Pond Information Management's Projects
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module
Proof-of-concept obfuscation toolkit for C# post-exploitation tools
JiuZhou is a data set of Ethereum bug smart contracts (ICSME 2020).
A library for creating and parsing Paseto in Java
jSQL Injection is a Java application for automatic SQL database injection.
Katacoda Scenarios
C# Kernel Mode Driver to read and write memory in protected processes
Driver and WinDBG scripts to dump information about all resources and lookaside lists
KringleCon 2021
The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.
Enumerate and check domains for Azure tenants
Linux virtual machines, typically on macOS, for running containerd
Yara rules to look for Log4J usage
Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228
log4j-scanner is a project derived from other members of the open-source community by CISA's Rapid Action Force team to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.
A tool that scans archives to check for vulnerable log4j versions
Deploys an agent to fix CVE-2021-44228 (Log4j RCE vulnerability) in a running JVM process
Operational information regarding the vulnerability in the Log4j logging library.
A collection of intelligence about Log4Shell and its exploitation activity.
PCRE RegEx matching Log4Shell CVE-2021-44228 IOC in your logs
Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell
Command line interface to dump LSASS memory to disk via SilentProcessExit
macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
Generate Google Cloud Platform support for Terraform, Ansible, InSpec
PoC framework for APK obfuscation
Small utility program to perform multiple operations for a given subnet/CIDR ranges.