diff --git a/packages/adconnectdump.vm/adconnectdump.vm.nuspec b/packages/adconnectdump.vm/adconnectdump.vm.nuspec
index 3bf8a51ec..eac7f4078 100644
--- a/packages/adconnectdump.vm/adconnectdump.vm.nuspec
+++ b/packages/adconnectdump.vm/adconnectdump.vm.nuspec
@@ -2,11 +2,11 @@
adconnectdump.vm
- 0.0.0.20240323
+ 0.0.0.20240411
fox-it
This toolkit offers several ways to extract and decrypt stored Azure AD and Active Directory credentials from Azure AD Connect servers.
-
+
diff --git a/packages/amcacheparser.vm/amcacheparser.vm.nuspec b/packages/amcacheparser.vm/amcacheparser.vm.nuspec
index 5a31c9534..908a09e54 100644
--- a/packages/amcacheparser.vm/amcacheparser.vm.nuspec
+++ b/packages/amcacheparser.vm/amcacheparser.vm.nuspec
@@ -2,11 +2,11 @@
amcacheparser.vm
- 1.5.1.20231208
+ 1.5.1.20240411
Eric Zimmerman
Amcache.hve parser with lots of extra features. Handles locked files
-
+
diff --git a/packages/appcompatcacheparser.vm/appcompatcacheparser.vm.nuspec b/packages/appcompatcacheparser.vm/appcompatcacheparser.vm.nuspec
index 7e75f011c..0264279a7 100644
--- a/packages/appcompatcacheparser.vm/appcompatcacheparser.vm.nuspec
+++ b/packages/appcompatcacheparser.vm/appcompatcacheparser.vm.nuspec
@@ -2,11 +2,11 @@
appcompatcacheparser.vm
- 1.5.0.20231208
+ 1.5.0.20240411
Eric Zimmerman
AppCompatCache aka ShimCache parser. Handles locked files
-
+
diff --git a/packages/asreproast.vm/asreproast.vm.nuspec b/packages/asreproast.vm/asreproast.vm.nuspec
index f7dcef57b..ecb0a5110 100644
--- a/packages/asreproast.vm/asreproast.vm.nuspec
+++ b/packages/asreproast.vm/asreproast.vm.nuspec
@@ -2,11 +2,11 @@
asreproast.vm
- 0.0.0.20240323
+ 0.0.0.20240411
HarmJ0y
Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.
-
+
diff --git a/packages/azurehound.vm/azurehound.vm.nuspec b/packages/azurehound.vm/azurehound.vm.nuspec
index 82e1d653a..ab06ff183 100644
--- a/packages/azurehound.vm/azurehound.vm.nuspec
+++ b/packages/azurehound.vm/azurehound.vm.nuspec
@@ -2,11 +2,11 @@
azurehound.vm
- 2.1.8
+ 2.1.8.20240411
BloodHoundAD
AzureHound is the BloodHound data collector for Microsoft Azure.
-
+
diff --git a/packages/blobrunner.vm/blobrunner.vm.nuspec b/packages/blobrunner.vm/blobrunner.vm.nuspec
index 439fe5f91..dfdad4ef1 100644
--- a/packages/blobrunner.vm/blobrunner.vm.nuspec
+++ b/packages/blobrunner.vm/blobrunner.vm.nuspec
@@ -2,11 +2,11 @@
blobrunner.vm
- 0.0.5.20240217
+ 0.0.5.20240411
OALabs
BlobRunner is a simple tool to quickly debug shellcode extracted during malware analysis.
-
+
diff --git a/packages/blobrunner64.vm/blobrunner64.vm.nuspec b/packages/blobrunner64.vm/blobrunner64.vm.nuspec
index c1fcbf387..774cae1a8 100644
--- a/packages/blobrunner64.vm/blobrunner64.vm.nuspec
+++ b/packages/blobrunner64.vm/blobrunner64.vm.nuspec
@@ -2,11 +2,11 @@
blobrunner64.vm
- 0.0.5.20240217
+ 0.0.5.20240411
OALabs
BlobRunner is a simple tool to quickly debug shellcode extracted during malware analysis.
-
+
diff --git a/packages/bloodhound-custom-queries.vm/bloodhound-custom-queries.vm.nuspec b/packages/bloodhound-custom-queries.vm/bloodhound-custom-queries.vm.nuspec
index a83e539e9..1dda9bdda 100644
--- a/packages/bloodhound-custom-queries.vm/bloodhound-custom-queries.vm.nuspec
+++ b/packages/bloodhound-custom-queries.vm/bloodhound-custom-queries.vm.nuspec
@@ -2,11 +2,11 @@
bloodhound-custom-queries.vm
- 0.0.0.20240323
+ 0.0.0.20240411
hausec
Custom Query list for the Bloodhound GUI based off my cheatsheet
-
+
diff --git a/packages/bloodhound.vm/bloodhound.vm.nuspec b/packages/bloodhound.vm/bloodhound.vm.nuspec
index 3224d0bde..d7ad990b9 100644
--- a/packages/bloodhound.vm/bloodhound.vm.nuspec
+++ b/packages/bloodhound.vm/bloodhound.vm.nuspec
@@ -2,11 +2,11 @@
bloodhound.vm
- 4.3.1.20230713
+ 4.3.1.20240411
BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment.
Andrew Robbins, Rohan Vazarkar, Will Schroeder
-
+
diff --git a/packages/bstrings.vm/bstrings.vm.nuspec b/packages/bstrings.vm/bstrings.vm.nuspec
index 6fb959cbb..700f4b35c 100644
--- a/packages/bstrings.vm/bstrings.vm.nuspec
+++ b/packages/bstrings.vm/bstrings.vm.nuspec
@@ -2,11 +2,11 @@
bstrings.vm
- 1.5.2.20231208
+ 1.5.2.20240411
Eric Zimmerman
Find them strings yo. Built in regex patterns. Handles locked files
-
+
diff --git a/packages/c3.vm/c3.vm.nuspec b/packages/c3.vm/c3.vm.nuspec
index a4fc72563..e7f712d34 100644
--- a/packages/c3.vm/c3.vm.nuspec
+++ b/packages/c3.vm/c3.vm.nuspec
@@ -2,11 +2,11 @@
c3.vm
- 0.0.0.20240323
+ 0.0.0.20240411
WithSecureLabs
C3 (Custom Command and Control) is a tool that allows Red Teams to rapidly develop and utilise esoteric command and control channels (C2). It's a framework that extends other red team tooling, such as the commercial Cobalt Strike (CS) product via ExternalC2.
-
+
diff --git a/packages/capa.vm/capa.vm.nuspec b/packages/capa.vm/capa.vm.nuspec
index 6a39fa759..1edc4f02e 100755
--- a/packages/capa.vm/capa.vm.nuspec
+++ b/packages/capa.vm/capa.vm.nuspec
@@ -2,11 +2,11 @@
capa.vm
- 7.0.1
+ 7.0.1.20240411
capa detects capabilities in executable files. You run it against a PE file or shellcode and it tells you what it thinks the program can do.
@williballenthin, @mr-tz, @Ana06, @mike-hunhoff, @mwilliams31, @MalwareMechanic
-
+
diff --git a/packages/certify.vm/certify.vm.nuspec b/packages/certify.vm/certify.vm.nuspec
index d44c54944..4c52aac77 100644
--- a/packages/certify.vm/certify.vm.nuspec
+++ b/packages/certify.vm/certify.vm.nuspec
@@ -2,11 +2,11 @@
certify.vm
- 1.1.0.20240323
+ 1.1.0.20240411
HarmJ0y, leechristensen
Certify is a C# tool to enumerate and abuse misconfigurations in Active Directory Certificate Services (AD CS).
-
+
diff --git a/packages/chainsaw.vm/chainsaw.vm.nuspec b/packages/chainsaw.vm/chainsaw.vm.nuspec
index 8c59edaf2..df3a4d9d0 100644
--- a/packages/chainsaw.vm/chainsaw.vm.nuspec
+++ b/packages/chainsaw.vm/chainsaw.vm.nuspec
@@ -2,11 +2,11 @@
chainsaw.vm
- 2.8.1
+ 2.8.1.20240411
WithSecure Labs
Chainsaw provides a powerful 'first-response' capability to quickly identify threats within Windows forensic artefacts such as Event Logs and the MFT file.
-
+
diff --git a/packages/common.vm/common.vm.nuspec b/packages/common.vm/common.vm.nuspec
index 3fd044e52..b916e3621 100755
--- a/packages/common.vm/common.vm.nuspec
+++ b/packages/common.vm/common.vm.nuspec
@@ -2,7 +2,7 @@
common.vm
- 0.0.0.20240410
+ 0.0.0.20240411
Common libraries for VM-packages
Mandiant
diff --git a/packages/common.vm/tools/vm.common/vm.common.psm1 b/packages/common.vm/tools/vm.common/vm.common.psm1
index 1dbf1f214..5c3c10a2f 100755
--- a/packages/common.vm/tools/vm.common/vm.common.psm1
+++ b/packages/common.vm/tools/vm.common/vm.common.psm1
@@ -225,10 +225,11 @@ function VM-Install-Raw-GitHub-Repo {
)
try {
if ($withoutBinFile) {
- VM-Install-From-Zip -toolName $toolName -category $category -zipUrl $zipUrl -zipSha256 $zipSha256 -innerFolder $innerFolder -executableName $executableName -withoutBinFile -powershellCommand $powershellCommand
+ $toolDir = (VM-Install-From-Zip -toolName $toolName -category $category -zipUrl $zipUrl -zipSha256 $zipSha256 -innerFolder $innerFolder -executableName $executableName -withoutBinFile -powershellCommand $powershellCommand)[0]
} else {
- VM-Install-From-Zip -toolName $toolName -category $category -zipUrl $zipUrl -zipSha256 $zipSha256 -innerFolder $innerFolder -executableName $executableName -powershellCommand $powershellCommand
+ $toolDir = (VM-Install-From-Zip -toolName $toolName -category $category -zipUrl $zipUrl -zipSha256 $zipSha256 -innerFolder $innerFolder -executableName $executableName -powershellCommand $powershellCommand)[0]
}
+ return $toolDir
} catch {
VM-Write-Log-Exception $_
}
@@ -320,9 +321,10 @@ function VM-Install-Shortcut{
}
}
-# This functions returns $toolDir (outputed by Install-ChocolateyZipPackage) and $executablePath
+# This functions returns $toolDir and $executablePath
function VM-Install-From-Zip {
[CmdletBinding()]
+ [OutputType([System.Object[]])]
Param
(
[Parameter(Mandatory=$true, Position=0)]
@@ -331,7 +333,7 @@ function VM-Install-From-Zip {
[string] $category,
[Parameter(Mandatory=$true, Position=2)]
[string] $zipUrl,
- [Parameter(Mandatory=$true, Position=3)]
+ [Parameter(Mandatory=$false, Position=3)]
[string] $zipSha256,
[Parameter(Mandatory=$false)]
[string] $zipUrl_64,
@@ -397,7 +399,7 @@ function VM-Install-From-Zip {
VM-Install-Shortcut -toolName $toolName -category $category -executablePath $executablePath -consoleApp $consoleApp -arguments $arguments
Install-BinFile -Name $toolName -Path $executablePath
}
- return $executablePath
+ return ,@($toolDir, $executablePath)
} catch {
VM-Write-Log-Exception $_
}
diff --git a/packages/covenant.vm/covenant.vm.nuspec b/packages/covenant.vm/covenant.vm.nuspec
index aa949189f..4c83c65f6 100644
--- a/packages/covenant.vm/covenant.vm.nuspec
+++ b/packages/covenant.vm/covenant.vm.nuspec
@@ -2,11 +2,11 @@
covenant.vm
- 0.0.0.20240323
+ 0.0.0.20240411
cobbr
Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers.
-
+
diff --git a/packages/credninja.vm/credninja.vm.nuspec b/packages/credninja.vm/credninja.vm.nuspec
index ed6b9dcb3..6e2e4f8c2 100644
--- a/packages/credninja.vm/credninja.vm.nuspec
+++ b/packages/credninja.vm/credninja.vm.nuspec
@@ -2,11 +2,11 @@
credninja.vm
- 2.3.0.20240323
+ 2.3.0.20240411
raikiasec
This tool will tell you if the credentials you dumped are valid on the domain, and if you have local administrator access to a host.
-
+
diff --git a/packages/cryptotester.vm/cryptotester.vm.nuspec b/packages/cryptotester.vm/cryptotester.vm.nuspec
index 3d1e3d03e..030291816 100644
--- a/packages/cryptotester.vm/cryptotester.vm.nuspec
+++ b/packages/cryptotester.vm/cryptotester.vm.nuspec
@@ -2,11 +2,11 @@
cryptotester.vm
- 1.7.1
+ 1.7.1.20240411
Michael Gillespie (@demonslay335)
Utility tool for performing cryptanalysis with a focus on ransomware cryptography
-
+
diff --git a/packages/cutter.vm/cutter.vm.nuspec b/packages/cutter.vm/cutter.vm.nuspec
index 729d42667..ae80b8f7b 100644
--- a/packages/cutter.vm/cutter.vm.nuspec
+++ b/packages/cutter.vm/cutter.vm.nuspec
@@ -2,11 +2,11 @@
cutter.vm
- 2.3.4.20240305
+ 2.3.4.20240411
Rizin
Cutter is a FOSS dissassembler/decompiler
-
+
diff --git a/packages/de4dot-cex.vm/de4dot-cex.vm.nuspec b/packages/de4dot-cex.vm/de4dot-cex.vm.nuspec
index b1acfaa0e..cdb644085 100644
--- a/packages/de4dot-cex.vm/de4dot-cex.vm.nuspec
+++ b/packages/de4dot-cex.vm/de4dot-cex.vm.nuspec
@@ -2,11 +2,11 @@
de4dot-cex.vm
- 4.0.0.20230526
+ 4.0.0.20240411
ViRb3
A de4dot fork with full support for vanilla ConfuserEx
-
+
diff --git a/packages/dex2jar.vm/dex2jar.vm.nuspec b/packages/dex2jar.vm/dex2jar.vm.nuspec
index 5b870f8d5..9d362bec1 100644
--- a/packages/dex2jar.vm/dex2jar.vm.nuspec
+++ b/packages/dex2jar.vm/dex2jar.vm.nuspec
@@ -2,11 +2,11 @@
dex2jar.vm
- 2.3.0.20231025
+ 2.3.0.20240411
@pxb1988
Tools to work with android .dex and java .class files.
-
+
diff --git a/packages/die.vm/die.vm.nuspec b/packages/die.vm/die.vm.nuspec
index 8f26366e3..f360d6ce2 100644
--- a/packages/die.vm/die.vm.nuspec
+++ b/packages/die.vm/die.vm.nuspec
@@ -2,11 +2,11 @@
die.vm
- 3.07.20240217
+ 3.07.0.20240411
Hellsp@wn, horsicq
Detect It Easy, or abbreviated "DIE" is a program for determining types of files.
-
+
diff --git a/packages/dnspyex.vm/dnspyex.vm.nuspec b/packages/dnspyex.vm/dnspyex.vm.nuspec
index a458451e8..538af9e19 100644
--- a/packages/dnspyex.vm/dnspyex.vm.nuspec
+++ b/packages/dnspyex.vm/dnspyex.vm.nuspec
@@ -2,11 +2,11 @@
dnspyex.vm
- 6.5.0
+ 6.5.0.20240411
0xd4d, ElektroKill
dnSpyEx is a unofficial continuation of the dnSpy project which is a debugger and .NET assembly editor. You can use it to edit and debug assemblies even if you don't have any source code available.
-
+
diff --git a/packages/dotdumper.vm/dotdumper.vm.nuspec b/packages/dotdumper.vm/dotdumper.vm.nuspec
index 52297f4ab..e9c34ce84 100644
--- a/packages/dotdumper.vm/dotdumper.vm.nuspec
+++ b/packages/dotdumper.vm/dotdumper.vm.nuspec
@@ -2,11 +2,11 @@
dotdumper.vm
- 1.1
+ 1.1.0.20240411
ThisIsLibra
An automatic unpacker and logger for DotNet Framework targeting files
-
+
diff --git a/packages/dotnettojscript.vm/dotnettojscript.vm.nuspec b/packages/dotnettojscript.vm/dotnettojscript.vm.nuspec
index 8f4ae9354..8a33f49ab 100644
--- a/packages/dotnettojscript.vm/dotnettojscript.vm.nuspec
+++ b/packages/dotnettojscript.vm/dotnettojscript.vm.nuspec
@@ -2,11 +2,11 @@
dotnettojscript.vm
- 0.0.0.20240323
+ 0.0.0.20240411
James Forshaw
A tool to generate a JScript which bootstraps an arbitrary .NET Assembly and class.
-
+
diff --git a/packages/dumpert.vm/dumpert.vm.nuspec b/packages/dumpert.vm/dumpert.vm.nuspec
index bc0ab912c..86122eb84 100644
--- a/packages/dumpert.vm/dumpert.vm.nuspec
+++ b/packages/dumpert.vm/dumpert.vm.nuspec
@@ -2,11 +2,11 @@
dumpert.vm
- 0.0.0.20240323
+ 0.0.0.20240411
outflank
This tool demonstrates the use of direct System Calls and API unhooking and combines these techniques in a proof of concept code which can be used to create a LSASS memory dump using Cobalt Strike.
-
+
diff --git a/packages/evilclippy.vm/evilclippy.vm.nuspec b/packages/evilclippy.vm/evilclippy.vm.nuspec
index 146f00de3..ed2a07a97 100644
--- a/packages/evilclippy.vm/evilclippy.vm.nuspec
+++ b/packages/evilclippy.vm/evilclippy.vm.nuspec
@@ -2,11 +2,11 @@
evilclippy.vm
- 1.3.0.20240323
+ 1.3.0.20240411
outflank
A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools.
-
+
diff --git a/packages/evtxecmd.vm/evtxecmd.vm.nuspec b/packages/evtxecmd.vm/evtxecmd.vm.nuspec
index bf542c964..6c24baa76 100644
--- a/packages/evtxecmd.vm/evtxecmd.vm.nuspec
+++ b/packages/evtxecmd.vm/evtxecmd.vm.nuspec
@@ -2,11 +2,11 @@
evtxecmd.vm
- 1.5.0.20231208
+ 1.5.0.20240411
Eric Zimmerman
Event log (evtx) parser with standardized CSV, XML, and json output! Custom maps, locked file support, and more!
-
+
diff --git a/packages/exeinfope.vm/exeinfope.vm.nuspec b/packages/exeinfope.vm/exeinfope.vm.nuspec
index f8554fc44..7ff99c810 100644
--- a/packages/exeinfope.vm/exeinfope.vm.nuspec
+++ b/packages/exeinfope.vm/exeinfope.vm.nuspec
@@ -2,11 +2,11 @@
exeinfope.vm
- 0.0.7.20240217
+ 0.0.7.20240411
A.S.L Soft
Displays metadata for a variety of file types and identifies many executable packers
-
+
diff --git a/packages/extreme_dumper.vm/extreme_dumper.vm.nuspec b/packages/extreme_dumper.vm/extreme_dumper.vm.nuspec
index 086677d5d..fd5bd6522 100644
--- a/packages/extreme_dumper.vm/extreme_dumper.vm.nuspec
+++ b/packages/extreme_dumper.vm/extreme_dumper.vm.nuspec
@@ -2,11 +2,11 @@
extreme_dumper.vm
- 4.0.0.20240219
+ 4.0.0.20240411
wwh1004
.NET Assembly Dumper from memory of processes.
-
+
diff --git a/packages/ezviewer.vm/ezviewer.vm.nuspec b/packages/ezviewer.vm/ezviewer.vm.nuspec
index e563a2bd2..c1271b24b 100644
--- a/packages/ezviewer.vm/ezviewer.vm.nuspec
+++ b/packages/ezviewer.vm/ezviewer.vm.nuspec
@@ -2,11 +2,11 @@
ezviewer.vm
- 2.0.0.20240226
+ 2.0.0.20240411
Eric Zimmerman
Standalone, zero dependency viewer for .doc, .docx, .xls, .xlsx, .txt, .log, .rtf, .otd, .htm, .html, .mht, .csv, and .pdf. Any non-supported files are shown in a hex editor (with data interpreter!)
-
+
diff --git a/packages/file.vm/file.vm.nuspec b/packages/file.vm/file.vm.nuspec
index f070c8858..8dbe845a4 100644
--- a/packages/file.vm/file.vm.nuspec
+++ b/packages/file.vm/file.vm.nuspec
@@ -2,11 +2,11 @@
file.vm
- 0.0.0.20240217
+ 0.0.0.20240411
A Windows port of the Linux `file` utility for checking header magics
Nolen Scaiffe
-
+
diff --git a/packages/floss.vm/floss.vm.nuspec b/packages/floss.vm/floss.vm.nuspec
index b0a0f2781..905a67b7c 100755
--- a/packages/floss.vm/floss.vm.nuspec
+++ b/packages/floss.vm/floss.vm.nuspec
@@ -2,11 +2,11 @@
floss.vm
- 3.0.1.20240217
+ 3.0.1.20240411
FLOSS uses advanced static analysis techniques to automatically deobfuscate strings from malware binaries. You can use it just like strings.exe to enhance basic static analysis of unknown binaries.
@williballenthin, @mr-tz
-
+
diff --git a/packages/fuzzdb.vm/fuzzdb.vm.nuspec b/packages/fuzzdb.vm/fuzzdb.vm.nuspec
index f10f1f4fe..97d66ec78 100644
--- a/packages/fuzzdb.vm/fuzzdb.vm.nuspec
+++ b/packages/fuzzdb.vm/fuzzdb.vm.nuspec
@@ -2,11 +2,11 @@
fuzzdb.vm
- 0.0.0.20240323
+ 0.0.0.20240411
fuzzdb-project
FuzzDB is the most comprehensive open dictionary of fault injection patterns, predictable resource locations, and regex for matching server responses.
-
+
diff --git a/packages/gadgettojscript.vm/gadgettojscript.vm.nuspec b/packages/gadgettojscript.vm/gadgettojscript.vm.nuspec
index 96c0aa4ad..d7d2df42b 100644
--- a/packages/gadgettojscript.vm/gadgettojscript.vm.nuspec
+++ b/packages/gadgettojscript.vm/gadgettojscript.vm.nuspec
@@ -2,11 +2,11 @@
gadgettojscript.vm
- 2.0.0.20240323
+ 2.0.0.20240411
med0x2e
A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA scripts.
-
+
diff --git a/packages/garbageman.vm/garbageman.vm.nuspec b/packages/garbageman.vm/garbageman.vm.nuspec
index f5f68648b..5e7dc30f5 100644
--- a/packages/garbageman.vm/garbageman.vm.nuspec
+++ b/packages/garbageman.vm/garbageman.vm.nuspec
@@ -2,11 +2,11 @@
garbageman.vm
- 0.2.4
+ 0.2.4.20240411
alphillips-lab
A set of tools designed for .NET heap analysis.
-
+
diff --git a/packages/gobuster.vm/gobuster.vm.nuspec b/packages/gobuster.vm/gobuster.vm.nuspec
index e6129c87d..e4d335e91 100644
--- a/packages/gobuster.vm/gobuster.vm.nuspec
+++ b/packages/gobuster.vm/gobuster.vm.nuspec
@@ -2,11 +2,11 @@
gobuster.vm
- 3.5.0.20230713
+ 3.5.0.20240411
Directory/file and DNS busting tool written in Go
OJ Reeves
-
+
diff --git a/packages/goresym.vm/goresym.vm.nuspec b/packages/goresym.vm/goresym.vm.nuspec
index a12df0526..3a88f441b 100644
--- a/packages/goresym.vm/goresym.vm.nuspec
+++ b/packages/goresym.vm/goresym.vm.nuspec
@@ -2,11 +2,11 @@
goresym.vm
- 2.4.0.20240217
+ 2.4.0.20240411
stevemk14ebr
Go symbol recovery tool
-
+
diff --git a/packages/hasher.vm/hasher.vm.nuspec b/packages/hasher.vm/hasher.vm.nuspec
index 6d4b2e7de..aaf94cbb6 100644
--- a/packages/hasher.vm/hasher.vm.nuspec
+++ b/packages/hasher.vm/hasher.vm.nuspec
@@ -2,11 +2,11 @@
hasher.vm
- 2.0.0.20240226
+ 2.0.0.20240411
Eric Zimmerman
Hash all the things
-
+
diff --git a/packages/hashmyfiles.vm/hashmyfiles.vm.nuspec b/packages/hashmyfiles.vm/hashmyfiles.vm.nuspec
index d3e18b7e1..fc34cb9b6 100644
--- a/packages/hashmyfiles.vm/hashmyfiles.vm.nuspec
+++ b/packages/hashmyfiles.vm/hashmyfiles.vm.nuspec
@@ -2,11 +2,11 @@
hashmyfiles.vm
- 0.0.0.20240217
+ 0.0.0.20240411
HashMyFiles is small utility that allows you to calculate the MD5 and SHA1 hashes of one or more files in your system. You can easily copy the MD5/SHA1 hashes list into the clipboard, or save them into text/html/xml file.
Nir Sofer
-
+
diff --git a/packages/hayabusa.vm/hayabusa.vm.nuspec b/packages/hayabusa.vm/hayabusa.vm.nuspec
index 9c8f2e4bb..35708ef53 100644
--- a/packages/hayabusa.vm/hayabusa.vm.nuspec
+++ b/packages/hayabusa.vm/hayabusa.vm.nuspec
@@ -2,11 +2,11 @@
hayabusa.vm
- 2.11.0
+ 2.11.0.20240411
Yamato Security
Windows event log fast forensics timeline generator and threat hunting tool
-
+
diff --git a/packages/hollowshunter.vm/hollowshunter.vm.nuspec b/packages/hollowshunter.vm/hollowshunter.vm.nuspec
index 0edb962c6..c962539c6 100644
--- a/packages/hollowshunter.vm/hollowshunter.vm.nuspec
+++ b/packages/hollowshunter.vm/hollowshunter.vm.nuspec
@@ -2,11 +2,11 @@
hollowshunter.vm
- 0.3.9
+ 0.3.9.20240411
hasherezade
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
-
+
diff --git a/packages/ida.diaphora.vm/ida.diaphora.vm.nuspec b/packages/ida.diaphora.vm/ida.diaphora.vm.nuspec
index e7125ac35..f9d4fd8da 100644
--- a/packages/ida.diaphora.vm/ida.diaphora.vm.nuspec
+++ b/packages/ida.diaphora.vm/ida.diaphora.vm.nuspec
@@ -2,12 +2,12 @@
ida.diaphora.vm
- 3.1.2
+ 3.1.2.20240411
joxeankoret
Diaphora is a program diffing tool that works as an IDA plugin.
-
-
+
+
diff --git a/packages/ifpstools.vm/ifpstools.vm.nuspec b/packages/ifpstools.vm/ifpstools.vm.nuspec
index 00d8cb3c4..b5fc2e49c 100644
--- a/packages/ifpstools.vm/ifpstools.vm.nuspec
+++ b/packages/ifpstools.vm/ifpstools.vm.nuspec
@@ -2,11 +2,11 @@
ifpstools.vm
- 2.0.2.20231203
+ 2.0.2.20240411
Wack0, Jonson Tan
IFPSTools.NET: tools for working with RemObject PascalScript compiled bytecode files
-
+
diff --git a/packages/innoextract.vm/innoextract.vm.nuspec b/packages/innoextract.vm/innoextract.vm.nuspec
index ef5793c0f..8ab541525 100644
--- a/packages/innoextract.vm/innoextract.vm.nuspec
+++ b/packages/innoextract.vm/innoextract.vm.nuspec
@@ -2,11 +2,11 @@
innoextract.vm
- 1.9.0.20231203
+ 1.9.0.20240411
Daniel Scharrer
A tool to extract Inno Setup installers.
-
+
diff --git a/packages/inveigh.vm/inveigh.vm.nuspec b/packages/inveigh.vm/inveigh.vm.nuspec
index 0c57f409c..65c76711d 100644
--- a/packages/inveigh.vm/inveigh.vm.nuspec
+++ b/packages/inveigh.vm/inveigh.vm.nuspec
@@ -2,11 +2,11 @@
inveigh.vm
- 2.0.10.20231203
+ 2.0.10.20240411
Kevin-Robertson, joncave, kant2002
Inveigh is a cross-platform .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers.
-
+
diff --git a/packages/invokedosfuscation.vm/invokedosfuscation.vm.nuspec b/packages/invokedosfuscation.vm/invokedosfuscation.vm.nuspec
index 2145f8ecf..462a6e854 100644
--- a/packages/invokedosfuscation.vm/invokedosfuscation.vm.nuspec
+++ b/packages/invokedosfuscation.vm/invokedosfuscation.vm.nuspec
@@ -2,11 +2,11 @@
invokedosfuscation.vm
- 1.0.0.20240312
+ 1.0.0.20240411
danielbohannon
Invoke-DOSfuscation is a PowerShell v2.0+ compatible cmd.exe command obfuscation framework.
-
+
diff --git a/packages/invokeobfuscation.vm/invokeobfuscation.vm.nuspec b/packages/invokeobfuscation.vm/invokeobfuscation.vm.nuspec
index 62a82e02a..471d6d908 100644
--- a/packages/invokeobfuscation.vm/invokeobfuscation.vm.nuspec
+++ b/packages/invokeobfuscation.vm/invokeobfuscation.vm.nuspec
@@ -2,11 +2,11 @@
invokeobfuscation.vm
- 1.8.2.20240312
+ 1.8.2.20240411
cobbr, 4d4c, mvle, danielbohannon
Invoke-Obfuscation is a PowerShell v2.0+ compatible PowerShell command and script obfuscator.
-
+
diff --git a/packages/jlecmd.vm/jlecmd.vm.nuspec b/packages/jlecmd.vm/jlecmd.vm.nuspec
index 08a9776ff..6ec39d37e 100644
--- a/packages/jlecmd.vm/jlecmd.vm.nuspec
+++ b/packages/jlecmd.vm/jlecmd.vm.nuspec
@@ -2,11 +2,11 @@
jlecmd.vm
- 1.5.0.20231208
+ 1.5.0.20240411
Eric Zimmerman
Jump List parser
-
+
diff --git a/packages/jumplist_explorer.vm/jumplist_explorer.vm.nuspec b/packages/jumplist_explorer.vm/jumplist_explorer.vm.nuspec
index 73acbe743..f0576e4f0 100644
--- a/packages/jumplist_explorer.vm/jumplist_explorer.vm.nuspec
+++ b/packages/jumplist_explorer.vm/jumplist_explorer.vm.nuspec
@@ -2,11 +2,11 @@
jumplist_explorer.vm
- 2.0.0.20231208
+ 2.0.0.20240411
Eric Zimmerman
GUI based Jump List viewer
-
+
diff --git a/packages/keethief.vm/keethief.vm.nuspec b/packages/keethief.vm/keethief.vm.nuspec
index ee6d50337..d4f7a7d3f 100644
--- a/packages/keethief.vm/keethief.vm.nuspec
+++ b/packages/keethief.vm/keethief.vm.nuspec
@@ -2,11 +2,11 @@
keethief.vm
- 0.0.0.20240323
+ 0.0.0.20240411
tifkin_, harmj0y
Allows for the extraction of KeePass 2.X key material from memory, as well as the backdooring and enumeration of the KeePass trigger system.
-
+
diff --git a/packages/lecmd.vm/lecmd.vm.nuspec b/packages/lecmd.vm/lecmd.vm.nuspec
index 2a1e48dc2..26a6dbaf4 100644
--- a/packages/lecmd.vm/lecmd.vm.nuspec
+++ b/packages/lecmd.vm/lecmd.vm.nuspec
@@ -2,11 +2,11 @@
lecmd.vm
- 1.5.0.20231208
+ 1.5.0.20240411
Eric Zimmerman
Parse lnk files
-
+
diff --git a/packages/logfileparser.vm/logfileparser.vm.nuspec b/packages/logfileparser.vm/logfileparser.vm.nuspec
index 21885978e..d0ee73342 100644
--- a/packages/logfileparser.vm/logfileparser.vm.nuspec
+++ b/packages/logfileparser.vm/logfileparser.vm.nuspec
@@ -2,11 +2,11 @@
logfileparser.vm
- 2.0.0.20231204
+ 2.0.0.20240411
Joakim Schicht
Decode and dump lots of transaction information from the $LogFile on NTFS.
-
+
diff --git a/packages/malware-jail.vm/malware-jail.vm.nuspec b/packages/malware-jail.vm/malware-jail.vm.nuspec
index 98c834471..99da1f000 100644
--- a/packages/malware-jail.vm/malware-jail.vm.nuspec
+++ b/packages/malware-jail.vm/malware-jail.vm.nuspec
@@ -2,11 +2,11 @@
malware-jail.vm
- 0.0.0.20240323
+ 0.0.0.20240411
Hynek Petrak
Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction.
-
+
diff --git a/packages/memprocfs.vm/memprocfs.vm.nuspec b/packages/memprocfs.vm/memprocfs.vm.nuspec
index 0bd530a1d..2edb019b6 100644
--- a/packages/memprocfs.vm/memprocfs.vm.nuspec
+++ b/packages/memprocfs.vm/memprocfs.vm.nuspec
@@ -2,11 +2,11 @@
memprocfs.vm
- 5.9.4
+ 5.9.4.20240411
Ulf Frisk
MemProcFS is an easy and convenient way of viewing physical memory as files in a virtual file system.
-
+
diff --git a/packages/mft_explorer.vm/mft_explorer.vm.nuspec b/packages/mft_explorer.vm/mft_explorer.vm.nuspec
index 8c2b550d3..e5741dc8f 100644
--- a/packages/mft_explorer.vm/mft_explorer.vm.nuspec
+++ b/packages/mft_explorer.vm/mft_explorer.vm.nuspec
@@ -2,11 +2,11 @@
mft_explorer.vm
- 2.0.0.20231208
+ 2.0.0.20240411
Eric Zimmerman
Graphical $MFT viewer
-
+
diff --git a/packages/mftecmd.vm/mftecmd.vm.nuspec b/packages/mftecmd.vm/mftecmd.vm.nuspec
index 71c5ce47d..a33fb324e 100644
--- a/packages/mftecmd.vm/mftecmd.vm.nuspec
+++ b/packages/mftecmd.vm/mftecmd.vm.nuspec
@@ -2,11 +2,11 @@
mftecmd.vm
- 1.2.2.20240321
+ 1.2.2.20240411
Eric Zimmerman
$MFT, $Boot, $J, $SDS, $I30, and $LogFile (coming soon) parser. Handles locked files
-
+
diff --git a/packages/microburst.vm/microburst.vm.nuspec b/packages/microburst.vm/microburst.vm.nuspec
index 017a35965..f6e8cd17e 100644
--- a/packages/microburst.vm/microburst.vm.nuspec
+++ b/packages/microburst.vm/microburst.vm.nuspec
@@ -2,11 +2,11 @@
microburst.vm
- 0.0.0.20240323
+ 0.0.0.20240411
NetSPI
MicroBurst includes functions and scripts that support Azure Services discovery, weak configuration auditing, and post exploitation actions such as credential dumping.
-
+
diff --git a/packages/nanodump.vm/nanodump.vm.nuspec b/packages/nanodump.vm/nanodump.vm.nuspec
index c7b70a2ea..17d113683 100644
--- a/packages/nanodump.vm/nanodump.vm.nuspec
+++ b/packages/nanodump.vm/nanodump.vm.nuspec
@@ -2,11 +2,11 @@
nanodump.vm
- 0.0.0.20240323
+ 0.0.0.20240411
fortra
A Beacon Object File that creates a minidump of the LSASS process.
-
+
diff --git a/packages/networkminer.vm/networkminer.vm.nuspec b/packages/networkminer.vm/networkminer.vm.nuspec
index 033c7e476..c49436af5 100644
--- a/packages/networkminer.vm/networkminer.vm.nuspec
+++ b/packages/networkminer.vm/networkminer.vm.nuspec
@@ -2,11 +2,11 @@
networkminer.vm
- 2.8.1
+ 2.8.1.20240411
Netresec
NetworkMiner is an open source Network Forensic Analysis Tool for Windows, but also works in Linux or Mac OS X. NetworkMiner can be used as a passive network sniffer in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to reassemble transmitted files and certificates from PCAP files.
-
+
diff --git a/packages/offvis.vm/offvis.vm.nuspec b/packages/offvis.vm/offvis.vm.nuspec
index c834166ac..34fb084a8 100644
--- a/packages/offvis.vm/offvis.vm.nuspec
+++ b/packages/offvis.vm/offvis.vm.nuspec
@@ -2,11 +2,11 @@
offvis.vm
- 1.0.0.20240226
+ 1.0.0.20240411
Microsoft
The Microsoft Office Visualization Tool (OffVis) is a tool from Microsoft that helps understanding the Microsoft Office binary file format in order to deconstruct .doc-, .xls- and .ppt-based targeted attacks.
-
+
diff --git a/packages/outflank-c2-tool-collection.vm/outflank-c2-tool-collection.vm.nuspec b/packages/outflank-c2-tool-collection.vm/outflank-c2-tool-collection.vm.nuspec
index 368aee44b..7de51dedd 100644
--- a/packages/outflank-c2-tool-collection.vm/outflank-c2-tool-collection.vm.nuspec
+++ b/packages/outflank-c2-tool-collection.vm/outflank-c2-tool-collection.vm.nuspec
@@ -2,11 +2,11 @@
outflank-c2-tool-collection.vm
- 0.0.0.20240323
+ 0.0.0.20240411
outflank
Contains a collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
-
+
diff --git a/packages/payloadsallthethings.vm/payloadsallthethings.vm.nuspec b/packages/payloadsallthethings.vm/payloadsallthethings.vm.nuspec
index f83d187d9..8483ce894 100644
--- a/packages/payloadsallthethings.vm/payloadsallthethings.vm.nuspec
+++ b/packages/payloadsallthethings.vm/payloadsallthethings.vm.nuspec
@@ -2,11 +2,11 @@
payloadsallthethings.vm
- 0.0.0.20240323
+ 0.0.0.20240411
swisskyrepo
A list of useful payloads and bypasses for Web Application Security.
-
+
diff --git a/packages/peanatomist.vm/peanatomist.vm.nuspec b/packages/peanatomist.vm/peanatomist.vm.nuspec
index d651007ac..8266e9276 100644
--- a/packages/peanatomist.vm/peanatomist.vm.nuspec
+++ b/packages/peanatomist.vm/peanatomist.vm.nuspec
@@ -2,11 +2,11 @@
peanatomist.vm
- 0.2.11931.20230825
+ 0.2.11931.20240411
RamMerLabs
PE Analysis tool providing detailed information
-
+
diff --git a/packages/pecmd.vm/pecmd.vm.nuspec b/packages/pecmd.vm/pecmd.vm.nuspec
index 1e6e32db8..857d46726 100644
--- a/packages/pecmd.vm/pecmd.vm.nuspec
+++ b/packages/pecmd.vm/pecmd.vm.nuspec
@@ -2,11 +2,11 @@
pecmd.vm
- 1.5.0.20231208
+ 1.5.0.20240411
Eric Zimmerman
Prefetch parser
-
+
diff --git a/packages/peid.vm/peid.vm.nuspec b/packages/peid.vm/peid.vm.nuspec
index a0632d851..179f11766 100644
--- a/packages/peid.vm/peid.vm.nuspec
+++ b/packages/peid.vm/peid.vm.nuspec
@@ -2,11 +2,11 @@
peid.vm
- 0.95.0.20221115
+ 0.95.0.20240411
PEiD detects most common packers, cryptors and compilers for PE files.
snaker, Qwerton, Jibz, xineohP
-
+
diff --git a/packages/pestudio.vm/pestudio.vm.nuspec b/packages/pestudio.vm/pestudio.vm.nuspec
index 84ede3560..6a74a1833 100644
--- a/packages/pestudio.vm/pestudio.vm.nuspec
+++ b/packages/pestudio.vm/pestudio.vm.nuspec
@@ -2,11 +2,11 @@
pestudio.vm
- 9.58
+ 9.58.0.20240411
Marc Ochsenmeier
The goal of pestudio is to spot artifacts of executable files in order to ease and accelerate Malware Initial Assessment.
-
+
diff --git a/packages/petitpotam.vm/petitpotam.vm.nuspec b/packages/petitpotam.vm/petitpotam.vm.nuspec
index d58b712b2..6f7b592fa 100644
--- a/packages/petitpotam.vm/petitpotam.vm.nuspec
+++ b/packages/petitpotam.vm/petitpotam.vm.nuspec
@@ -2,11 +2,11 @@
petitpotam.vm
- 0.0.0.20240323
+ 0.0.0.20240411
topotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions
-
+
diff --git a/packages/pkg-unpacker.vm/pkg-unpacker.vm.nuspec b/packages/pkg-unpacker.vm/pkg-unpacker.vm.nuspec
index fa81344db..e860bddde 100644
--- a/packages/pkg-unpacker.vm/pkg-unpacker.vm.nuspec
+++ b/packages/pkg-unpacker.vm/pkg-unpacker.vm.nuspec
@@ -2,11 +2,11 @@
pkg-unpacker.vm
- 1.0.0.20240323
+ 1.0.0.20240411
LockBlock-dev
Unpacker for pkg applications.
-
+
diff --git a/packages/pma-labs.vm/pma-labs.vm.nuspec b/packages/pma-labs.vm/pma-labs.vm.nuspec
index 4b5029b7e..33648e36e 100644
--- a/packages/pma-labs.vm/pma-labs.vm.nuspec
+++ b/packages/pma-labs.vm/pma-labs.vm.nuspec
@@ -2,11 +2,11 @@
pma-labs.vm
- 0.0.0.20230626
+ 0.0.0.20240411
Michael Sikorski
Binaries for the book Practical Malware Analysis
-
+
diff --git a/packages/powermad.vm/powermad.vm.nuspec b/packages/powermad.vm/powermad.vm.nuspec
index 0b5afa406..c731d976a 100644
--- a/packages/powermad.vm/powermad.vm.nuspec
+++ b/packages/powermad.vm/powermad.vm.nuspec
@@ -2,11 +2,11 @@
powermad.vm
- 0.0.0.20240323
+ 0.0.0.20240411
Kevin-Robertson
Powermad includes a set of functions for exploiting ms-DS-MachineAccountQuota without attaching an actual system to AD
-
+
diff --git a/packages/powersploit.vm/powersploit.vm.nuspec b/packages/powersploit.vm/powersploit.vm.nuspec
index 518750c48..11c0e0eab 100644
--- a/packages/powersploit.vm/powersploit.vm.nuspec
+++ b/packages/powersploit.vm/powersploit.vm.nuspec
@@ -2,11 +2,11 @@
powersploit.vm
- 0.0.0.20240323
+ 0.0.0.20240411
HarmJ0y, 0xe7
PowerSploit is a collection of Microsoft PowerShell modules that can be used to aid penetration testers during all phases of an assessment.
-
+
diff --git a/packages/powerupsql.vm/powerupsql.vm.nuspec b/packages/powerupsql.vm/powerupsql.vm.nuspec
index 62ab7d66b..8a66f2879 100644
--- a/packages/powerupsql.vm/powerupsql.vm.nuspec
+++ b/packages/powerupsql.vm/powerupsql.vm.nuspec
@@ -2,11 +2,11 @@
powerupsql.vm
- 0.0.0.20240323
+ 0.0.0.20240411
NetSPI
PowerUpSQL includes functions that support SQL Server discovery, weak configuration auditing, privilege escalation on scale, and post exploitation actions such as OS command execution.
-
+
diff --git a/packages/powerzure.vm/powerzure.vm.nuspec b/packages/powerzure.vm/powerzure.vm.nuspec
index ff3782d3b..bfe36f620 100644
--- a/packages/powerzure.vm/powerzure.vm.nuspec
+++ b/packages/powerzure.vm/powerzure.vm.nuspec
@@ -2,11 +2,11 @@
powerzure.vm
- 0.0.0.20240323
+ 0.0.0.20240411
hausec
PowerZure is a PowerShell project created to assess and exploit resources within Microsoft’s cloud platform, Azure.
-
+
diff --git a/packages/rbcmd.vm/rbcmd.vm.nuspec b/packages/rbcmd.vm/rbcmd.vm.nuspec
index cf9788f90..d88006260 100644
--- a/packages/rbcmd.vm/rbcmd.vm.nuspec
+++ b/packages/rbcmd.vm/rbcmd.vm.nuspec
@@ -2,11 +2,11 @@
rbcmd.vm
- 1.5.0.20231208
+ 1.5.0.20240411
Eric Zimmerman
Recycle Bin artifact (INFO2/$I) parser
-
+
diff --git a/packages/recentfilecacheparser.vm/recentfilecacheparser.vm.nuspec b/packages/recentfilecacheparser.vm/recentfilecacheparser.vm.nuspec
index 0ae8fb885..ec6492258 100644
--- a/packages/recentfilecacheparser.vm/recentfilecacheparser.vm.nuspec
+++ b/packages/recentfilecacheparser.vm/recentfilecacheparser.vm.nuspec
@@ -2,11 +2,11 @@
recentfilecacheparser.vm
- 1.5.0.20231208
+ 1.5.0.20240411
Eric Zimmerman
RecentFileCache parser
-
+
diff --git a/packages/recmd.vm/recmd.vm.nuspec b/packages/recmd.vm/recmd.vm.nuspec
index 7a33ce200..bbdce7f9b 100644
--- a/packages/recmd.vm/recmd.vm.nuspec
+++ b/packages/recmd.vm/recmd.vm.nuspec
@@ -2,11 +2,11 @@
recmd.vm
- 2.0.0.20231208
+ 2.0.0.20240411
Eric Zimmerman
Powerful command line Registry tool searching, multi-hive support, plugins, and more
-
+
diff --git a/packages/regcool.vm/regcool.vm.nuspec b/packages/regcool.vm/regcool.vm.nuspec
index 4f59a53d4..b0692cb21 100644
--- a/packages/regcool.vm/regcool.vm.nuspec
+++ b/packages/regcool.vm/regcool.vm.nuspec
@@ -2,11 +2,11 @@
regcool.vm
- 0.0.0.20240410
+ 0.0.0.20240411
Kurt Zimmermann
In addition to all the features that you can find in RegEdit and RegEdt32, RegCool adds many powerful features that allow you to work faster and more efficiently with registry related tasks
-
+
diff --git a/packages/registry_explorer.vm/registry_explorer.vm.nuspec b/packages/registry_explorer.vm/registry_explorer.vm.nuspec
index a58d1aa0c..859bcdd73 100644
--- a/packages/registry_explorer.vm/registry_explorer.vm.nuspec
+++ b/packages/registry_explorer.vm/registry_explorer.vm.nuspec
@@ -2,11 +2,11 @@
registry_explorer.vm
- 2.0.0.20240226
+ 2.0.0.20240411
Eric Zimmerman
Registry viewer with searching, multi-hive support, plugins, and more. Handles locked files
-
+
diff --git a/packages/regshot.vm/regshot.vm.nuspec b/packages/regshot.vm/regshot.vm.nuspec
index 58cad02cd..b8f73ac55 100644
--- a/packages/regshot.vm/regshot.vm.nuspec
+++ b/packages/regshot.vm/regshot.vm.nuspec
@@ -2,11 +2,11 @@
regshot.vm
- 1.9.1.20240217
+ 1.9.1.20240411
maddes, regshot, xhmikosr
Regshot is a small, free and open-source registry compare utility that allows you to quickly take a snapshot of your registry and then compare it with a second one - done after doing system changes or installing a new software product.
-
+
diff --git a/packages/rla.vm/rla.vm.nuspec b/packages/rla.vm/rla.vm.nuspec
index 0458b9366..80ed00d4c 100644
--- a/packages/rla.vm/rla.vm.nuspec
+++ b/packages/rla.vm/rla.vm.nuspec
@@ -2,11 +2,11 @@
rla.vm
- 2.0.0.20231208
+ 2.0.0.20240411
Eric Zimmerman
Replay transaction logs and update Registry hives so they are no longer dirty. Useful when tools do not know how to handle transaction logs
-
+
diff --git a/packages/routesixtysink.vm/routesixtysink.vm.nuspec b/packages/routesixtysink.vm/routesixtysink.vm.nuspec
index befc283a6..63c7d6995 100644
--- a/packages/routesixtysink.vm/routesixtysink.vm.nuspec
+++ b/packages/routesixtysink.vm/routesixtysink.vm.nuspec
@@ -2,11 +2,11 @@
routesixtysink.vm
- 0.0.0.20240323
+ 0.0.0.20240411
Dillon Franke, Michael Maturi
Route Sixty-Sink is an open source tool that enables defenders and security researchers alike to quickly identify vulnerabilities in any .NET assembly using automated source-to-sink analysis.
-
+
diff --git a/packages/rpcview.vm/rpcview.vm.nuspec b/packages/rpcview.vm/rpcview.vm.nuspec
index dbdabcdc7..aa63eb04c 100644
--- a/packages/rpcview.vm/rpcview.vm.nuspec
+++ b/packages/rpcview.vm/rpcview.vm.nuspec
@@ -2,11 +2,11 @@
rpcview.vm
- 0.3.1.20231218
+ 0.3.1.20240411
silverf0x
RpcView is an open-source tool to explore and decompile all RPC functionalities present on a Microsoft system
-
+
diff --git a/packages/rubeus.vm/rubeus.vm.nuspec b/packages/rubeus.vm/rubeus.vm.nuspec
index 099a18a46..0e347a447 100644
--- a/packages/rubeus.vm/rubeus.vm.nuspec
+++ b/packages/rubeus.vm/rubeus.vm.nuspec
@@ -2,11 +2,11 @@
rubeus.vm
- 2.3.1.20240323
+ 2.3.1.20240411
harmj0y
Rubeus is a C# toolset for raw Kerberos interaction and abuses.
-
+
diff --git a/packages/rundotnetdll.vm/rundotnetdll.vm.nuspec b/packages/rundotnetdll.vm/rundotnetdll.vm.nuspec
index 02ed6c9c6..d254a9dee 100644
--- a/packages/rundotnetdll.vm/rundotnetdll.vm.nuspec
+++ b/packages/rundotnetdll.vm/rundotnetdll.vm.nuspec
@@ -2,11 +2,11 @@
rundotnetdll.vm
- 2.2.0.20231203
+ 2.2.0.20240411
A simple utility to list all methods of a given .NET Assembly and to invoke them.
Antonio Parata
-
+
diff --git a/packages/safetykatz.vm/safetykatz.vm.nuspec b/packages/safetykatz.vm/safetykatz.vm.nuspec
index 9cd0b5325..082f77b11 100644
--- a/packages/safetykatz.vm/safetykatz.vm.nuspec
+++ b/packages/safetykatz.vm/safetykatz.vm.nuspec
@@ -2,11 +2,11 @@
safetykatz.vm
- 0.0.0.20240323
+ 0.0.0.20240411
HarmJ0y
SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader.
-
+
diff --git a/packages/sbecmd.vm/sbecmd.vm.nuspec b/packages/sbecmd.vm/sbecmd.vm.nuspec
index 5fa138599..1c4ebe011 100644
--- a/packages/sbecmd.vm/sbecmd.vm.nuspec
+++ b/packages/sbecmd.vm/sbecmd.vm.nuspec
@@ -2,11 +2,11 @@
sbecmd.vm
- 2.0.0.20240321
+ 2.0.0.20240411
Eric Zimmerman
ShellBags Explorer, command line edition, for exporting shellbag data
-
+
diff --git a/packages/scdbg.vm/scdbg.vm.nuspec b/packages/scdbg.vm/scdbg.vm.nuspec
index 141e9af29..65ccc31bc 100644
--- a/packages/scdbg.vm/scdbg.vm.nuspec
+++ b/packages/scdbg.vm/scdbg.vm.nuspec
@@ -2,11 +2,11 @@
scdbg.vm
- 0.0.0.20240217
+ 0.0.0.20240411
Paul Baecher, Markus Koetter, David Zimmer
scdbg is an emulation based shellcode API logger and debugger
-
+
diff --git a/packages/sdb_explorer.vm/sdb_explorer.vm.nuspec b/packages/sdb_explorer.vm/sdb_explorer.vm.nuspec
index 9ee292f5a..7fbee3655 100644
--- a/packages/sdb_explorer.vm/sdb_explorer.vm.nuspec
+++ b/packages/sdb_explorer.vm/sdb_explorer.vm.nuspec
@@ -2,11 +2,11 @@
sdb_explorer.vm
- 2.0.0.20231208
+ 2.0.0.20240411
Eric Zimmerman
Shim database GUI
-
+
diff --git a/packages/seatbelt.vm/seatbelt.vm.nuspec b/packages/seatbelt.vm/seatbelt.vm.nuspec
index c4fdc2dcd..359c7ce71 100644
--- a/packages/seatbelt.vm/seatbelt.vm.nuspec
+++ b/packages/seatbelt.vm/seatbelt.vm.nuspec
@@ -2,11 +2,11 @@
seatbelt.vm
- 1.2.0.20240323
+ 1.2.0.20240411
harmj0y, tifkin_
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
-
+
diff --git a/packages/seclists.vm/seclists.vm.nuspec b/packages/seclists.vm/seclists.vm.nuspec
index 3792e32e0..275550b57 100644
--- a/packages/seclists.vm/seclists.vm.nuspec
+++ b/packages/seclists.vm/seclists.vm.nuspec
@@ -2,11 +2,11 @@
seclists.vm
- 2024.1.0.20240323
+ 2024.1.0.20240411
danielmiessler
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place.
-
+
diff --git a/packages/setdllcharacteristics.vm/setdllcharacteristics.vm.nuspec b/packages/setdllcharacteristics.vm/setdllcharacteristics.vm.nuspec
index 1aa9b0695..b2f121f2f 100644
--- a/packages/setdllcharacteristics.vm/setdllcharacteristics.vm.nuspec
+++ b/packages/setdllcharacteristics.vm/setdllcharacteristics.vm.nuspec
@@ -2,11 +2,11 @@
setdllcharacteristics.vm
- 0.0.1
+ 0.0.1.20240411
Didier Stevens
A CLI tool for manipulating ASLR, DEP, and check signature flags of PE files
-
+
diff --git a/packages/sharpdpapi.vm/sharpdpapi.vm.nuspec b/packages/sharpdpapi.vm/sharpdpapi.vm.nuspec
index 7922dc75b..a4fc3b708 100644
--- a/packages/sharpdpapi.vm/sharpdpapi.vm.nuspec
+++ b/packages/sharpdpapi.vm/sharpdpapi.vm.nuspec
@@ -2,11 +2,11 @@
sharpdpapi.vm
- 1.11.3.20240323
+ 1.11.3.20240411
harmj0y
SharpDPAPI is a C# port of some DPAPI functionality from @gentilkiwi's Mimikatz project.
-
+
diff --git a/packages/sharpdump.vm/sharpdump.vm.nuspec b/packages/sharpdump.vm/sharpdump.vm.nuspec
index 6451faa5f..4703a8ca0 100644
--- a/packages/sharpdump.vm/sharpdump.vm.nuspec
+++ b/packages/sharpdump.vm/sharpdump.vm.nuspec
@@ -2,11 +2,11 @@
sharpdump.vm
- 0.0.0.20240323
+ 0.0.0.20240411
HarmJ0y
SharpDump is a C# port of PowerSploit's Out-Minidump.ps1 functionality.
-
+
diff --git a/packages/sharpexec.vm/sharpexec.vm.nuspec b/packages/sharpexec.vm/sharpexec.vm.nuspec
index b269430c6..f295ae58c 100644
--- a/packages/sharpexec.vm/sharpexec.vm.nuspec
+++ b/packages/sharpexec.vm/sharpexec.vm.nuspec
@@ -2,11 +2,11 @@
sharpexec.vm
- 0.0.0.20240323
+ 0.0.0.20240411
anthemtotheego
SharpExec is an offensive security C# tool designed to aid with lateral movement.
-
+
diff --git a/packages/sharphound.vm/sharphound.vm.nuspec b/packages/sharphound.vm/sharphound.vm.nuspec
index 23a3e0cf0..bac6ab3ee 100644
--- a/packages/sharphound.vm/sharphound.vm.nuspec
+++ b/packages/sharphound.vm/sharphound.vm.nuspec
@@ -2,11 +2,11 @@
sharphound.vm
- 2.3.3
+ 2.3.3.20240411
specterops
SharpHound is an Active Directory ingester tool for BloodHound.
-
+
diff --git a/packages/sharpsecdump.vm/sharpsecdump.vm.nuspec b/packages/sharpsecdump.vm/sharpsecdump.vm.nuspec
index b9ee91b01..3b7f9ab44 100644
--- a/packages/sharpsecdump.vm/sharpsecdump.vm.nuspec
+++ b/packages/sharpsecdump.vm/sharpsecdump.vm.nuspec
@@ -2,11 +2,11 @@
sharpsecdump.vm
- 0.0.0.20240323
+ 0.0.0.20240411
G0ldenGunSec
.Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py
-
+
diff --git a/packages/sharpup.vm/sharpup.vm.nuspec b/packages/sharpup.vm/sharpup.vm.nuspec
index 1da18ab91..b7235f01b 100644
--- a/packages/sharpup.vm/sharpup.vm.nuspec
+++ b/packages/sharpup.vm/sharpup.vm.nuspec
@@ -2,11 +2,11 @@
sharpup.vm
- 0.0.0.20240323
+ 0.0.0.20240411
harmj0y
SharpUp is a C# port of various PowerUp functionality for auditing potential privilege escalation paths.
-
+
diff --git a/packages/sharpview.vm/sharpview.vm.nuspec b/packages/sharpview.vm/sharpview.vm.nuspec
index 00068ce99..2e5097c05 100644
--- a/packages/sharpview.vm/sharpview.vm.nuspec
+++ b/packages/sharpview.vm/sharpview.vm.nuspec
@@ -2,11 +2,11 @@
sharpview.vm
- 0.0.0.20240323
+ 0.0.0.20240411
tevora
.NET port of PowerView used for information gathering within Active Directory
-
+
diff --git a/packages/sharpwmi.vm/sharpwmi.vm.nuspec b/packages/sharpwmi.vm/sharpwmi.vm.nuspec
index 9adf9b02b..bf2b18102 100644
--- a/packages/sharpwmi.vm/sharpwmi.vm.nuspec
+++ b/packages/sharpwmi.vm/sharpwmi.vm.nuspec
@@ -2,11 +2,11 @@
sharpwmi.vm
- 0.0.0.20240323
+ 0.0.0.20240411
HarmJ0y
SharpWMI is a C# implementation of various WMI functionality.
-
+
diff --git a/packages/shellbags_explorer.vm/shellbags_explorer.vm.nuspec b/packages/shellbags_explorer.vm/shellbags_explorer.vm.nuspec
index 13fe2f843..32e47fd69 100644
--- a/packages/shellbags_explorer.vm/shellbags_explorer.vm.nuspec
+++ b/packages/shellbags_explorer.vm/shellbags_explorer.vm.nuspec
@@ -2,11 +2,11 @@
shellbags_explorer.vm
- 2.0.0.20231208
+ 2.0.0.20240411
Eric Zimmerman
GUI for browsing shellbags data. Handles locked files
-
+
diff --git a/packages/situational-awareness-bof.vm/situational-awareness-bof.vm.nuspec b/packages/situational-awareness-bof.vm/situational-awareness-bof.vm.nuspec
index 1b0a7d709..4f157c712 100644
--- a/packages/situational-awareness-bof.vm/situational-awareness-bof.vm.nuspec
+++ b/packages/situational-awareness-bof.vm/situational-awareness-bof.vm.nuspec
@@ -2,11 +2,11 @@
situational-awareness-bof.vm
- 0.0.0.20240323
+ 0.0.0.20240411
trustedsec
Provides a set of basic situational awareness commands implemented in a Beacon Object File (BOF). This allows you to perform some checks on a host before you begin executing commands that may be more invasive.
-
+
diff --git a/packages/spoolsample.vm/spoolsample.vm.nuspec b/packages/spoolsample.vm/spoolsample.vm.nuspec
index 3f8812b26..a8c5000aa 100644
--- a/packages/spoolsample.vm/spoolsample.vm.nuspec
+++ b/packages/spoolsample.vm/spoolsample.vm.nuspec
@@ -2,11 +2,11 @@
spoolsample.vm
- 0.0.0.20240323
+ 0.0.0.20240411
tifkin_, harmj0y, enigma0x3
PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface.
-
+
diff --git a/packages/sqlecmd.vm/sqlecmd.vm.nuspec b/packages/sqlecmd.vm/sqlecmd.vm.nuspec
index 2f8f3e1e0..5fe94c78b 100644
--- a/packages/sqlecmd.vm/sqlecmd.vm.nuspec
+++ b/packages/sqlecmd.vm/sqlecmd.vm.nuspec
@@ -2,11 +2,11 @@
sqlecmd.vm
- 1.0.0.20231208
+ 1.0.0.20240411
Eric Zimmerman
Find and process SQLite files according to your needs with maps!
-
+
diff --git a/packages/srumecmd.vm/srumecmd.vm.nuspec b/packages/srumecmd.vm/srumecmd.vm.nuspec
index 23c350ef7..2fb67156e 100644
--- a/packages/srumecmd.vm/srumecmd.vm.nuspec
+++ b/packages/srumecmd.vm/srumecmd.vm.nuspec
@@ -2,11 +2,11 @@
srumecmd.vm
- 0.5.1.20231208
+ 0.5.1.20240411
Eric Zimmerman
Process SRUDB.dat and (optionally) SOFTWARE hive for network, process, and energy info!
-
+
diff --git a/packages/statistically-likely-usernames.vm/statistically-likely-usernames.vm.nuspec b/packages/statistically-likely-usernames.vm/statistically-likely-usernames.vm.nuspec
index 2e4512b96..69ec6c80b 100644
--- a/packages/statistically-likely-usernames.vm/statistically-likely-usernames.vm.nuspec
+++ b/packages/statistically-likely-usernames.vm/statistically-likely-usernames.vm.nuspec
@@ -2,11 +2,11 @@
statistically-likely-usernames.vm
- 0.0.0.20240323
+ 0.0.0.20240411
insidetrust
This resource contains wordlists for creating statistically likely usernames for use in username-enumeration, simulated password-attacks and other security testing tasks.
-
+
diff --git a/packages/stracciatella.vm/stracciatella.vm.nuspec b/packages/stracciatella.vm/stracciatella.vm.nuspec
index 331a8a33a..c544b66d5 100644
--- a/packages/stracciatella.vm/stracciatella.vm.nuspec
+++ b/packages/stracciatella.vm/stracciatella.vm.nuspec
@@ -2,11 +2,11 @@
stracciatella.vm
- 0.7.0.20240323
+ 0.7.0.20240411
mgeeky
Powershell runspace from within C# (aka SharpPick technique) with AMSI, ETW and Script Block Logging disabled.
-
+
diff --git a/packages/streamdivert.vm/streamdivert.vm.nuspec b/packages/streamdivert.vm/streamdivert.vm.nuspec
index 83a8baedb..04e697dde 100644
--- a/packages/streamdivert.vm/streamdivert.vm.nuspec
+++ b/packages/streamdivert.vm/streamdivert.vm.nuspec
@@ -2,11 +2,11 @@
streamdivert.vm
- 1.1
+ 1.1.0.20240411
jellever
StreamDivert has the ability to relay all incoming SMB connections to port 445 to another server, or only relay specific incoming SMB connections from a specific set of source IP's to another server.
-
+
diff --git a/packages/sumecmd.vm/sumecmd.vm.nuspec b/packages/sumecmd.vm/sumecmd.vm.nuspec
index 8a0f14abd..8f060ffee 100644
--- a/packages/sumecmd.vm/sumecmd.vm.nuspec
+++ b/packages/sumecmd.vm/sumecmd.vm.nuspec
@@ -2,11 +2,11 @@
sumecmd.vm
- 0.5.2.20231208
+ 0.5.2.20240411
Eric Zimmerman
Process Microsoft User Access Logs found under "C:\Windows\System32\LogFiles\SUM"
-
+
diff --git a/packages/systeminformer.vm/systeminformer.vm.nuspec b/packages/systeminformer.vm/systeminformer.vm.nuspec
index baa59e443..fb7ca32be 100644
--- a/packages/systeminformer.vm/systeminformer.vm.nuspec
+++ b/packages/systeminformer.vm/systeminformer.vm.nuspec
@@ -2,11 +2,11 @@
systeminformer.vm
- 3.0.7353
+ 3.0.7353.20240411
winsiderss
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.
-
+
diff --git a/packages/syswhispers2.vm/syswhispers2.vm.nuspec b/packages/syswhispers2.vm/syswhispers2.vm.nuspec
index 75c9f2051..bc198ffdf 100644
--- a/packages/syswhispers2.vm/syswhispers2.vm.nuspec
+++ b/packages/syswhispers2.vm/syswhispers2.vm.nuspec
@@ -2,11 +2,11 @@
syswhispers2.vm
- 0.0.0.20240323
+ 0.0.0.20240411
jthuraisamy
SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls.
-
+
diff --git a/packages/syswhispers3.vm/syswhispers3.vm.nuspec b/packages/syswhispers3.vm/syswhispers3.vm.nuspec
index 5685d6a34..d1dc39056 100644
--- a/packages/syswhispers3.vm/syswhispers3.vm.nuspec
+++ b/packages/syswhispers3.vm/syswhispers3.vm.nuspec
@@ -2,11 +2,11 @@
syswhispers3.vm
- 0.0.0.20240323
+ 0.0.0.20240411
klezVirus
SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls.
-
+
diff --git a/packages/teamfiltration.vm/teamfiltration.vm.nuspec b/packages/teamfiltration.vm/teamfiltration.vm.nuspec
index ee77acba8..a20e52370 100644
--- a/packages/teamfiltration.vm/teamfiltration.vm.nuspec
+++ b/packages/teamfiltration.vm/teamfiltration.vm.nuspec
@@ -2,11 +2,11 @@
teamfiltration.vm
- 3.5.0.20230713
+ 3.5.0.20240411
Flangvik
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts.
-
+
diff --git a/packages/timeline_explorer.vm/timeline_explorer.vm.nuspec b/packages/timeline_explorer.vm/timeline_explorer.vm.nuspec
index c4ad5abe2..37aaa3e2a 100644
--- a/packages/timeline_explorer.vm/timeline_explorer.vm.nuspec
+++ b/packages/timeline_explorer.vm/timeline_explorer.vm.nuspec
@@ -2,11 +2,11 @@
timeline_explorer.vm
- 2.0.0.20240321
+ 2.0.0.20240411
Eric Zimmerman
View CSV and Excel files, filter, group, sort, etc. with ease
-
+
diff --git a/packages/trustedsec-remote-ops-bof.vm/trustedsec-remote-ops-bof.vm.nuspec b/packages/trustedsec-remote-ops-bof.vm/trustedsec-remote-ops-bof.vm.nuspec
index f8f187c09..73e699e2f 100644
--- a/packages/trustedsec-remote-ops-bof.vm/trustedsec-remote-ops-bof.vm.nuspec
+++ b/packages/trustedsec-remote-ops-bof.vm/trustedsec-remote-ops-bof.vm.nuspec
@@ -2,11 +2,11 @@
truestedsec-remote-ops-bof.vm
- 0.0.0.20240323
+ 0.0.0.20240411
trustedsec
Addition to Situational Awareness BOFs intended for single task Windows primitives such as creating a task, stopping a service, etc.
-
+
diff --git a/packages/unhook-bof.vm/unhook-bof.vm.nuspec b/packages/unhook-bof.vm/unhook-bof.vm.nuspec
index c59fbdcd6..80d09d1e4 100644
--- a/packages/unhook-bof.vm/unhook-bof.vm.nuspec
+++ b/packages/unhook-bof.vm/unhook-bof.vm.nuspec
@@ -2,11 +2,11 @@
unhook-bof.vm
- 0.0.0.20240323
+ 0.0.0.20240411
rsmudge, physics-sec
This is a Beacon Object File to refresh DLLs and remove their hooks. The code is from Cylance's Universal Unhooking research.
-
+
diff --git a/packages/uniextract2.vm/uniextract2.vm.nuspec b/packages/uniextract2.vm/uniextract2.vm.nuspec
index dc89bd615..66cd9426b 100644
--- a/packages/uniextract2.vm/uniextract2.vm.nuspec
+++ b/packages/uniextract2.vm/uniextract2.vm.nuspec
@@ -2,11 +2,11 @@
uniextract2.vm
- 2.0.0.20231220
+ 2.0.0.20240411
Universal Extractor 2 is an unofficial updated and extended version of the original UniExtract by Jared Breland.
William Engelmann (Bioruebe)
-
+
diff --git a/packages/upx.vm/upx.vm.nuspec b/packages/upx.vm/upx.vm.nuspec
index a2c293ea7..3273cd90c 100644
--- a/packages/upx.vm/upx.vm.nuspec
+++ b/packages/upx.vm/upx.vm.nuspec
@@ -2,11 +2,11 @@
upx.vm
- 4.2.3
+ 4.2.3.20240411
markus-oberhumer
UPX is a free, secure, portable, extendable, high-performance executable packer for several executable formats.
-
+
diff --git a/packages/vscmount.vm/vscmount.vm.nuspec b/packages/vscmount.vm/vscmount.vm.nuspec
index 10e0f2a6d..342cd1da0 100644
--- a/packages/vscmount.vm/vscmount.vm.nuspec
+++ b/packages/vscmount.vm/vscmount.vm.nuspec
@@ -2,11 +2,11 @@
vscmount.vm
- 1.5.0.20231208
+ 1.5.0.20240411
Eric Zimmerman
Mount all VSCs on a drive letter to a given mount point
-
+
diff --git a/packages/whisker.vm/whisker.vm.nuspec b/packages/whisker.vm/whisker.vm.nuspec
index a6369685c..088579070 100644
--- a/packages/whisker.vm/whisker.vm.nuspec
+++ b/packages/whisker.vm/whisker.vm.nuspec
@@ -2,11 +2,11 @@
whisker.vm
- 0.0.0.20240323
+ 0.0.0.20240411
Elad Shamir
Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.
-
+
diff --git a/packages/wxtcmd.vm/wxtcmd.vm.nuspec b/packages/wxtcmd.vm/wxtcmd.vm.nuspec
index 155f38a0e..720a1964f 100644
--- a/packages/wxtcmd.vm/wxtcmd.vm.nuspec
+++ b/packages/wxtcmd.vm/wxtcmd.vm.nuspec
@@ -2,11 +2,11 @@
wxtcmd.vm
- 1.0.0.20231208
+ 1.0.0.20240411
Eric Zimmerman
Windows 10 Timeline database parser
-
+