Skip to content
@WithSecureLabs

WithSecure Labs

Welcome to WithSecure Labs. Here we publish research, and share our tools with the security community.

Popular repositories Loading

  1. chainsaw chainsaw Public

    Rapidly Search and Hunt through Windows Forensic Artefacts

    Rust 3.2k 287

  2. doublepulsar-detection-script doublepulsar-detection-script Public

    A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.

    Python 1k 315

  3. python-exe-unpacker python-exe-unpacker Public

    A helper script for unpacking and decompiling EXEs compiled from python code.

    Python 953 341

  4. CallStackSpoofer CallStackSpoofer Public

    A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)

    C++ 502 68

  5. LinuxCatScale LinuxCatScale Public

    Incident Response collection and processing scripts with automated reporting scripts

    Shell 306 57

  6. doublepulsar-c2-traffic-decryptor doublepulsar-c2-traffic-decryptor Public

    A python2 script for processing a PCAP file to decrypt C2 traffic sent to DOUBLEPULSAR implant

    Python 224 80

Repositories

Showing 10 of 41 repositories
  • chainsaw Public

    Rapidly Search and Hunt through Windows Forensic Artefacts

    Rust 3,201 GPL-3.0 287 11 (1 issue needs help) 2 Updated Jul 5, 2025
  • Kanvas Public

    A simple-to-use IR (incident response) case management tool for tracking and documenting investigations.

    Python 178 GPL-3.0 26 0 0 Updated Jul 3, 2025
  • iocs Public
    Python 15 BSD-2-Clause 4 0 0 Updated Jun 26, 2025
  • CallStackSpoofer Public

    A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)

    C++ 502 Apache-2.0 68 1 0 Updated Apr 8, 2025
  • tau-engine Public

    A document tagging library

    Rust 30 MIT 4 0 0 Updated Mar 27, 2025
  • deject Public

    Memory dump and Sample analysis tool

    Python 14 GPL-3.0 1 0 0 Updated Mar 17, 2025
  • mongo-rs Public

    A higher-level wrapper on top of the official bson & mongodb crates.

    Rust 16 MIT 5 5 0 Updated Dec 3, 2024
  • python-exe-unpacker Public

    A helper script for unpacking and decompiling EXEs compiled from python code.

    Python 953 GPL-3.0 341 18 4 Updated Aug 15, 2024
  • LinuxCatScale Public

    Incident Response collection and processing scripts with automated reporting scripts

    Shell 306 GPL-3.0 57 0 0 Updated Jun 25, 2024
  • hl7magic Public

    A Burp extension to allow for easy modification of HL7 messages sent to and from medical devices.

    Python 6 Apache-2.0 2 0 0 Updated Mar 25, 2024

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Top languages

Loading…