

pecheck-v0_7_8.zip (https)

MD5: 616CD9159316FC2100BE3E87C5C26B2C

SHA256: F734EFFFA17E4EE6CA64A67D18340B3347B72C4B1C7522BAF1B7D720FABA2389

Referenced in post(s):

Update: pecheck.py Version 0.7.8

pecheck-v0_7_9.zip (https)

MD5: F69709C475D513A8D2031C21EEC13284

SHA256: 99E71A9FC917BB27CDD893F14AE77F2E810A4C7BB56A6E975BB619C978B12D47

Referenced in post(s):

Update: pecheck.py Version 0.7.9

pecheck.zip (https)

MD5: EE42C8FF3C90B4F5466A9AEFD152156F

SHA256: 679690A1377617E9FEFF31F535A3CCBB3D951FFEBA697FBBD830D653D483AA65

Referenced in post(s):

Sampling a Malicious Site

pecheck_v0_3_0.zip (https)

MD5: C2AC9FED3C7F1787854C8D0E651B2591

SHA256: 3CDEBADA4C594DD3622E234747C6AABD41573C94087C0554CBA65D0472F6B413

Referenced in post(s):

pecheck.py

peid-userdb-to-yara-rules: Convert PeID userdb to YARA rules

peid-userdb-to-yara-rules_V0_0_1.zip (https)

MD5: D5B9B6FA7EC50A107A70419D30FEC9ED

SHA256: F8A12B5522B92AE7E3EDF11ACFAEEA7FDCC7FBDA8DC827D288A2D92B2B2CA5E2

Referenced in post(s):

Converting PEiD Signatures To YARA Rules

peid-userdb-to-yara-rules_V0_0_2.zip (https)

MD5: BE287BE1CB4EAFC360B1105C47F81819

SHA256: DC673DC90420F880EBDC8A0298410B3B8D90AFBCCE868A3E075DB5AAF898A188

Referenced in post(s):

Update: peid-userdb-to-yara-rules.py

PFTemplate: 010 Editor Template for PF file format

PFTemplate.zip (https)

MD5: 11F6BB8EC0D29CBCC7C2F269E9900AF0

SHA256: 4429380778C94E47427C1753BAF91E0D8AF78985AA9F3868CF3FC07456F7BAFA

Referenced in post(s):

Prefetch File 010 Template

PFTemplate_V0_0_2.zip (https)

MD5: 56A98A78BD4E8D1AED88385AF1DD8446

SHA256: E15D721E46FFB8158C6D14C9A38DE4E3DD5DCD0972896441DF17590C540DBCC3

Referenced in post(s):

Update: Prefetch File 010 Template

psurveil: Photo Surveillance for N800

psurveil-0.2.1-source.zip (https)

MD5: 0CFDCA784E15D45AB882BC5BB7E635ED

SHA256: 0A9132C7B4A72A1289652CC307F2C92B0DAD9BB43706CDEE90BCCA06440A0A60

Referenced in post(s):

Looking for N800 Beta Testers, No Voyeurs Please 😉

psurveil-0.2.1.zip (https)

MD5: 6B0E8C000EA4FF7EBAA4E50A07589EB5

SHA256: B399FBDCED4F3F1CC79782652D30A9A9CD96FCE5F3F948493A0929C7DE3318FD

Referenced in post(s):

Looking for N800 Beta Testers, No Voyeurs Please 😉

python-per-line: Program to evaluate a Python expression for each line in the provided text file(s)

python-per-line_V0_0_1.zip (https)

MD5: B7C1146D44D6B3F8B04C571E8C205191

SHA256: 6D7931B33F8A1D81539E892897D301145A63502A181B2B89A01466D599D53787

Referenced in post(s):

New Tool: python-per-line

python-per-line_V0_0_2.zip (https)

MD5: AB2377D366AB33992A535AF1EE489CBD

SHA256: 045F398FBCF6DDFF4A25B38007ADDF89B3256C21C8808B58FBC96855D55E6171

Referenced in post(s):

Update: python-per-line.py Version 0.0.2

python-per-line_V0_0_3.zip (https)

MD5: 40B787E184EBAAD91A9104BF1BF1BF1A

SHA256: 1D7CAE95B5EA169286E4B1528D834D814A474A86240B9975385968B2BADF59AB

Referenced in post(s):

Update: python-per-line version 0.0.3

python-per-line_V0_0_4.zip (https)

MD5: FE8E875E2A7B8CD89FCAAB3B5830206C

SHA256: 7A6DACBAFC13DDE164F2AAB49DA766613F23BE78FF9BCAF5392EEA01F71620D0

Referenced in post(s):

Update: python-per-line.py Version 0.0.4

python-per-line_V0_0_5.zip (https)

MD5: 1CED1F84FD44E64BF448558BA02E0978

SHA256: 8E6845006BD3463135CE7AA0AA05FA596AC10E6E2ACC4B45C5909B624A20D6A5

Referenced in post(s):

Update: python-per-line.py Version 0.0.5

python-per-line_V0_0_6.zip (https)

MD5: FDA3365E2DC54EF65B2E8F6EE8D0DB9E

SHA256: E7496229BF64B2772AF5C49E4BC065281F06043192453E96A783808F6F3E61D1

Referenced in post(s):

Update: python-per-line.py Version 0.0.6

python-per-line_V0_0_7.zip (https)

MD5: 1AF491C2AD45E7ADB83F121B40F60BFB

SHA256: 5CB1E7C17EE359090E9E7168692CF00347E9815DC47CCCA14A2B4C974832510B

Referenced in post(s):

Update: python-per-line.py Version 0.0.7

python-templates_V0_0_1.zip (https)

MD5: 99E9D87681470F1BAE020B68F2853F49

SHA256: 2CA24AD6928FA2FE2DE894FEFBD1B41238B723D46ADED4064D26374A805BA1C4

Referenced in post(s):

Release: Python Tool Templates

python-templates_V0_0_2.zip (https)

MD5: 082812485D24AD0E3D12F1618BC44367

SHA256: 98DE8BEC508C7E678D294DD630466DA175524D4180C1E8C3A6C06EE11587981E

Referenced in post(s):

Update: Python Templates Version 0.0.2

re-search: Program to use Python’s re.findall on files

re-search_V0_0_1.zip (https)

MD5: 5700D814CE5DD5B47F9C09CD819256BD

SHA256: 8CCF0117444A2F28BAEA6281200805A07445E9A061D301CC385965F3D0E8B1AF

Referenced in post(s):

Extracting Dyre Configuration From A Process Dump

re-search_V0_0_10.zip (https)

MD5: A4A22FBA70990B57C811DD290C6F0DAA

SHA256: BF5084E4CE7A528AB2701D5AAA6C7366A3A43B8768C712263133A6E302569E86

Referenced in post(s):

Update: re-search.py Version 0.0.10

re-search_V0_0_11.zip (https)

MD5: 72F160A83E214351162704EB4B94EB9E

SHA256: 624E2864738008F6A63CC4E3F7B5FCB3738389DBC7E6EF29BC8C2F749ABAD9DE

Referenced in post(s):

Update: re-search.py Version 0.0.11

re-search_V0_0_12.zip (https)

MD5: 8CA8D767BDB126B097E41F0D4B1F197B

SHA256: 69752CF9862FC4EC29DD96289A21D1C8C82FB4C3C3083BE622C169BA658F0A40

Referenced in post(s):

Update: re-search.py Version 0.0.12

re-search_V0_0_13.zip (https)

MD5: 241464482856756FF1C0C2386AF84CD5

SHA256: 9409EC639C4C6E988ADFC2401CA89200712BE171894D214B56E4ACC84C32E489

Referenced in post(s):

Update: re-search.py Version 0.0.13

re-search_V0_0_2.zip (https)

MD5: FC921EAF48774B6E113FAE76867B69E1

SHA256: B07BF53FE476E6FC4D5B568BA2B0B70DD3BC037478A2CBF3A08A1AA6CCDD402C

Referenced in post(s):

Update: re-search Version 0.0.2

re-search_V0_0_3.zip (https)

MD5: 6C4F59C4BA5DAC1D16D3E09D1E333FD0

SHA256: BFB019F1350F7D63FB3704322F62894A4B17D8EE03CC186156F2A97045E47F58

Referenced in post(s):

Update: re-search.py Version 0.0.3

re-search_V0_0_4.zip (https)

MD5: 965C484CC5BF447B390BA4E176698972

SHA256: D2F3A52F7590CD38E796B6F6209FC87A1BD6451F1787010557FA39E25AFDBC2F

Referenced in post(s):

Update: re-search.py Version 0.0.4

re-search_V0_0_5.zip (https)

MD5: A03CBBA9F2C5900A368BC064D3CC3D00

SHA256: 940B12CA8E3ADCC0266BC788B5A7AE2C830115BDB9FC04C3A7A178FDD7D44F02

Referenced in post(s):

Update: re_search.py Version 0.0.5

re-search_V0_0_6.zip (https)

MD5: 0FFBDC31D2257BA85251F9C54D0804A1

SHA256: E05008772AB3C97478749FE383E04155466D6DF6BF22E1BBDC5A6B8B6BB3E0C8

re-search_V0_0_7.zip (https)

MD5: 38EBBC6B45476AA2FB03DC9604D2F7EE

SHA256: 7BE3B986126C3E40A886A66A08EA360EEE01A29F064F2D3235A1311C4FB4E45E

Referenced in post(s):

Update: re_search.py Version 0.0.7

re-search_V0_0_8.zip (https)

MD5: D4895B54268683BFBE0126D02B01A4A2

SHA256: 85919EB964FF9CF0EDE7DA64E9BCE6619480DAC71D0CB65B5EE667322B18DDBB

Referenced in post(s):

Update: re-search.py Version 0.0.8

re-search_V0_0_9.zip (https)

MD5: E9BC3AFF3FA3D6ED0F14EC4941955C2D

SHA256: 4AA92E513A478D02DD12110D3759FFCB2996A3E8A5D2D812124922C5023C3B50

Referenced in post(s):

Update: re-search.py Version 0.0.9

regedit-dll: ReactOS regedit.exe transformed into a dll

regedit-dll_v0_0_1.zip (https)

MD5: A736AE075FE12656D4A8DB7421AB035B

SHA256: 8392D6C814670F7198BFFF9741F4589D806FFF1C89A964AD14C9DA4047F45C6F

Referenced in post(s):

Excel with cmd.dll & regedit.dll

RegistryScanner-beta.zip (https)

MD5: 5D05A681A5F3C51B61EE1D73BF76286B

SHA256: 6117206A039DA6248167506EA7AC42262F2AF58D2864EF11AEF433C77397D5FF

rtfdump: Analyze RTF files

rtfdump_V0_0_2.zip (https)

MD5: 368CCACC556E283D5E1759ED5E164BFF

SHA256: DA9B0AB231B1ADBC1083FC0F915A789EF19A5F7540C317CFA80BF3DE038C7952

Referenced in post(s):

Releasing rtfdump.py

rtfdump_V0_0_3.zip (https)

MD5: 59DC23EE55F76C065A2A718DDFDB0E4E

SHA256: 46F9D768C6976AD5D4018EFDFD35DAE4212FEAE57871434A33CAEF028CB4CBA2

Referenced in post(s):

rtfdump: Update And Videos

rtfdump_V0_0_4.zip (https)

MD5: C384FD5356DA4E2129E44903BA20966A

SHA256: 0B73AB16577BDB1DC0B1431013E28893004DD563DD4C4D00BA1D20B1DBAED917

Referenced in post(s):

Update: rtfdump Version 0.0.4

rtfdump_V0_0_5.zip (https)

MD5: 14475C70D992FB72306D5F83815DDE19

SHA256: A26A60536509BA7CF55FF1876E8BC3A6DBA43F1EF8841F159D55411FD11B5078

Referenced in post(s):

Update: rtfdump.py Version 0.0.5

rtfdump_V0_0_6.zip (https)

MD5: B4F9264F2431322F52BAAB834A5A144D

SHA256: C15918E89313D03F01BC8A3BCB68376B6E21558567BDFD81889F48196DC80986

Referenced in post(s):

Update: rtfdump.py Version 0.0.6

rtfdump_V0_0_7.zip (https)

MD5: 59F86BA57D67CB78B9D863AFEA710709

SHA256: 1A8EDD4F73F020F44B0AAB39FC3A1C313C81BF8A1E031A76D8B8C85E34116DD6

Referenced in post(s):

Update: rtfdump.py Version 0.0.7

rtfdump_V0_0_8.zip (https)

MD5: 5EB2E1CBD0EFFF14BC4EEC43A10B1A84

SHA256: 6B9AD22FD55D28A1CFCD5660E4200F38152601DE74DC2566B1749AD7A334B328

rtfdump_V0_0_9.zip (https)

MD5: 26BE358EC8D42BB7532B6C0C1EBAD1F2

SHA256: 3F6410AC7880116CDDE4480367D3F5AA534CCA3047B75FEA0F4BA1F5EAA97B07

Referenced in post(s):

Update: rtfdump.py Version 0.0.9

RTStego: Rainbow table steganography

RTStego.zip (https)

MD5: 8DE76B0E81314CF8614678621CB7D162

SHA256: E8E8AA7A397E576D2BEB761B045D974D4D25E22AC6E3680154940A586AFEB91F

rtstego2.zip (https)

MD5: E8C7CBDD6B5C2FF56A2BDC3B04401AFB

SHA256: 31CBEFDCB5C865E9AE243BC1C0261DD08CF1FFABE792AEAA9DE9F903E9CAECA9

Referenced in post(s):

Hiding Inside a Rainbow, Part 3

runasil: Launches program with a low integrity level

runasil_V0_0_0_1.zip (https)

MD5: 5B8CE64715903DD7EEF4AF3B89E6E6FD

SHA256: 15841A9D9985E626C5B70B4BC3B2BF2CD68C38102B6BB1D92BA352D19F5C8A65

Referenced in post(s):

Runasil

RunInsideLimitedJob: Start program and run it inside a limited job

RunInsideLimitedJob-DLL64_V0_0_0_1.zip (https)

MD5: A6048613CE00C9F401A8AC7943A451E3

SHA256: 279F6BE0EB124814D37A5E70F2D906B1756B27CDDC7E7AEA40B2B42B39C0CFCA

Referenced in post(s):

RunInsideLimitedJob 64-bit

RunInsideLimitedJob_V0_0_0_1.zip (https)

MD5: 90055BA2928D06EC7A883DEF6E7F37C6

SHA256: EF88A2963436F5893727A90413CE624B473352190E936E35EEF85E246655486D

Referenced in post(s):

RunInsideLimitedJob

SE_ASLR: Force ASLR on Windows Explorer Shell Extensions

SE_ASLR_V0_0_0_1.zip (https)

MD5: 9D6AE1A96D554AEE527EB802FE59FB20

SHA256: 8A6C1406A757CD9788A2630D76A497E2C058333EE4D44CA0B85B2A05A39F257E

Referenced in post(s):

Force “ASLR” on Shell Extensions

SE_ASLR_V0_0_0_2.zip (https)

MD5: C835D1DDB64A68A1CD48CCF87AE03D18

SHA256: 1560BEE96CFC956A5E8954FEFD92ED227293418B19FE6B06D4ED703B6C50F4AC

Referenced in post(s):

Update: SE_ASLR Version 0.0.0.2

search-and-replace-with-wildcards: 010 Editor Script for search and replace with wildcards

search-and-replace-with-wildcards_v0_0_1.zip (https)

MD5: 7D620E8BEFFD4ED5563D9944C9B0B859

SHA256: B7F074304660A8DBF7AB2261D8619FFFFD461EFB5EE4C6E42880C87A3C1A4AB7

Referenced in post(s):

search-and-replace-with-wildcards.1sc

SelectMyParent: Launch a program and select its parent

SelectMyParent_v0_0_0_1.zip (https)

MD5: AF327175764886FB41304F7BC157FC58

SHA256: 16F40EB7996BAC1084DA366B1CF89ADA40093099373DB1FDBAE81CDCA5D2B560

Referenced in post(s):

Quickpost: SelectMyParent or Playing With the Windows Process Tree

SendtoCLI: GUI tool for CLI commands

SendtoCLIBeta.zip (https)

MD5: F672206A863642E2706A328ECCC18AE2

SHA256: 3EAB27C2496233816AD76E0EB0E35D274D4C711D7EFF8AE236BF0154DE55A423

setdllcharacteristics: Tool to set DEP, ASLR, … flags of a Windows executable

setdllcharacteristics_v0_0_0_1.zip (https)

MD5: F96358BF90AA4D8C6B32968B2068BFCB

SHA256: 5A9D3815F317C7C0FF7737F271CE0C60BE2CB0F4168C5EA5AD8CEF84AD718577

Referenced in post(s):

setdllcharacteristics

sets: Set operations on 2 files: union, intersection, subtraction, exclusive or

sets_V0_0_1.zip (https)

MD5: DF0AE1EF67B4BA04750A39EF7FAEE09C

SHA256: A5FF61610AD67CA0638E53A10DD083612C2F5BF42218DD2393AFD20035E89B9F

Referenced in post(s):

New Tool: sets.py

sets_V0_0_2.zip (https)

MD5: F744A900D3EBF7A0D0927F5244FA65F9

SHA256: B205B766D0FB4D12DD334BD6CD20748E14EF1136D545F7EFBB5CEAC6B3F0D942

Referenced in post(s):

Update: sets.py Version 0.0.2

shellcode2vba: Convert shellcode to VBA

shellcode2vba_v0_3.zip (https)

MD5: 44AF2685975346F9DE09E48E7FB855CE

SHA256: 04C42FA26717CCC7BC17A7BEDA02C746CA1A8BC8C6CE184670CD686796B5FF10

Referenced in post(s):

shellcode2vba

shellcode2vba_v0_4.zip (https)

MD5: DA1580DEF5B5CFF08ACF5FA921AF0822

SHA256: BDC0A5EC3E918B3DA27C392E1B2F909B7BDAD319C43A4250689DD38C81FF876F

Referenced in post(s):

Update: shellcode2vba.py Version 0.4

shellcode2vba_v0_5.zip (https)

MD5: BAD6684A6887F9E90FF755609B4CA2D5

SHA256: C403CD8196593F2ADD6BED40E9E7A14E49DB48909788DE8BB27A95D71E58A13A

Referenced in post(s):

Update: shellcode2vba.py Version 0.5

shellcode2vbscript: Convert shellcode to VBA

shellcode2vbscript_v0_1.zip (https)

MD5: AAB0431127C657C9A3EF67E1C73E6711

SHA256: D1CDDAFCB734EC3F35E558DECFF2EDB73DC0C394936814B602B605F09DE4A5E5

Referenced in post(s):

Shellcode 2 VBScript

ShellCodeLibLoader: ShellCode With a C-Compiler

ShellCodeLibLoader_v0_0_1.zip (https)

MD5: F6D4779097A8A11C412BDD47B7B1C8AE

SHA256: 3294A4322926476562AF34A80B8155638EFEEF38E401E69D6DB9BBB652C3EB58

Referenced in post(s):

Shellcode

ShellCodeMemoryModule: Generates DLL-loading shellcode from memory

ShellCodeMemoryModule_V0_0_0_1.zip (https)

MD5: CEABB3A8A9A4A507BA19C52EE2CC5DA9

SHA256: 284344C909E623B0406BB38A67F5A7A1AEE2473721244EED52CCEBB8846B0500

Referenced in post(s):

Shellcode

shift: 010 Editor Script to shift bytes in a file or selection

shift_v0_0_1.zip (https)

MD5: 0E98DD182D12839FD86A30E696414E0A

SHA256: 07D849E9E898AFA705E57474FADFF001C9CAF9DB1D51AD8C9EB7E9A2A765D714

Referenced in post(s):

shift.1sc

simple-shellcode-generator: Python program to generate 32-bit shellcode (assembler code)

simple-shellcode-generator_V0_0_1.zip (https)

MD5: 3A6D00C6EBC1F20589C952817174653E

SHA256: FEFD4059810DA7855CC3CBC6A198FD75607C4F7B7B2F71817689E1520B454C58

Referenced in post(s):

simple-shellcode-generator.py

simple_ip_stats: Process PCAP files to calculate IP data statistics

simple_ip_stats_V0_0_1.zip (https)

MD5: 0482F3667E4EE6444350D9B0A146F764

SHA256: 480DCF2C82030EF996A6C1C3FEFCAAB77C000EC72DECA91329298C9BCC578BAD

Referenced in post(s):

New Tool: simple_ip_stats.py

simple_tcp_stats: Process PCAP files to calculate TCP data statistics

simple_tcp_stats_V0_0_1.zip (https)

MD5: 606DB4208BBC5908D9F32A68DDF90AC6

SHA256: 68B275C58736AE450D23BEA82CC1592936E541E00726D8ED95F5CA8ACB02B7CE

Referenced in post(s):

New Tool: simple_tcp_stats.py

SimpleEncoder: 010 Editor Script to encode current selection by shifting characters

SimpleEncoder_V1_0.zip (https)

MD5: 02C7BA20D8BF9EB965B3957BE8D26094

SHA256: 7C98B404F49F5E22A8A052AB4E100BF4ABCE37F39518293FC697D21C1D36A4F3

Referenced in post(s):

New Tool: SimpleEncoder

snort-rules-V0_0_1.zip (https)

MD5: 526AAC1CE1E8576633498223DFA07E3D

SHA256: 7694E4E884E12068BC2A32714D3B0C48060B12C80E4093AFB6B1563E2EDA5E8D

Referenced in post(s):

Detecting Network Traffic from Metasploit’s Meterpreter Reverse HTTP Module

split: Split a text file into X number of files (2 by default)

split_V0_0_1.zip (https)

MD5: 49C0A77DA89376541073D09E010F7375

SHA256: 09D50C104AA4A32D963EB4254F48520ADB94A43BFF08FF68F8ADBA3C0ECC896A

Referenced in post(s):

split.py

ssltest.zip (https)

MD5: 1B50D6A10637BB6472ED541733BBE68D

SHA256: DA744643CF06645DA9C27A7DD62853E15123D7481AE5D6776E6393A6312847E1

Referenced in post(s):

Heartbleed: Testing From a Cisco IOS Router – ssltest.tcl

strings: Strings command in Python

strings_V0_0_3.zip (https)

MD5: DE008589A0B4B3C33B52BE3A171EB14D

SHA256: 9EBA69933B44DF41F4B51EE45B510E15FA85BCB38AD4CE45C863E8BBDAFED489

Referenced in post(s):

Release: strings.py

strings_V0_0_4.zip (https)

MD5: 8B1F5A6BEBA2BC8BDFF16B99C27050E4

SHA256: 7BBAAB0E83692288BDC35BC0FBDD6B2F8A141280E506131E2818F49BEF31D01A

Referenced in post(s):

Update: strings.py Version 0.0.4

Suspender: DLL that suspends its host process

Suspender_V0_0_0_3.zip (https)

MD5: C87FCAB2586C6154B58FB0F95FBB1FBE

SHA256: 56D0C641569E99AC31C7590DE513025E21166747565B73C5EBE34346616FFB2F

Referenced in post(s):

Suspender.dll

Suspender_V0_0_0_4.zip (https)

MD5: 629255337FE0CA9F631B1A7177D158F0

SHA256: 8E63152620541314926878D01469E2E922298C147740BDEAF7FC6B70EB9305EF

Referenced in post(s):

Update: Suspender V0.0.0.4

TaskManager: Windows Task Manager written in Excel/VBA

TaskManager_V0_0_1.zip (https)

MD5: A0A7584C83F4DD85F57F8511E332893B

SHA256: A0A128DA6297968CB2F434628AD4F045E14EBDC8AE3B05DD3D0F21CC954C13CE

Referenced in post(s):

TaskManager.xls

TaskManager_V0_0_3.zip (https)

MD5: BF40B4317C7E04E1F65B8CEE55ED3A7A

SHA256: 0D48C2E6986F1DD8FA3A0671A1A53F0FC489923701963031FDC4FA516603EEC1

Referenced in post(s):

Update: TaskManager.xls Version 0.0.3

TaskManager_V0_1_0.zip (https)

MD5: 5ED2AB6036CA94FAC7DEE5352718D07C

SHA256: EBCF4832C4DBAB0AFE778E19423EBB56CA4644DA1FDB5B2EB1BB4C27A26DB18C

Referenced in post(s):

TaskManager Runs on 64-bit Excel

TaskManager_V0_1_1.zip (https)

MD5: 57D0ED69E034872DE7DF217DD491B732

SHA256: 08FD64B90E34150BD48A54904F04905D84249E7042BF31E6A5AA642B2B855D91

Referenced in post(s):

Signed TaskManager

TaskManager_V0_1_2.zip (https)

MD5: DEDB20DA6EE1A622DD3C234D07F5FE08

SHA256: 23EC10C7206BA43B56EF185E7C18EF528FD551FC0B34FFF9E4E183C37A114FF8

Referenced in post(s):

Update: TaskManager.xls V0.1.2

TaskManager_V0_1_3.zip (https)

MD5: 38DED14A7A468923C3552A6135CC570C

SHA256: CABD1F73C8D069A85EA439D7AFF736723B5759A6ED929FB3F21A4ADD3D0605BC

Referenced in post(s):

Update: TaskManager.xls V0.1.3 Killer Shellcode

TaskManager_V0_1_4.zip (https)

MD5: FBB30486CF0E7A1BEB7342EF4672DE52

SHA256: 30779E09B5B0D1D1AFE9C33B12EDD0982E775A9FA0B0D2A1189835004750FB5F

Referenced in post(s):

Update & Split: TaskManager.xls Version 0.1.4

TaskManagerSC_V0_1_4.zip (https)

MD5: 61C6657B2E36F3240A67960BCA413E56

SHA256: FAAB1044318A1EB6FEA09109ABDD982CDFFAEE54DC1C81D3416CC2A69DEEEC70

Referenced in post(s):

Update & Split: TaskManager.xls Version 0.1.4

TestIntegrityCheckFlag: Test program for Using DLLCHARACTERISTICS’ FORCE_INTEGRITY Flag blogpost

TestIntegrityCheckFlag.zip (https)

MD5: 7F6E9A0B0440BE80F2287AE4C30A5176

SHA256: 2E60E121C5AE9AFDAA7595E0A2177D65A1F08D39ADA4F1E14605749DEE22B3CE

Referenced in post(s):

Using DLLCHARACTERISTICS’ FORCE_INTEGRITY Flag

translate: Python script to perform bitwise operations on files (like XOR, ROL/ROR, …)

translate.zip (https)

MD5: B76FF05E3CB8015F716AC6BF0111BC5A

SHA256: F715854D5C0C7E280515B0A3496B8020C4170288BFA9930FDE58C380F2FB6670

translate_v2_0_0.zip (https)

MD5: 31739EEE90E303A8DA5A995344BA6F5B

SHA256: CFB11380C4193E91D7843F195D9EA086A59829F9CF3DF4016C12ACE8378B052C

translate_v2_1_0.zip (https)

MD5: AF8B1FB7A48AFC519F7656763A95980C

SHA256: 6C65ABE811263E1F687DEDB0A1064C141FFEEA5105BE3C925972BC0B9CE73FC0

Referenced in post(s):

Update: translate.py V2.1.0

translate_v2_2_0.zip (https)

MD5: D561D9987A3E5264E40A4B5C4057A732

SHA256: BC532BD5C7DD86DCADDF7B7B9A34453E983E226E103E0591E7D480BB43C350E0

Referenced in post(s):

Update: translate.py Version 2.2.0 for Locky JavaScript Deobfuscation

translate_v2_3_0.zip (https)

MD5: 3C21675A2792DCBAF2EB0222C3D14450

SHA256: B51D4D47213AE7E79E3C9D157F5FC8E26C41AB9A5F3A26CD589F588C03910F2A

Referenced in post(s):

Update translate.py Version 2.3.0

translate_v2_3_1.zip (https)

MD5: A3C30A3534DC96B28C1C18B425E2A82D

SHA256: BBD24406BC3038620807E8C4116B325BE6124BE92D041173A8E4BAB56D06C7E2

Referenced in post(s):

Update: translate.py Version 2.3.1

translate_v2_4_0.zip (https)

MD5: B33830C68D8A8A7534AF178243658E70

SHA256: A01AB10FCE42664869C4E31DB1AB2E1E0237172D0AE9685549A09BF866D7F885

Referenced in post(s):

Update: translate.py Version 2.4.0

translate_v2_5_0.zip (https)

MD5: 768F895537F977EF858B4D82E0E4387C

SHA256: 5451BF8A58A04547BF1D328FC09EE8B5595C1247518115F439FC720A3436519F

Referenced in post(s):

Update: translate.py Version 2.5.0

translate_v2_5_1.zip (https)

MD5: A73F9E76A3471C5DD48BBC69AA52EF90

SHA256: 9E47D27A6509EFD210F6F23DC19D644E61DEAEF82466254185B4DD9931B9029F

translate_v2_5_2.zip (https)

MD5: 1499C7D9C03928F2CE90BAA813A982DA

SHA256: 34451966781CA9821CD66AEF54379A3B47576CD4FCE8CBEFD9EFA3DA06E49CE9

Referenced in post(s):

Update: translate.py Version 2.5.2

translate_v2_5_3.zip (https)

MD5: F3C01FCA74A84F1712BAF187E9FE479F

SHA256: 4CA311456EDE5A43097D4E567F225CFF2A68D47B96A261FC935F2A0F1CD4EB0F

Referenced in post(s):

Update: translate.py Version 2.5.3

translate_v2_5_4.zip (https)

MD5: C07B37F7AFA0386315843E6A493721C1

SHA256: A2203C643FC8BC64A98DCA3EE1F9444BE16F5D5C2036AC0200A6BA657786C5EC

Referenced in post(s):

Update: translate.py Version 2.5.4

translate_v2_5_5.zip (https)

MD5: 0BBB0E7E569BCB08D5A9278C974A3EE6

SHA256: 78E0BAC87DF47D06BB9C351FBF3CA623EE10B3993E071E7C9A0C9C4DB0FFF1D4

Referenced in post(s):

Update: translate.py Version 2.5.5

translate_v2_5_6.zip (https)

MD5: 9615167810202129C0CFC3D5125CC354

SHA256: F926E474B966790A1077B76C029F912100128C4F1CE848781C14DF4B628395D7

Referenced in post(s):

Update: translate.py Version 2.5.6

translate_v2_5_7.zip (https)

MD5: 886C1B4C518EA58F972F87980994B976

SHA256: 01E4239E050DE4853AC53020CCE44C9804003A4A2C195974B5B16AEDD1B8E1B1

Referenced in post(s):

Update: translate.py Version 0.2.7

translate_v2_5_8.zip (https)

MD5: 677BD5D6007F264A05D23A9A01B3DD13

SHA256: 977D7A87F771F5E86A6B57D2B565D7C789A7AC7696599E8B7412E9051D66DCFF

Referenced in post(s):

Translate

Update: translate.py Version 2.5.8

ultraedit_scripts: Collection of UltraEdit scripts

ul