diff --git a/packages/adconnectdump.vm/adconnectdump.vm.nuspec b/packages/adconnectdump.vm/adconnectdump.vm.nuspec index 3bf8a51ec..eac7f4078 100644 --- a/packages/adconnectdump.vm/adconnectdump.vm.nuspec +++ b/packages/adconnectdump.vm/adconnectdump.vm.nuspec @@ -2,11 +2,11 @@ adconnectdump.vm - 0.0.0.20240323 + 0.0.0.20240411 fox-it This toolkit offers several ways to extract and decrypt stored Azure AD and Active Directory credentials from Azure AD Connect servers. - + diff --git a/packages/amcacheparser.vm/amcacheparser.vm.nuspec b/packages/amcacheparser.vm/amcacheparser.vm.nuspec index 5a31c9534..908a09e54 100644 --- a/packages/amcacheparser.vm/amcacheparser.vm.nuspec +++ b/packages/amcacheparser.vm/amcacheparser.vm.nuspec @@ -2,11 +2,11 @@ amcacheparser.vm - 1.5.1.20231208 + 1.5.1.20240411 Eric Zimmerman Amcache.hve parser with lots of extra features. Handles locked files - + diff --git a/packages/appcompatcacheparser.vm/appcompatcacheparser.vm.nuspec b/packages/appcompatcacheparser.vm/appcompatcacheparser.vm.nuspec index 7e75f011c..0264279a7 100644 --- a/packages/appcompatcacheparser.vm/appcompatcacheparser.vm.nuspec +++ b/packages/appcompatcacheparser.vm/appcompatcacheparser.vm.nuspec @@ -2,11 +2,11 @@ appcompatcacheparser.vm - 1.5.0.20231208 + 1.5.0.20240411 Eric Zimmerman AppCompatCache aka ShimCache parser. Handles locked files - + diff --git a/packages/asreproast.vm/asreproast.vm.nuspec b/packages/asreproast.vm/asreproast.vm.nuspec index f7dcef57b..ecb0a5110 100644 --- a/packages/asreproast.vm/asreproast.vm.nuspec +++ b/packages/asreproast.vm/asreproast.vm.nuspec @@ -2,11 +2,11 @@ asreproast.vm - 0.0.0.20240323 + 0.0.0.20240411 HarmJ0y Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled. - + diff --git a/packages/azurehound.vm/azurehound.vm.nuspec b/packages/azurehound.vm/azurehound.vm.nuspec index 82e1d653a..ab06ff183 100644 --- a/packages/azurehound.vm/azurehound.vm.nuspec +++ b/packages/azurehound.vm/azurehound.vm.nuspec @@ -2,11 +2,11 @@ azurehound.vm - 2.1.8 + 2.1.8.20240411 BloodHoundAD AzureHound is the BloodHound data collector for Microsoft Azure. - + diff --git a/packages/blobrunner.vm/blobrunner.vm.nuspec b/packages/blobrunner.vm/blobrunner.vm.nuspec index 439fe5f91..dfdad4ef1 100644 --- a/packages/blobrunner.vm/blobrunner.vm.nuspec +++ b/packages/blobrunner.vm/blobrunner.vm.nuspec @@ -2,11 +2,11 @@ blobrunner.vm - 0.0.5.20240217 + 0.0.5.20240411 OALabs BlobRunner is a simple tool to quickly debug shellcode extracted during malware analysis. - + diff --git a/packages/blobrunner64.vm/blobrunner64.vm.nuspec b/packages/blobrunner64.vm/blobrunner64.vm.nuspec index c1fcbf387..774cae1a8 100644 --- a/packages/blobrunner64.vm/blobrunner64.vm.nuspec +++ b/packages/blobrunner64.vm/blobrunner64.vm.nuspec @@ -2,11 +2,11 @@ blobrunner64.vm - 0.0.5.20240217 + 0.0.5.20240411 OALabs BlobRunner is a simple tool to quickly debug shellcode extracted during malware analysis. - + diff --git a/packages/bloodhound-custom-queries.vm/bloodhound-custom-queries.vm.nuspec b/packages/bloodhound-custom-queries.vm/bloodhound-custom-queries.vm.nuspec index a83e539e9..1dda9bdda 100644 --- a/packages/bloodhound-custom-queries.vm/bloodhound-custom-queries.vm.nuspec +++ b/packages/bloodhound-custom-queries.vm/bloodhound-custom-queries.vm.nuspec @@ -2,11 +2,11 @@ bloodhound-custom-queries.vm - 0.0.0.20240323 + 0.0.0.20240411 hausec Custom Query list for the Bloodhound GUI based off my cheatsheet - + diff --git a/packages/bloodhound.vm/bloodhound.vm.nuspec b/packages/bloodhound.vm/bloodhound.vm.nuspec index 3224d0bde..d7ad990b9 100644 --- a/packages/bloodhound.vm/bloodhound.vm.nuspec +++ b/packages/bloodhound.vm/bloodhound.vm.nuspec @@ -2,11 +2,11 @@ bloodhound.vm - 4.3.1.20230713 + 4.3.1.20240411 BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment. Andrew Robbins, Rohan Vazarkar, Will Schroeder - + diff --git a/packages/bstrings.vm/bstrings.vm.nuspec b/packages/bstrings.vm/bstrings.vm.nuspec index 6fb959cbb..700f4b35c 100644 --- a/packages/bstrings.vm/bstrings.vm.nuspec +++ b/packages/bstrings.vm/bstrings.vm.nuspec @@ -2,11 +2,11 @@ bstrings.vm - 1.5.2.20231208 + 1.5.2.20240411 Eric Zimmerman Find them strings yo. Built in regex patterns. Handles locked files - + diff --git a/packages/c3.vm/c3.vm.nuspec b/packages/c3.vm/c3.vm.nuspec index a4fc72563..e7f712d34 100644 --- a/packages/c3.vm/c3.vm.nuspec +++ b/packages/c3.vm/c3.vm.nuspec @@ -2,11 +2,11 @@ c3.vm - 0.0.0.20240323 + 0.0.0.20240411 WithSecureLabs C3 (Custom Command and Control) is a tool that allows Red Teams to rapidly develop and utilise esoteric command and control channels (C2). It's a framework that extends other red team tooling, such as the commercial Cobalt Strike (CS) product via ExternalC2. - + diff --git a/packages/capa.vm/capa.vm.nuspec b/packages/capa.vm/capa.vm.nuspec index 6a39fa759..1edc4f02e 100755 --- a/packages/capa.vm/capa.vm.nuspec +++ b/packages/capa.vm/capa.vm.nuspec @@ -2,11 +2,11 @@ capa.vm - 7.0.1 + 7.0.1.20240411 capa detects capabilities in executable files. You run it against a PE file or shellcode and it tells you what it thinks the program can do. @williballenthin, @mr-tz, @Ana06, @mike-hunhoff, @mwilliams31, @MalwareMechanic - + diff --git a/packages/certify.vm/certify.vm.nuspec b/packages/certify.vm/certify.vm.nuspec index d44c54944..4c52aac77 100644 --- a/packages/certify.vm/certify.vm.nuspec +++ b/packages/certify.vm/certify.vm.nuspec @@ -2,11 +2,11 @@ certify.vm - 1.1.0.20240323 + 1.1.0.20240411 HarmJ0y, leechristensen Certify is a C# tool to enumerate and abuse misconfigurations in Active Directory Certificate Services (AD CS). - + diff --git a/packages/chainsaw.vm/chainsaw.vm.nuspec b/packages/chainsaw.vm/chainsaw.vm.nuspec index 8c59edaf2..df3a4d9d0 100644 --- a/packages/chainsaw.vm/chainsaw.vm.nuspec +++ b/packages/chainsaw.vm/chainsaw.vm.nuspec @@ -2,11 +2,11 @@ chainsaw.vm - 2.8.1 + 2.8.1.20240411 WithSecure Labs Chainsaw provides a powerful 'first-response' capability to quickly identify threats within Windows forensic artefacts such as Event Logs and the MFT file. - + diff --git a/packages/common.vm/common.vm.nuspec b/packages/common.vm/common.vm.nuspec index 3fd044e52..b916e3621 100755 --- a/packages/common.vm/common.vm.nuspec +++ b/packages/common.vm/common.vm.nuspec @@ -2,7 +2,7 @@ common.vm - 0.0.0.20240410 + 0.0.0.20240411 Common libraries for VM-packages Mandiant diff --git a/packages/common.vm/tools/vm.common/vm.common.psm1 b/packages/common.vm/tools/vm.common/vm.common.psm1 index 1dbf1f214..5c3c10a2f 100755 --- a/packages/common.vm/tools/vm.common/vm.common.psm1 +++ b/packages/common.vm/tools/vm.common/vm.common.psm1 @@ -225,10 +225,11 @@ function VM-Install-Raw-GitHub-Repo { ) try { if ($withoutBinFile) { - VM-Install-From-Zip -toolName $toolName -category $category -zipUrl $zipUrl -zipSha256 $zipSha256 -innerFolder $innerFolder -executableName $executableName -withoutBinFile -powershellCommand $powershellCommand + $toolDir = (VM-Install-From-Zip -toolName $toolName -category $category -zipUrl $zipUrl -zipSha256 $zipSha256 -innerFolder $innerFolder -executableName $executableName -withoutBinFile -powershellCommand $powershellCommand)[0] } else { - VM-Install-From-Zip -toolName $toolName -category $category -zipUrl $zipUrl -zipSha256 $zipSha256 -innerFolder $innerFolder -executableName $executableName -powershellCommand $powershellCommand + $toolDir = (VM-Install-From-Zip -toolName $toolName -category $category -zipUrl $zipUrl -zipSha256 $zipSha256 -innerFolder $innerFolder -executableName $executableName -powershellCommand $powershellCommand)[0] } + return $toolDir } catch { VM-Write-Log-Exception $_ } @@ -320,9 +321,10 @@ function VM-Install-Shortcut{ } } -# This functions returns $toolDir (outputed by Install-ChocolateyZipPackage) and $executablePath +# This functions returns $toolDir and $executablePath function VM-Install-From-Zip { [CmdletBinding()] + [OutputType([System.Object[]])] Param ( [Parameter(Mandatory=$true, Position=0)] @@ -331,7 +333,7 @@ function VM-Install-From-Zip { [string] $category, [Parameter(Mandatory=$true, Position=2)] [string] $zipUrl, - [Parameter(Mandatory=$true, Position=3)] + [Parameter(Mandatory=$false, Position=3)] [string] $zipSha256, [Parameter(Mandatory=$false)] [string] $zipUrl_64, @@ -397,7 +399,7 @@ function VM-Install-From-Zip { VM-Install-Shortcut -toolName $toolName -category $category -executablePath $executablePath -consoleApp $consoleApp -arguments $arguments Install-BinFile -Name $toolName -Path $executablePath } - return $executablePath + return ,@($toolDir, $executablePath) } catch { VM-Write-Log-Exception $_ } diff --git a/packages/covenant.vm/covenant.vm.nuspec b/packages/covenant.vm/covenant.vm.nuspec index aa949189f..4c83c65f6 100644 --- a/packages/covenant.vm/covenant.vm.nuspec +++ b/packages/covenant.vm/covenant.vm.nuspec @@ -2,11 +2,11 @@ covenant.vm - 0.0.0.20240323 + 0.0.0.20240411 cobbr Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers. - + diff --git a/packages/credninja.vm/credninja.vm.nuspec b/packages/credninja.vm/credninja.vm.nuspec index ed6b9dcb3..6e2e4f8c2 100644 --- a/packages/credninja.vm/credninja.vm.nuspec +++ b/packages/credninja.vm/credninja.vm.nuspec @@ -2,11 +2,11 @@ credninja.vm - 2.3.0.20240323 + 2.3.0.20240411 raikiasec This tool will tell you if the credentials you dumped are valid on the domain, and if you have local administrator access to a host. - + diff --git a/packages/cryptotester.vm/cryptotester.vm.nuspec b/packages/cryptotester.vm/cryptotester.vm.nuspec index 3d1e3d03e..030291816 100644 --- a/packages/cryptotester.vm/cryptotester.vm.nuspec +++ b/packages/cryptotester.vm/cryptotester.vm.nuspec @@ -2,11 +2,11 @@ cryptotester.vm - 1.7.1 + 1.7.1.20240411 Michael Gillespie (@demonslay335) Utility tool for performing cryptanalysis with a focus on ransomware cryptography - + diff --git a/packages/cutter.vm/cutter.vm.nuspec b/packages/cutter.vm/cutter.vm.nuspec index 729d42667..ae80b8f7b 100644 --- a/packages/cutter.vm/cutter.vm.nuspec +++ b/packages/cutter.vm/cutter.vm.nuspec @@ -2,11 +2,11 @@ cutter.vm - 2.3.4.20240305 + 2.3.4.20240411 Rizin Cutter is a FOSS dissassembler/decompiler - + diff --git a/packages/de4dot-cex.vm/de4dot-cex.vm.nuspec b/packages/de4dot-cex.vm/de4dot-cex.vm.nuspec index b1acfaa0e..cdb644085 100644 --- a/packages/de4dot-cex.vm/de4dot-cex.vm.nuspec +++ b/packages/de4dot-cex.vm/de4dot-cex.vm.nuspec @@ -2,11 +2,11 @@ de4dot-cex.vm - 4.0.0.20230526 + 4.0.0.20240411 ViRb3 A de4dot fork with full support for vanilla ConfuserEx - + diff --git a/packages/dex2jar.vm/dex2jar.vm.nuspec b/packages/dex2jar.vm/dex2jar.vm.nuspec index 5b870f8d5..9d362bec1 100644 --- a/packages/dex2jar.vm/dex2jar.vm.nuspec +++ b/packages/dex2jar.vm/dex2jar.vm.nuspec @@ -2,11 +2,11 @@ dex2jar.vm - 2.3.0.20231025 + 2.3.0.20240411 @pxb1988 Tools to work with android .dex and java .class files. - + diff --git a/packages/die.vm/die.vm.nuspec b/packages/die.vm/die.vm.nuspec index 8f26366e3..f360d6ce2 100644 --- a/packages/die.vm/die.vm.nuspec +++ b/packages/die.vm/die.vm.nuspec @@ -2,11 +2,11 @@ die.vm - 3.07.20240217 + 3.07.0.20240411 Hellsp@wn, horsicq Detect It Easy, or abbreviated "DIE" is a program for determining types of files. - + diff --git a/packages/dnspyex.vm/dnspyex.vm.nuspec b/packages/dnspyex.vm/dnspyex.vm.nuspec index a458451e8..538af9e19 100644 --- a/packages/dnspyex.vm/dnspyex.vm.nuspec +++ b/packages/dnspyex.vm/dnspyex.vm.nuspec @@ -2,11 +2,11 @@ dnspyex.vm - 6.5.0 + 6.5.0.20240411 0xd4d, ElektroKill dnSpyEx is a unofficial continuation of the dnSpy project which is a debugger and .NET assembly editor. You can use it to edit and debug assemblies even if you don't have any source code available. - + diff --git a/packages/dotdumper.vm/dotdumper.vm.nuspec b/packages/dotdumper.vm/dotdumper.vm.nuspec index 52297f4ab..e9c34ce84 100644 --- a/packages/dotdumper.vm/dotdumper.vm.nuspec +++ b/packages/dotdumper.vm/dotdumper.vm.nuspec @@ -2,11 +2,11 @@ dotdumper.vm - 1.1 + 1.1.0.20240411 ThisIsLibra An automatic unpacker and logger for DotNet Framework targeting files - + diff --git a/packages/dotnettojscript.vm/dotnettojscript.vm.nuspec b/packages/dotnettojscript.vm/dotnettojscript.vm.nuspec index 8f4ae9354..8a33f49ab 100644 --- a/packages/dotnettojscript.vm/dotnettojscript.vm.nuspec +++ b/packages/dotnettojscript.vm/dotnettojscript.vm.nuspec @@ -2,11 +2,11 @@ dotnettojscript.vm - 0.0.0.20240323 + 0.0.0.20240411 James Forshaw A tool to generate a JScript which bootstraps an arbitrary .NET Assembly and class. - + diff --git a/packages/dumpert.vm/dumpert.vm.nuspec b/packages/dumpert.vm/dumpert.vm.nuspec index bc0ab912c..86122eb84 100644 --- a/packages/dumpert.vm/dumpert.vm.nuspec +++ b/packages/dumpert.vm/dumpert.vm.nuspec @@ -2,11 +2,11 @@ dumpert.vm - 0.0.0.20240323 + 0.0.0.20240411 outflank This tool demonstrates the use of direct System Calls and API unhooking and combines these techniques in a proof of concept code which can be used to create a LSASS memory dump using Cobalt Strike. - + diff --git a/packages/evilclippy.vm/evilclippy.vm.nuspec b/packages/evilclippy.vm/evilclippy.vm.nuspec index 146f00de3..ed2a07a97 100644 --- a/packages/evilclippy.vm/evilclippy.vm.nuspec +++ b/packages/evilclippy.vm/evilclippy.vm.nuspec @@ -2,11 +2,11 @@ evilclippy.vm - 1.3.0.20240323 + 1.3.0.20240411 outflank A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. - + diff --git a/packages/evtxecmd.vm/evtxecmd.vm.nuspec b/packages/evtxecmd.vm/evtxecmd.vm.nuspec index bf542c964..6c24baa76 100644 --- a/packages/evtxecmd.vm/evtxecmd.vm.nuspec +++ b/packages/evtxecmd.vm/evtxecmd.vm.nuspec @@ -2,11 +2,11 @@ evtxecmd.vm - 1.5.0.20231208 + 1.5.0.20240411 Eric Zimmerman Event log (evtx) parser with standardized CSV, XML, and json output! Custom maps, locked file support, and more! - + diff --git a/packages/exeinfope.vm/exeinfope.vm.nuspec b/packages/exeinfope.vm/exeinfope.vm.nuspec index f8554fc44..7ff99c810 100644 --- a/packages/exeinfope.vm/exeinfope.vm.nuspec +++ b/packages/exeinfope.vm/exeinfope.vm.nuspec @@ -2,11 +2,11 @@ exeinfope.vm - 0.0.7.20240217 + 0.0.7.20240411 A.S.L Soft Displays metadata for a variety of file types and identifies many executable packers - + diff --git a/packages/extreme_dumper.vm/extreme_dumper.vm.nuspec b/packages/extreme_dumper.vm/extreme_dumper.vm.nuspec index 086677d5d..fd5bd6522 100644 --- a/packages/extreme_dumper.vm/extreme_dumper.vm.nuspec +++ b/packages/extreme_dumper.vm/extreme_dumper.vm.nuspec @@ -2,11 +2,11 @@ extreme_dumper.vm - 4.0.0.20240219 + 4.0.0.20240411 wwh1004 .NET Assembly Dumper from memory of processes. - + diff --git a/packages/ezviewer.vm/ezviewer.vm.nuspec b/packages/ezviewer.vm/ezviewer.vm.nuspec index e563a2bd2..c1271b24b 100644 --- a/packages/ezviewer.vm/ezviewer.vm.nuspec +++ b/packages/ezviewer.vm/ezviewer.vm.nuspec @@ -2,11 +2,11 @@ ezviewer.vm - 2.0.0.20240226 + 2.0.0.20240411 Eric Zimmerman Standalone, zero dependency viewer for .doc, .docx, .xls, .xlsx, .txt, .log, .rtf, .otd, .htm, .html, .mht, .csv, and .pdf. Any non-supported files are shown in a hex editor (with data interpreter!) - + diff --git a/packages/file.vm/file.vm.nuspec b/packages/file.vm/file.vm.nuspec index f070c8858..8dbe845a4 100644 --- a/packages/file.vm/file.vm.nuspec +++ b/packages/file.vm/file.vm.nuspec @@ -2,11 +2,11 @@ file.vm - 0.0.0.20240217 + 0.0.0.20240411 A Windows port of the Linux `file` utility for checking header magics Nolen Scaiffe - + diff --git a/packages/floss.vm/floss.vm.nuspec b/packages/floss.vm/floss.vm.nuspec index b0a0f2781..905a67b7c 100755 --- a/packages/floss.vm/floss.vm.nuspec +++ b/packages/floss.vm/floss.vm.nuspec @@ -2,11 +2,11 @@ floss.vm - 3.0.1.20240217 + 3.0.1.20240411 FLOSS uses advanced static analysis techniques to automatically deobfuscate strings from malware binaries. You can use it just like strings.exe to enhance basic static analysis of unknown binaries. @williballenthin, @mr-tz - + diff --git a/packages/fuzzdb.vm/fuzzdb.vm.nuspec b/packages/fuzzdb.vm/fuzzdb.vm.nuspec index f10f1f4fe..97d66ec78 100644 --- a/packages/fuzzdb.vm/fuzzdb.vm.nuspec +++ b/packages/fuzzdb.vm/fuzzdb.vm.nuspec @@ -2,11 +2,11 @@ fuzzdb.vm - 0.0.0.20240323 + 0.0.0.20240411 fuzzdb-project FuzzDB is the most comprehensive open dictionary of fault injection patterns, predictable resource locations, and regex for matching server responses. - + diff --git a/packages/gadgettojscript.vm/gadgettojscript.vm.nuspec b/packages/gadgettojscript.vm/gadgettojscript.vm.nuspec index 96c0aa4ad..d7d2df42b 100644 --- a/packages/gadgettojscript.vm/gadgettojscript.vm.nuspec +++ b/packages/gadgettojscript.vm/gadgettojscript.vm.nuspec @@ -2,11 +2,11 @@ gadgettojscript.vm - 2.0.0.20240323 + 2.0.0.20240411 med0x2e A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA scripts. - + diff --git a/packages/garbageman.vm/garbageman.vm.nuspec b/packages/garbageman.vm/garbageman.vm.nuspec index f5f68648b..5e7dc30f5 100644 --- a/packages/garbageman.vm/garbageman.vm.nuspec +++ b/packages/garbageman.vm/garbageman.vm.nuspec @@ -2,11 +2,11 @@ garbageman.vm - 0.2.4 + 0.2.4.20240411 alphillips-lab A set of tools designed for .NET heap analysis. - + diff --git a/packages/gobuster.vm/gobuster.vm.nuspec b/packages/gobuster.vm/gobuster.vm.nuspec index e6129c87d..e4d335e91 100644 --- a/packages/gobuster.vm/gobuster.vm.nuspec +++ b/packages/gobuster.vm/gobuster.vm.nuspec @@ -2,11 +2,11 @@ gobuster.vm - 3.5.0.20230713 + 3.5.0.20240411 Directory/file and DNS busting tool written in Go OJ Reeves - + diff --git a/packages/goresym.vm/goresym.vm.nuspec b/packages/goresym.vm/goresym.vm.nuspec index a12df0526..3a88f441b 100644 --- a/packages/goresym.vm/goresym.vm.nuspec +++ b/packages/goresym.vm/goresym.vm.nuspec @@ -2,11 +2,11 @@ goresym.vm - 2.4.0.20240217 + 2.4.0.20240411 stevemk14ebr Go symbol recovery tool - + diff --git a/packages/hasher.vm/hasher.vm.nuspec b/packages/hasher.vm/hasher.vm.nuspec index 6d4b2e7de..aaf94cbb6 100644 --- a/packages/hasher.vm/hasher.vm.nuspec +++ b/packages/hasher.vm/hasher.vm.nuspec @@ -2,11 +2,11 @@ hasher.vm - 2.0.0.20240226 + 2.0.0.20240411 Eric Zimmerman Hash all the things - + diff --git a/packages/hashmyfiles.vm/hashmyfiles.vm.nuspec b/packages/hashmyfiles.vm/hashmyfiles.vm.nuspec index d3e18b7e1..fc34cb9b6 100644 --- a/packages/hashmyfiles.vm/hashmyfiles.vm.nuspec +++ b/packages/hashmyfiles.vm/hashmyfiles.vm.nuspec @@ -2,11 +2,11 @@ hashmyfiles.vm - 0.0.0.20240217 + 0.0.0.20240411 HashMyFiles is small utility that allows you to calculate the MD5 and SHA1 hashes of one or more files in your system. You can easily copy the MD5/SHA1 hashes list into the clipboard, or save them into text/html/xml file. Nir Sofer - + diff --git a/packages/hayabusa.vm/hayabusa.vm.nuspec b/packages/hayabusa.vm/hayabusa.vm.nuspec index 9c8f2e4bb..35708ef53 100644 --- a/packages/hayabusa.vm/hayabusa.vm.nuspec +++ b/packages/hayabusa.vm/hayabusa.vm.nuspec @@ -2,11 +2,11 @@ hayabusa.vm - 2.11.0 + 2.11.0.20240411 Yamato Security Windows event log fast forensics timeline generator and threat hunting tool - + diff --git a/packages/hollowshunter.vm/hollowshunter.vm.nuspec b/packages/hollowshunter.vm/hollowshunter.vm.nuspec index 0edb962c6..c962539c6 100644 --- a/packages/hollowshunter.vm/hollowshunter.vm.nuspec +++ b/packages/hollowshunter.vm/hollowshunter.vm.nuspec @@ -2,11 +2,11 @@ hollowshunter.vm - 0.3.9 + 0.3.9.20240411 hasherezade Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches). - + diff --git a/packages/ida.diaphora.vm/ida.diaphora.vm.nuspec b/packages/ida.diaphora.vm/ida.diaphora.vm.nuspec index e7125ac35..f9d4fd8da 100644 --- a/packages/ida.diaphora.vm/ida.diaphora.vm.nuspec +++ b/packages/ida.diaphora.vm/ida.diaphora.vm.nuspec @@ -2,12 +2,12 @@ ida.diaphora.vm - 3.1.2 + 3.1.2.20240411 joxeankoret Diaphora is a program diffing tool that works as an IDA plugin. - - + + diff --git a/packages/ifpstools.vm/ifpstools.vm.nuspec b/packages/ifpstools.vm/ifpstools.vm.nuspec index 00d8cb3c4..b5fc2e49c 100644 --- a/packages/ifpstools.vm/ifpstools.vm.nuspec +++ b/packages/ifpstools.vm/ifpstools.vm.nuspec @@ -2,11 +2,11 @@ ifpstools.vm - 2.0.2.20231203 + 2.0.2.20240411 Wack0, Jonson Tan IFPSTools.NET: tools for working with RemObject PascalScript compiled bytecode files - + diff --git a/packages/innoextract.vm/innoextract.vm.nuspec b/packages/innoextract.vm/innoextract.vm.nuspec index ef5793c0f..8ab541525 100644 --- a/packages/innoextract.vm/innoextract.vm.nuspec +++ b/packages/innoextract.vm/innoextract.vm.nuspec @@ -2,11 +2,11 @@ innoextract.vm - 1.9.0.20231203 + 1.9.0.20240411 Daniel Scharrer A tool to extract Inno Setup installers. - + diff --git a/packages/inveigh.vm/inveigh.vm.nuspec b/packages/inveigh.vm/inveigh.vm.nuspec index 0c57f409c..65c76711d 100644 --- a/packages/inveigh.vm/inveigh.vm.nuspec +++ b/packages/inveigh.vm/inveigh.vm.nuspec @@ -2,11 +2,11 @@ inveigh.vm - 2.0.10.20231203 + 2.0.10.20240411 Kevin-Robertson, joncave, kant2002 Inveigh is a cross-platform .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers. - + diff --git a/packages/invokedosfuscation.vm/invokedosfuscation.vm.nuspec b/packages/invokedosfuscation.vm/invokedosfuscation.vm.nuspec index 2145f8ecf..462a6e854 100644 --- a/packages/invokedosfuscation.vm/invokedosfuscation.vm.nuspec +++ b/packages/invokedosfuscation.vm/invokedosfuscation.vm.nuspec @@ -2,11 +2,11 @@ invokedosfuscation.vm - 1.0.0.20240312 + 1.0.0.20240411 danielbohannon Invoke-DOSfuscation is a PowerShell v2.0+ compatible cmd.exe command obfuscation framework. - + diff --git a/packages/invokeobfuscation.vm/invokeobfuscation.vm.nuspec b/packages/invokeobfuscation.vm/invokeobfuscation.vm.nuspec index 62a82e02a..471d6d908 100644 --- a/packages/invokeobfuscation.vm/invokeobfuscation.vm.nuspec +++ b/packages/invokeobfuscation.vm/invokeobfuscation.vm.nuspec @@ -2,11 +2,11 @@ invokeobfuscation.vm - 1.8.2.20240312 + 1.8.2.20240411 cobbr, 4d4c, mvle, danielbohannon Invoke-Obfuscation is a PowerShell v2.0+ compatible PowerShell command and script obfuscator. - + diff --git a/packages/jlecmd.vm/jlecmd.vm.nuspec b/packages/jlecmd.vm/jlecmd.vm.nuspec index 08a9776ff..6ec39d37e 100644 --- a/packages/jlecmd.vm/jlecmd.vm.nuspec +++ b/packages/jlecmd.vm/jlecmd.vm.nuspec @@ -2,11 +2,11 @@ jlecmd.vm - 1.5.0.20231208 + 1.5.0.20240411 Eric Zimmerman Jump List parser - + diff --git a/packages/jumplist_explorer.vm/jumplist_explorer.vm.nuspec b/packages/jumplist_explorer.vm/jumplist_explorer.vm.nuspec index 73acbe743..f0576e4f0 100644 --- a/packages/jumplist_explorer.vm/jumplist_explorer.vm.nuspec +++ b/packages/jumplist_explorer.vm/jumplist_explorer.vm.nuspec @@ -2,11 +2,11 @@ jumplist_explorer.vm - 2.0.0.20231208 + 2.0.0.20240411 Eric Zimmerman GUI based Jump List viewer - + diff --git a/packages/keethief.vm/keethief.vm.nuspec b/packages/keethief.vm/keethief.vm.nuspec index ee6d50337..d4f7a7d3f 100644 --- a/packages/keethief.vm/keethief.vm.nuspec +++ b/packages/keethief.vm/keethief.vm.nuspec @@ -2,11 +2,11 @@ keethief.vm - 0.0.0.20240323 + 0.0.0.20240411 tifkin_, harmj0y Allows for the extraction of KeePass 2.X key material from memory, as well as the backdooring and enumeration of the KeePass trigger system. - + diff --git a/packages/lecmd.vm/lecmd.vm.nuspec b/packages/lecmd.vm/lecmd.vm.nuspec index 2a1e48dc2..26a6dbaf4 100644 --- a/packages/lecmd.vm/lecmd.vm.nuspec +++ b/packages/lecmd.vm/lecmd.vm.nuspec @@ -2,11 +2,11 @@ lecmd.vm - 1.5.0.20231208 + 1.5.0.20240411 Eric Zimmerman Parse lnk files - + diff --git a/packages/logfileparser.vm/logfileparser.vm.nuspec b/packages/logfileparser.vm/logfileparser.vm.nuspec index 21885978e..d0ee73342 100644 --- a/packages/logfileparser.vm/logfileparser.vm.nuspec +++ b/packages/logfileparser.vm/logfileparser.vm.nuspec @@ -2,11 +2,11 @@ logfileparser.vm - 2.0.0.20231204 + 2.0.0.20240411 Joakim Schicht Decode and dump lots of transaction information from the $LogFile on NTFS. - + diff --git a/packages/malware-jail.vm/malware-jail.vm.nuspec b/packages/malware-jail.vm/malware-jail.vm.nuspec index 98c834471..99da1f000 100644 --- a/packages/malware-jail.vm/malware-jail.vm.nuspec +++ b/packages/malware-jail.vm/malware-jail.vm.nuspec @@ -2,11 +2,11 @@ malware-jail.vm - 0.0.0.20240323 + 0.0.0.20240411 Hynek Petrak Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. - + diff --git a/packages/memprocfs.vm/memprocfs.vm.nuspec b/packages/memprocfs.vm/memprocfs.vm.nuspec index 0bd530a1d..2edb019b6 100644 --- a/packages/memprocfs.vm/memprocfs.vm.nuspec +++ b/packages/memprocfs.vm/memprocfs.vm.nuspec @@ -2,11 +2,11 @@ memprocfs.vm - 5.9.4 + 5.9.4.20240411 Ulf Frisk MemProcFS is an easy and convenient way of viewing physical memory as files in a virtual file system. - + diff --git a/packages/mft_explorer.vm/mft_explorer.vm.nuspec b/packages/mft_explorer.vm/mft_explorer.vm.nuspec index 8c2b550d3..e5741dc8f 100644 --- a/packages/mft_explorer.vm/mft_explorer.vm.nuspec +++ b/packages/mft_explorer.vm/mft_explorer.vm.nuspec @@ -2,11 +2,11 @@ mft_explorer.vm - 2.0.0.20231208 + 2.0.0.20240411 Eric Zimmerman Graphical $MFT viewer - + diff --git a/packages/mftecmd.vm/mftecmd.vm.nuspec b/packages/mftecmd.vm/mftecmd.vm.nuspec index 71c5ce47d..a33fb324e 100644 --- a/packages/mftecmd.vm/mftecmd.vm.nuspec +++ b/packages/mftecmd.vm/mftecmd.vm.nuspec @@ -2,11 +2,11 @@ mftecmd.vm - 1.2.2.20240321 + 1.2.2.20240411 Eric Zimmerman $MFT, $Boot, $J, $SDS, $I30, and $LogFile (coming soon) parser. Handles locked files - + diff --git a/packages/microburst.vm/microburst.vm.nuspec b/packages/microburst.vm/microburst.vm.nuspec index 017a35965..f6e8cd17e 100644 --- a/packages/microburst.vm/microburst.vm.nuspec +++ b/packages/microburst.vm/microburst.vm.nuspec @@ -2,11 +2,11 @@ microburst.vm - 0.0.0.20240323 + 0.0.0.20240411 NetSPI MicroBurst includes functions and scripts that support Azure Services discovery, weak configuration auditing, and post exploitation actions such as credential dumping. - + diff --git a/packages/nanodump.vm/nanodump.vm.nuspec b/packages/nanodump.vm/nanodump.vm.nuspec index c7b70a2ea..17d113683 100644 --- a/packages/nanodump.vm/nanodump.vm.nuspec +++ b/packages/nanodump.vm/nanodump.vm.nuspec @@ -2,11 +2,11 @@ nanodump.vm - 0.0.0.20240323 + 0.0.0.20240411 fortra A Beacon Object File that creates a minidump of the LSASS process. - + diff --git a/packages/networkminer.vm/networkminer.vm.nuspec b/packages/networkminer.vm/networkminer.vm.nuspec index 033c7e476..c49436af5 100644 --- a/packages/networkminer.vm/networkminer.vm.nuspec +++ b/packages/networkminer.vm/networkminer.vm.nuspec @@ -2,11 +2,11 @@ networkminer.vm - 2.8.1 + 2.8.1.20240411 Netresec NetworkMiner is an open source Network Forensic Analysis Tool for Windows, but also works in Linux or Mac OS X. NetworkMiner can be used as a passive network sniffer in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to reassemble transmitted files and certificates from PCAP files. - + diff --git a/packages/offvis.vm/offvis.vm.nuspec b/packages/offvis.vm/offvis.vm.nuspec index c834166ac..34fb084a8 100644 --- a/packages/offvis.vm/offvis.vm.nuspec +++ b/packages/offvis.vm/offvis.vm.nuspec @@ -2,11 +2,11 @@ offvis.vm - 1.0.0.20240226 + 1.0.0.20240411 Microsoft The Microsoft Office Visualization Tool (OffVis) is a tool from Microsoft that helps understanding the Microsoft Office binary file format in order to deconstruct .doc-, .xls- and .ppt-based targeted attacks. - + diff --git a/packages/outflank-c2-tool-collection.vm/outflank-c2-tool-collection.vm.nuspec b/packages/outflank-c2-tool-collection.vm/outflank-c2-tool-collection.vm.nuspec index 368aee44b..7de51dedd 100644 --- a/packages/outflank-c2-tool-collection.vm/outflank-c2-tool-collection.vm.nuspec +++ b/packages/outflank-c2-tool-collection.vm/outflank-c2-tool-collection.vm.nuspec @@ -2,11 +2,11 @@ outflank-c2-tool-collection.vm - 0.0.0.20240323 + 0.0.0.20240411 outflank Contains a collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques. - + diff --git a/packages/payloadsallthethings.vm/payloadsallthethings.vm.nuspec b/packages/payloadsallthethings.vm/payloadsallthethings.vm.nuspec index f83d187d9..8483ce894 100644 --- a/packages/payloadsallthethings.vm/payloadsallthethings.vm.nuspec +++ b/packages/payloadsallthethings.vm/payloadsallthethings.vm.nuspec @@ -2,11 +2,11 @@ payloadsallthethings.vm - 0.0.0.20240323 + 0.0.0.20240411 swisskyrepo A list of useful payloads and bypasses for Web Application Security. - + diff --git a/packages/peanatomist.vm/peanatomist.vm.nuspec b/packages/peanatomist.vm/peanatomist.vm.nuspec index d651007ac..8266e9276 100644 --- a/packages/peanatomist.vm/peanatomist.vm.nuspec +++ b/packages/peanatomist.vm/peanatomist.vm.nuspec @@ -2,11 +2,11 @@ peanatomist.vm - 0.2.11931.20230825 + 0.2.11931.20240411 RamMerLabs PE Analysis tool providing detailed information - + diff --git a/packages/pecmd.vm/pecmd.vm.nuspec b/packages/pecmd.vm/pecmd.vm.nuspec index 1e6e32db8..857d46726 100644 --- a/packages/pecmd.vm/pecmd.vm.nuspec +++ b/packages/pecmd.vm/pecmd.vm.nuspec @@ -2,11 +2,11 @@ pecmd.vm - 1.5.0.20231208 + 1.5.0.20240411 Eric Zimmerman Prefetch parser - + diff --git a/packages/peid.vm/peid.vm.nuspec b/packages/peid.vm/peid.vm.nuspec index a0632d851..179f11766 100644 --- a/packages/peid.vm/peid.vm.nuspec +++ b/packages/peid.vm/peid.vm.nuspec @@ -2,11 +2,11 @@ peid.vm - 0.95.0.20221115 + 0.95.0.20240411 PEiD detects most common packers, cryptors and compilers for PE files. snaker, Qwerton, Jibz, xineohP - + diff --git a/packages/pestudio.vm/pestudio.vm.nuspec b/packages/pestudio.vm/pestudio.vm.nuspec index 84ede3560..6a74a1833 100644 --- a/packages/pestudio.vm/pestudio.vm.nuspec +++ b/packages/pestudio.vm/pestudio.vm.nuspec @@ -2,11 +2,11 @@ pestudio.vm - 9.58 + 9.58.0.20240411 Marc Ochsenmeier The goal of pestudio is to spot artifacts of executable files in order to ease and accelerate Malware Initial Assessment. - + diff --git a/packages/petitpotam.vm/petitpotam.vm.nuspec b/packages/petitpotam.vm/petitpotam.vm.nuspec index d58b712b2..6f7b592fa 100644 --- a/packages/petitpotam.vm/petitpotam.vm.nuspec +++ b/packages/petitpotam.vm/petitpotam.vm.nuspec @@ -2,11 +2,11 @@ petitpotam.vm - 0.0.0.20240323 + 0.0.0.20240411 topotam PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions - + diff --git a/packages/pkg-unpacker.vm/pkg-unpacker.vm.nuspec b/packages/pkg-unpacker.vm/pkg-unpacker.vm.nuspec index fa81344db..e860bddde 100644 --- a/packages/pkg-unpacker.vm/pkg-unpacker.vm.nuspec +++ b/packages/pkg-unpacker.vm/pkg-unpacker.vm.nuspec @@ -2,11 +2,11 @@ pkg-unpacker.vm - 1.0.0.20240323 + 1.0.0.20240411 LockBlock-dev Unpacker for pkg applications. - + diff --git a/packages/pma-labs.vm/pma-labs.vm.nuspec b/packages/pma-labs.vm/pma-labs.vm.nuspec index 4b5029b7e..33648e36e 100644 --- a/packages/pma-labs.vm/pma-labs.vm.nuspec +++ b/packages/pma-labs.vm/pma-labs.vm.nuspec @@ -2,11 +2,11 @@ pma-labs.vm - 0.0.0.20230626 + 0.0.0.20240411 Michael Sikorski Binaries for the book Practical Malware Analysis - + diff --git a/packages/powermad.vm/powermad.vm.nuspec b/packages/powermad.vm/powermad.vm.nuspec index 0b5afa406..c731d976a 100644 --- a/packages/powermad.vm/powermad.vm.nuspec +++ b/packages/powermad.vm/powermad.vm.nuspec @@ -2,11 +2,11 @@ powermad.vm - 0.0.0.20240323 + 0.0.0.20240411 Kevin-Robertson Powermad includes a set of functions for exploiting ms-DS-MachineAccountQuota without attaching an actual system to AD - + diff --git a/packages/powersploit.vm/powersploit.vm.nuspec b/packages/powersploit.vm/powersploit.vm.nuspec index 518750c48..11c0e0eab 100644 --- a/packages/powersploit.vm/powersploit.vm.nuspec +++ b/packages/powersploit.vm/powersploit.vm.nuspec @@ -2,11 +2,11 @@ powersploit.vm - 0.0.0.20240323 + 0.0.0.20240411 HarmJ0y, 0xe7 PowerSploit is a collection of Microsoft PowerShell modules that can be used to aid penetration testers during all phases of an assessment. - + diff --git a/packages/powerupsql.vm/powerupsql.vm.nuspec b/packages/powerupsql.vm/powerupsql.vm.nuspec index 62ab7d66b..8a66f2879 100644 --- a/packages/powerupsql.vm/powerupsql.vm.nuspec +++ b/packages/powerupsql.vm/powerupsql.vm.nuspec @@ -2,11 +2,11 @@ powerupsql.vm - 0.0.0.20240323 + 0.0.0.20240411 NetSPI PowerUpSQL includes functions that support SQL Server discovery, weak configuration auditing, privilege escalation on scale, and post exploitation actions such as OS command execution. - + diff --git a/packages/powerzure.vm/powerzure.vm.nuspec b/packages/powerzure.vm/powerzure.vm.nuspec index ff3782d3b..bfe36f620 100644 --- a/packages/powerzure.vm/powerzure.vm.nuspec +++ b/packages/powerzure.vm/powerzure.vm.nuspec @@ -2,11 +2,11 @@ powerzure.vm - 0.0.0.20240323 + 0.0.0.20240411 hausec PowerZure is a PowerShell project created to assess and exploit resources within Microsoft’s cloud platform, Azure. - + diff --git a/packages/rbcmd.vm/rbcmd.vm.nuspec b/packages/rbcmd.vm/rbcmd.vm.nuspec index cf9788f90..d88006260 100644 --- a/packages/rbcmd.vm/rbcmd.vm.nuspec +++ b/packages/rbcmd.vm/rbcmd.vm.nuspec @@ -2,11 +2,11 @@ rbcmd.vm - 1.5.0.20231208 + 1.5.0.20240411 Eric Zimmerman Recycle Bin artifact (INFO2/$I) parser - + diff --git a/packages/recentfilecacheparser.vm/recentfilecacheparser.vm.nuspec b/packages/recentfilecacheparser.vm/recentfilecacheparser.vm.nuspec index 0ae8fb885..ec6492258 100644 --- a/packages/recentfilecacheparser.vm/recentfilecacheparser.vm.nuspec +++ b/packages/recentfilecacheparser.vm/recentfilecacheparser.vm.nuspec @@ -2,11 +2,11 @@ recentfilecacheparser.vm - 1.5.0.20231208 + 1.5.0.20240411 Eric Zimmerman RecentFileCache parser - + diff --git a/packages/recmd.vm/recmd.vm.nuspec b/packages/recmd.vm/recmd.vm.nuspec index 7a33ce200..bbdce7f9b 100644 --- a/packages/recmd.vm/recmd.vm.nuspec +++ b/packages/recmd.vm/recmd.vm.nuspec @@ -2,11 +2,11 @@ recmd.vm - 2.0.0.20231208 + 2.0.0.20240411 Eric Zimmerman Powerful command line Registry tool searching, multi-hive support, plugins, and more - + diff --git a/packages/regcool.vm/regcool.vm.nuspec b/packages/regcool.vm/regcool.vm.nuspec index 4f59a53d4..b0692cb21 100644 --- a/packages/regcool.vm/regcool.vm.nuspec +++ b/packages/regcool.vm/regcool.vm.nuspec @@ -2,11 +2,11 @@ regcool.vm - 0.0.0.20240410 + 0.0.0.20240411 Kurt Zimmermann In addition to all the features that you can find in RegEdit and RegEdt32, RegCool adds many powerful features that allow you to work faster and more efficiently with registry related tasks - + diff --git a/packages/registry_explorer.vm/registry_explorer.vm.nuspec b/packages/registry_explorer.vm/registry_explorer.vm.nuspec index a58d1aa0c..859bcdd73 100644 --- a/packages/registry_explorer.vm/registry_explorer.vm.nuspec +++ b/packages/registry_explorer.vm/registry_explorer.vm.nuspec @@ -2,11 +2,11 @@ registry_explorer.vm - 2.0.0.20240226 + 2.0.0.20240411 Eric Zimmerman Registry viewer with searching, multi-hive support, plugins, and more. Handles locked files - + diff --git a/packages/regshot.vm/regshot.vm.nuspec b/packages/regshot.vm/regshot.vm.nuspec index 58cad02cd..b8f73ac55 100644 --- a/packages/regshot.vm/regshot.vm.nuspec +++ b/packages/regshot.vm/regshot.vm.nuspec @@ -2,11 +2,11 @@ regshot.vm - 1.9.1.20240217 + 1.9.1.20240411 maddes, regshot, xhmikosr Regshot is a small, free and open-source registry compare utility that allows you to quickly take a snapshot of your registry and then compare it with a second one - done after doing system changes or installing a new software product. - + diff --git a/packages/rla.vm/rla.vm.nuspec b/packages/rla.vm/rla.vm.nuspec index 0458b9366..80ed00d4c 100644 --- a/packages/rla.vm/rla.vm.nuspec +++ b/packages/rla.vm/rla.vm.nuspec @@ -2,11 +2,11 @@ rla.vm - 2.0.0.20231208 + 2.0.0.20240411 Eric Zimmerman Replay transaction logs and update Registry hives so they are no longer dirty. Useful when tools do not know how to handle transaction logs - + diff --git a/packages/routesixtysink.vm/routesixtysink.vm.nuspec b/packages/routesixtysink.vm/routesixtysink.vm.nuspec index befc283a6..63c7d6995 100644 --- a/packages/routesixtysink.vm/routesixtysink.vm.nuspec +++ b/packages/routesixtysink.vm/routesixtysink.vm.nuspec @@ -2,11 +2,11 @@ routesixtysink.vm - 0.0.0.20240323 + 0.0.0.20240411 Dillon Franke, Michael Maturi Route Sixty-Sink is an open source tool that enables defenders and security researchers alike to quickly identify vulnerabilities in any .NET assembly using automated source-to-sink analysis. - + diff --git a/packages/rpcview.vm/rpcview.vm.nuspec b/packages/rpcview.vm/rpcview.vm.nuspec index dbdabcdc7..aa63eb04c 100644 --- a/packages/rpcview.vm/rpcview.vm.nuspec +++ b/packages/rpcview.vm/rpcview.vm.nuspec @@ -2,11 +2,11 @@ rpcview.vm - 0.3.1.20231218 + 0.3.1.20240411 silverf0x RpcView is an open-source tool to explore and decompile all RPC functionalities present on a Microsoft system - + diff --git a/packages/rubeus.vm/rubeus.vm.nuspec b/packages/rubeus.vm/rubeus.vm.nuspec index 099a18a46..0e347a447 100644 --- a/packages/rubeus.vm/rubeus.vm.nuspec +++ b/packages/rubeus.vm/rubeus.vm.nuspec @@ -2,11 +2,11 @@ rubeus.vm - 2.3.1.20240323 + 2.3.1.20240411 harmj0y Rubeus is a C# toolset for raw Kerberos interaction and abuses. - + diff --git a/packages/rundotnetdll.vm/rundotnetdll.vm.nuspec b/packages/rundotnetdll.vm/rundotnetdll.vm.nuspec index 02ed6c9c6..d254a9dee 100644 --- a/packages/rundotnetdll.vm/rundotnetdll.vm.nuspec +++ b/packages/rundotnetdll.vm/rundotnetdll.vm.nuspec @@ -2,11 +2,11 @@ rundotnetdll.vm - 2.2.0.20231203 + 2.2.0.20240411 A simple utility to list all methods of a given .NET Assembly and to invoke them. Antonio Parata - + diff --git a/packages/safetykatz.vm/safetykatz.vm.nuspec b/packages/safetykatz.vm/safetykatz.vm.nuspec index 9cd0b5325..082f77b11 100644 --- a/packages/safetykatz.vm/safetykatz.vm.nuspec +++ b/packages/safetykatz.vm/safetykatz.vm.nuspec @@ -2,11 +2,11 @@ safetykatz.vm - 0.0.0.20240323 + 0.0.0.20240411 HarmJ0y SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader. - + diff --git a/packages/sbecmd.vm/sbecmd.vm.nuspec b/packages/sbecmd.vm/sbecmd.vm.nuspec index 5fa138599..1c4ebe011 100644 --- a/packages/sbecmd.vm/sbecmd.vm.nuspec +++ b/packages/sbecmd.vm/sbecmd.vm.nuspec @@ -2,11 +2,11 @@ sbecmd.vm - 2.0.0.20240321 + 2.0.0.20240411 Eric Zimmerman ShellBags Explorer, command line edition, for exporting shellbag data - + diff --git a/packages/scdbg.vm/scdbg.vm.nuspec b/packages/scdbg.vm/scdbg.vm.nuspec index 141e9af29..65ccc31bc 100644 --- a/packages/scdbg.vm/scdbg.vm.nuspec +++ b/packages/scdbg.vm/scdbg.vm.nuspec @@ -2,11 +2,11 @@ scdbg.vm - 0.0.0.20240217 + 0.0.0.20240411 Paul Baecher, Markus Koetter, David Zimmer scdbg is an emulation based shellcode API logger and debugger - + diff --git a/packages/sdb_explorer.vm/sdb_explorer.vm.nuspec b/packages/sdb_explorer.vm/sdb_explorer.vm.nuspec index 9ee292f5a..7fbee3655 100644 --- a/packages/sdb_explorer.vm/sdb_explorer.vm.nuspec +++ b/packages/sdb_explorer.vm/sdb_explorer.vm.nuspec @@ -2,11 +2,11 @@ sdb_explorer.vm - 2.0.0.20231208 + 2.0.0.20240411 Eric Zimmerman Shim database GUI - + diff --git a/packages/seatbelt.vm/seatbelt.vm.nuspec b/packages/seatbelt.vm/seatbelt.vm.nuspec index c4fdc2dcd..359c7ce71 100644 --- a/packages/seatbelt.vm/seatbelt.vm.nuspec +++ b/packages/seatbelt.vm/seatbelt.vm.nuspec @@ -2,11 +2,11 @@ seatbelt.vm - 1.2.0.20240323 + 1.2.0.20240411 harmj0y, tifkin_ Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives. - + diff --git a/packages/seclists.vm/seclists.vm.nuspec b/packages/seclists.vm/seclists.vm.nuspec index 3792e32e0..275550b57 100644 --- a/packages/seclists.vm/seclists.vm.nuspec +++ b/packages/seclists.vm/seclists.vm.nuspec @@ -2,11 +2,11 @@ seclists.vm - 2024.1.0.20240323 + 2024.1.0.20240411 danielmiessler SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. - + diff --git a/packages/setdllcharacteristics.vm/setdllcharacteristics.vm.nuspec b/packages/setdllcharacteristics.vm/setdllcharacteristics.vm.nuspec index 1aa9b0695..b2f121f2f 100644 --- a/packages/setdllcharacteristics.vm/setdllcharacteristics.vm.nuspec +++ b/packages/setdllcharacteristics.vm/setdllcharacteristics.vm.nuspec @@ -2,11 +2,11 @@ setdllcharacteristics.vm - 0.0.1 + 0.0.1.20240411 Didier Stevens A CLI tool for manipulating ASLR, DEP, and check signature flags of PE files - + diff --git a/packages/sharpdpapi.vm/sharpdpapi.vm.nuspec b/packages/sharpdpapi.vm/sharpdpapi.vm.nuspec index 7922dc75b..a4fc3b708 100644 --- a/packages/sharpdpapi.vm/sharpdpapi.vm.nuspec +++ b/packages/sharpdpapi.vm/sharpdpapi.vm.nuspec @@ -2,11 +2,11 @@ sharpdpapi.vm - 1.11.3.20240323 + 1.11.3.20240411 harmj0y SharpDPAPI is a C# port of some DPAPI functionality from @gentilkiwi's Mimikatz project. - + diff --git a/packages/sharpdump.vm/sharpdump.vm.nuspec b/packages/sharpdump.vm/sharpdump.vm.nuspec index 6451faa5f..4703a8ca0 100644 --- a/packages/sharpdump.vm/sharpdump.vm.nuspec +++ b/packages/sharpdump.vm/sharpdump.vm.nuspec @@ -2,11 +2,11 @@ sharpdump.vm - 0.0.0.20240323 + 0.0.0.20240411 HarmJ0y SharpDump is a C# port of PowerSploit's Out-Minidump.ps1 functionality. - + diff --git a/packages/sharpexec.vm/sharpexec.vm.nuspec b/packages/sharpexec.vm/sharpexec.vm.nuspec index b269430c6..f295ae58c 100644 --- a/packages/sharpexec.vm/sharpexec.vm.nuspec +++ b/packages/sharpexec.vm/sharpexec.vm.nuspec @@ -2,11 +2,11 @@ sharpexec.vm - 0.0.0.20240323 + 0.0.0.20240411 anthemtotheego SharpExec is an offensive security C# tool designed to aid with lateral movement. - + diff --git a/packages/sharphound.vm/sharphound.vm.nuspec b/packages/sharphound.vm/sharphound.vm.nuspec index 23a3e0cf0..bac6ab3ee 100644 --- a/packages/sharphound.vm/sharphound.vm.nuspec +++ b/packages/sharphound.vm/sharphound.vm.nuspec @@ -2,11 +2,11 @@ sharphound.vm - 2.3.3 + 2.3.3.20240411 specterops SharpHound is an Active Directory ingester tool for BloodHound. - + diff --git a/packages/sharpsecdump.vm/sharpsecdump.vm.nuspec b/packages/sharpsecdump.vm/sharpsecdump.vm.nuspec index b9ee91b01..3b7f9ab44 100644 --- a/packages/sharpsecdump.vm/sharpsecdump.vm.nuspec +++ b/packages/sharpsecdump.vm/sharpsecdump.vm.nuspec @@ -2,11 +2,11 @@ sharpsecdump.vm - 0.0.0.20240323 + 0.0.0.20240411 G0ldenGunSec .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py - + diff --git a/packages/sharpup.vm/sharpup.vm.nuspec b/packages/sharpup.vm/sharpup.vm.nuspec index 1da18ab91..b7235f01b 100644 --- a/packages/sharpup.vm/sharpup.vm.nuspec +++ b/packages/sharpup.vm/sharpup.vm.nuspec @@ -2,11 +2,11 @@ sharpup.vm - 0.0.0.20240323 + 0.0.0.20240411 harmj0y SharpUp is a C# port of various PowerUp functionality for auditing potential privilege escalation paths. - + diff --git a/packages/sharpview.vm/sharpview.vm.nuspec b/packages/sharpview.vm/sharpview.vm.nuspec index 00068ce99..2e5097c05 100644 --- a/packages/sharpview.vm/sharpview.vm.nuspec +++ b/packages/sharpview.vm/sharpview.vm.nuspec @@ -2,11 +2,11 @@ sharpview.vm - 0.0.0.20240323 + 0.0.0.20240411 tevora .NET port of PowerView used for information gathering within Active Directory - + diff --git a/packages/sharpwmi.vm/sharpwmi.vm.nuspec b/packages/sharpwmi.vm/sharpwmi.vm.nuspec index 9adf9b02b..bf2b18102 100644 --- a/packages/sharpwmi.vm/sharpwmi.vm.nuspec +++ b/packages/sharpwmi.vm/sharpwmi.vm.nuspec @@ -2,11 +2,11 @@ sharpwmi.vm - 0.0.0.20240323 + 0.0.0.20240411 HarmJ0y SharpWMI is a C# implementation of various WMI functionality. - + diff --git a/packages/shellbags_explorer.vm/shellbags_explorer.vm.nuspec b/packages/shellbags_explorer.vm/shellbags_explorer.vm.nuspec index 13fe2f843..32e47fd69 100644 --- a/packages/shellbags_explorer.vm/shellbags_explorer.vm.nuspec +++ b/packages/shellbags_explorer.vm/shellbags_explorer.vm.nuspec @@ -2,11 +2,11 @@ shellbags_explorer.vm - 2.0.0.20231208 + 2.0.0.20240411 Eric Zimmerman GUI for browsing shellbags data. Handles locked files - + diff --git a/packages/situational-awareness-bof.vm/situational-awareness-bof.vm.nuspec b/packages/situational-awareness-bof.vm/situational-awareness-bof.vm.nuspec index 1b0a7d709..4f157c712 100644 --- a/packages/situational-awareness-bof.vm/situational-awareness-bof.vm.nuspec +++ b/packages/situational-awareness-bof.vm/situational-awareness-bof.vm.nuspec @@ -2,11 +2,11 @@ situational-awareness-bof.vm - 0.0.0.20240323 + 0.0.0.20240411 trustedsec Provides a set of basic situational awareness commands implemented in a Beacon Object File (BOF). This allows you to perform some checks on a host before you begin executing commands that may be more invasive. - + diff --git a/packages/spoolsample.vm/spoolsample.vm.nuspec b/packages/spoolsample.vm/spoolsample.vm.nuspec index 3f8812b26..a8c5000aa 100644 --- a/packages/spoolsample.vm/spoolsample.vm.nuspec +++ b/packages/spoolsample.vm/spoolsample.vm.nuspec @@ -2,11 +2,11 @@ spoolsample.vm - 0.0.0.20240323 + 0.0.0.20240411 tifkin_, harmj0y, enigma0x3 PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. - + diff --git a/packages/sqlecmd.vm/sqlecmd.vm.nuspec b/packages/sqlecmd.vm/sqlecmd.vm.nuspec index 2f8f3e1e0..5fe94c78b 100644 --- a/packages/sqlecmd.vm/sqlecmd.vm.nuspec +++ b/packages/sqlecmd.vm/sqlecmd.vm.nuspec @@ -2,11 +2,11 @@ sqlecmd.vm - 1.0.0.20231208 + 1.0.0.20240411 Eric Zimmerman Find and process SQLite files according to your needs with maps! - + diff --git a/packages/srumecmd.vm/srumecmd.vm.nuspec b/packages/srumecmd.vm/srumecmd.vm.nuspec index 23c350ef7..2fb67156e 100644 --- a/packages/srumecmd.vm/srumecmd.vm.nuspec +++ b/packages/srumecmd.vm/srumecmd.vm.nuspec @@ -2,11 +2,11 @@ srumecmd.vm - 0.5.1.20231208 + 0.5.1.20240411 Eric Zimmerman Process SRUDB.dat and (optionally) SOFTWARE hive for network, process, and energy info! - + diff --git a/packages/statistically-likely-usernames.vm/statistically-likely-usernames.vm.nuspec b/packages/statistically-likely-usernames.vm/statistically-likely-usernames.vm.nuspec index 2e4512b96..69ec6c80b 100644 --- a/packages/statistically-likely-usernames.vm/statistically-likely-usernames.vm.nuspec +++ b/packages/statistically-likely-usernames.vm/statistically-likely-usernames.vm.nuspec @@ -2,11 +2,11 @@ statistically-likely-usernames.vm - 0.0.0.20240323 + 0.0.0.20240411 insidetrust This resource contains wordlists for creating statistically likely usernames for use in username-enumeration, simulated password-attacks and other security testing tasks. - + diff --git a/packages/stracciatella.vm/stracciatella.vm.nuspec b/packages/stracciatella.vm/stracciatella.vm.nuspec index 331a8a33a..c544b66d5 100644 --- a/packages/stracciatella.vm/stracciatella.vm.nuspec +++ b/packages/stracciatella.vm/stracciatella.vm.nuspec @@ -2,11 +2,11 @@ stracciatella.vm - 0.7.0.20240323 + 0.7.0.20240411 mgeeky Powershell runspace from within C# (aka SharpPick technique) with AMSI, ETW and Script Block Logging disabled. - + diff --git a/packages/streamdivert.vm/streamdivert.vm.nuspec b/packages/streamdivert.vm/streamdivert.vm.nuspec index 83a8baedb..04e697dde 100644 --- a/packages/streamdivert.vm/streamdivert.vm.nuspec +++ b/packages/streamdivert.vm/streamdivert.vm.nuspec @@ -2,11 +2,11 @@ streamdivert.vm - 1.1 + 1.1.0.20240411 jellever StreamDivert has the ability to relay all incoming SMB connections to port 445 to another server, or only relay specific incoming SMB connections from a specific set of source IP's to another server. - + diff --git a/packages/sumecmd.vm/sumecmd.vm.nuspec b/packages/sumecmd.vm/sumecmd.vm.nuspec index 8a0f14abd..8f060ffee 100644 --- a/packages/sumecmd.vm/sumecmd.vm.nuspec +++ b/packages/sumecmd.vm/sumecmd.vm.nuspec @@ -2,11 +2,11 @@ sumecmd.vm - 0.5.2.20231208 + 0.5.2.20240411 Eric Zimmerman Process Microsoft User Access Logs found under "C:\Windows\System32\LogFiles\SUM" - + diff --git a/packages/systeminformer.vm/systeminformer.vm.nuspec b/packages/systeminformer.vm/systeminformer.vm.nuspec index baa59e443..fb7ca32be 100644 --- a/packages/systeminformer.vm/systeminformer.vm.nuspec +++ b/packages/systeminformer.vm/systeminformer.vm.nuspec @@ -2,11 +2,11 @@ systeminformer.vm - 3.0.7353 + 3.0.7353.20240411 winsiderss A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. - + diff --git a/packages/syswhispers2.vm/syswhispers2.vm.nuspec b/packages/syswhispers2.vm/syswhispers2.vm.nuspec index 75c9f2051..bc198ffdf 100644 --- a/packages/syswhispers2.vm/syswhispers2.vm.nuspec +++ b/packages/syswhispers2.vm/syswhispers2.vm.nuspec @@ -2,11 +2,11 @@ syswhispers2.vm - 0.0.0.20240323 + 0.0.0.20240411 jthuraisamy SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls. - + diff --git a/packages/syswhispers3.vm/syswhispers3.vm.nuspec b/packages/syswhispers3.vm/syswhispers3.vm.nuspec index 5685d6a34..d1dc39056 100644 --- a/packages/syswhispers3.vm/syswhispers3.vm.nuspec +++ b/packages/syswhispers3.vm/syswhispers3.vm.nuspec @@ -2,11 +2,11 @@ syswhispers3.vm - 0.0.0.20240323 + 0.0.0.20240411 klezVirus SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls. - + diff --git a/packages/teamfiltration.vm/teamfiltration.vm.nuspec b/packages/teamfiltration.vm/teamfiltration.vm.nuspec index ee77acba8..a20e52370 100644 --- a/packages/teamfiltration.vm/teamfiltration.vm.nuspec +++ b/packages/teamfiltration.vm/teamfiltration.vm.nuspec @@ -2,11 +2,11 @@ teamfiltration.vm - 3.5.0.20230713 + 3.5.0.20240411 Flangvik TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts. - + diff --git a/packages/timeline_explorer.vm/timeline_explorer.vm.nuspec b/packages/timeline_explorer.vm/timeline_explorer.vm.nuspec index c4ad5abe2..37aaa3e2a 100644 --- a/packages/timeline_explorer.vm/timeline_explorer.vm.nuspec +++ b/packages/timeline_explorer.vm/timeline_explorer.vm.nuspec @@ -2,11 +2,11 @@ timeline_explorer.vm - 2.0.0.20240321 + 2.0.0.20240411 Eric Zimmerman View CSV and Excel files, filter, group, sort, etc. with ease - + diff --git a/packages/trustedsec-remote-ops-bof.vm/trustedsec-remote-ops-bof.vm.nuspec b/packages/trustedsec-remote-ops-bof.vm/trustedsec-remote-ops-bof.vm.nuspec index f8f187c09..73e699e2f 100644 --- a/packages/trustedsec-remote-ops-bof.vm/trustedsec-remote-ops-bof.vm.nuspec +++ b/packages/trustedsec-remote-ops-bof.vm/trustedsec-remote-ops-bof.vm.nuspec @@ -2,11 +2,11 @@ truestedsec-remote-ops-bof.vm - 0.0.0.20240323 + 0.0.0.20240411 trustedsec Addition to Situational Awareness BOFs intended for single task Windows primitives such as creating a task, stopping a service, etc. - + diff --git a/packages/unhook-bof.vm/unhook-bof.vm.nuspec b/packages/unhook-bof.vm/unhook-bof.vm.nuspec index c59fbdcd6..80d09d1e4 100644 --- a/packages/unhook-bof.vm/unhook-bof.vm.nuspec +++ b/packages/unhook-bof.vm/unhook-bof.vm.nuspec @@ -2,11 +2,11 @@ unhook-bof.vm - 0.0.0.20240323 + 0.0.0.20240411 rsmudge, physics-sec This is a Beacon Object File to refresh DLLs and remove their hooks. The code is from Cylance's Universal Unhooking research. - + diff --git a/packages/uniextract2.vm/uniextract2.vm.nuspec b/packages/uniextract2.vm/uniextract2.vm.nuspec index dc89bd615..66cd9426b 100644 --- a/packages/uniextract2.vm/uniextract2.vm.nuspec +++ b/packages/uniextract2.vm/uniextract2.vm.nuspec @@ -2,11 +2,11 @@ uniextract2.vm - 2.0.0.20231220 + 2.0.0.20240411 Universal Extractor 2 is an unofficial updated and extended version of the original UniExtract by Jared Breland. William Engelmann (Bioruebe) - + diff --git a/packages/upx.vm/upx.vm.nuspec b/packages/upx.vm/upx.vm.nuspec index a2c293ea7..3273cd90c 100644 --- a/packages/upx.vm/upx.vm.nuspec +++ b/packages/upx.vm/upx.vm.nuspec @@ -2,11 +2,11 @@ upx.vm - 4.2.3 + 4.2.3.20240411 markus-oberhumer UPX is a free, secure, portable, extendable, high-performance executable packer for several executable formats. - + diff --git a/packages/vscmount.vm/vscmount.vm.nuspec b/packages/vscmount.vm/vscmount.vm.nuspec index 10e0f2a6d..342cd1da0 100644 --- a/packages/vscmount.vm/vscmount.vm.nuspec +++ b/packages/vscmount.vm/vscmount.vm.nuspec @@ -2,11 +2,11 @@ vscmount.vm - 1.5.0.20231208 + 1.5.0.20240411 Eric Zimmerman Mount all VSCs on a drive letter to a given mount point - + diff --git a/packages/whisker.vm/whisker.vm.nuspec b/packages/whisker.vm/whisker.vm.nuspec index a6369685c..088579070 100644 --- a/packages/whisker.vm/whisker.vm.nuspec +++ b/packages/whisker.vm/whisker.vm.nuspec @@ -2,11 +2,11 @@ whisker.vm - 0.0.0.20240323 + 0.0.0.20240411 Elad Shamir Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account. - + diff --git a/packages/wxtcmd.vm/wxtcmd.vm.nuspec b/packages/wxtcmd.vm/wxtcmd.vm.nuspec index 155f38a0e..720a1964f 100644 --- a/packages/wxtcmd.vm/wxtcmd.vm.nuspec +++ b/packages/wxtcmd.vm/wxtcmd.vm.nuspec @@ -2,11 +2,11 @@ wxtcmd.vm - 1.0.0.20231208 + 1.0.0.20240411 Eric Zimmerman Windows 10 Timeline database parser - +