Skip to content

@NorthwaveSecurity Northwave Cyber Security

Change the repository type filter

All

    Repositories list

    33 repositories

    • passwordstate-decryptor

      Public
      PowerShell script that decrypts password entries from a Passwordstate server.
      powershellred-teampasswordstate
      powershellred-teampasswordstatedecryptor
      PowerShell
      72600Updated Feb 17, 2026Feb 17, 2026

    • sideloader

      Public
      Automatically find sideload opportunities and generate DLLs
      Python
      1000Updated Feb 16, 2026Feb 16, 2026

    • awesome-bof

      Public
      🧠 The ultimate resource for finding Beacon Object Files (BOFs).
      Python
      MIT License
      18000Updated Feb 9, 2026Feb 9, 2026

    • BOF-PE

      Public
      Northwave's BOF-PE implementations. Notably, an improved ldapsearch BOF.
      cobalt-strikebofstage1
      cobalt-strikebofstage1oc2outflank
      C++
      BSD 3-Clause "New" or "Revised" License
      31900Updated Jan 12, 2026Jan 12, 2026

    • DradisFS

      Public
      FUSE Filesystem for Dradis
      Python
      MIT License
      0210Updated Jan 5, 2026Jan 5, 2026

    • linkedin-crawler

      Public
      Obtain emails using the LinkedIn Graph API
      Python
      MIT License
      01100Updated Oct 1, 2025Oct 1, 2025

    • PIClin

      Public
      From C, Rust or Zig to binary shellcode compiler based on Mingw gcc. It allows using Win32 APIs and standard libraries without any changes to the source code.
      Python
      MIT License
      2100Updated Sep 4, 2025Sep 4, 2025

    • verifier

      Public
      Automatically generate evidence for issues
      Python
      MIT License
      0010Updated Jul 29, 2025Jul 29, 2025

    • iocs

      Public
      Python
      BSD 2-Clause "Simplified" License
      7000Updated Apr 1, 2025Apr 1, 2025

    • dradis-api

      Public
      Python API for Dradis
      Python
      Other
      3500Updated Feb 24, 2025Feb 24, 2025

    • code-crawler

      Public
      Search for strings in source code based on OWASP code review checklist
      Shell
      0010Updated Feb 12, 2025Feb 12, 2025

    • CS-Situational-Awareness-BOF

      Public
      Situational Awareness commands implemented using Beacon Object Files
      C
      GNU General Public License v2.0
      286000Updated Jul 31, 2024Jul 31, 2024

    • Dissect-ESXi

      Public
      Compiling Dissect which can run on ESXi
      Shell
      1410Updated Jul 19, 2024Jul 19, 2024

    • sslyze

      Public
      Check TLS security
      Python
      GNU Affero General Public License v3.0
      0001Updated Mar 20, 2024Mar 20, 2024

    • lilo-pulse-secure-decrypt

      Public
      LILO based Pulse Secure appliance disk image decryptor
      C
      31300Updated Mar 20, 2024Mar 20, 2024

    • wikiraider

      Public
      Want to crack passwords faster by using a wordlist that fits your 'target audience'? Use WikiRaider.
      attackwikipediadictionary
      attackwikipediadictionarypasswordbruteforcewordlisthashjohn-the-rippercrackhashcat
      Python
      MIT License
      84523Updated Feb 2, 2024Feb 2, 2024

    • kernel-mii

      Public
      Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.
      C
      MIT License
      243000Updated Jun 7, 2023Jun 7, 2023

    • pyrebox

      Public
      Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU
      C
      GNU General Public License v2.0
      250000Updated May 22, 2023May 22, 2023

    • fridax

      Public
      Fridax enables you to read variables and intercept/hook functions in Xamarin/Mono JIT and AOT compiled iOS/Android applications.
      androidiosxamarin
      androidiosxamarinfunctionsargumentsmonojitaotinterceptmodify
      JavaScript
      MIT License
      2318072Updated Apr 4, 2023Apr 4, 2023

    • complete_translation_leaked_chats_conti_ransomware

      Public
      Complete translation (EN) of the leaked files related to Conti (chat)
      31700Updated Jan 19, 2023Jan 19, 2023

    • api-client-python

      Public
      A Python API Client for Gophish
      Python
      MIT License
      47000Updated Jan 11, 2023Jan 11, 2023

    • cmstplua-uac-bypass

      Public
      Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.
      C
      MIT License
      30100Updated Oct 7, 2022Oct 7, 2022

    • lockbit3

      Public
      An assortment of scripts used in the analysis of Lockbit 3.0
      Python
      MIT License
      2600Updated Jul 22, 2022Jul 22, 2022

    • analysis_conti_ransomware_data_leak

      Public
      Analysis of Conti Ransomware Data Leaks
      0000Updated Jun 15, 2022Jun 15, 2022

    • log4jcheck

      Public
      A script that checks for vulnerable Log4j (CVE-2021-44228) systems using injection of the payload in common HTTP headers.
      log4jcheckerscanner
      log4jcheckerscannerrcecve-2021-44228log4shell
      Python
      2512621Updated Dec 14, 2021Dec 14, 2021

    • sentinel_versus_azure_calculator

      Public
      Validating the price of Azure Sentinel versus what is shown at Azure Calculator
      Jupyter Notebook
      1200Updated Apr 16, 2021Apr 16, 2021

    • azure_sentinel_learn_kql_lab

      Public
      Azure Sentinel: Learn the KQL you need for Azure Sentinel
      Jupyter Notebook
      41000Updated Feb 12, 2021Feb 12, 2021

    • o365-collect

      Public
      A collection of scripts that will help to collect data from Office365 tenants, such lists of contacts and s e-mail contents
      Python
      1300Updated Aug 4, 2020Aug 4, 2020

    • vagrant-sift

      Public
      Simple vagrant file for a SIFT workstation
      Other
      2000Updated Jul 9, 2020Jul 9, 2020

    • explaining-kql-seriesoutliers

      Public
      Explaining KQL series_outliers()
      Jupyter Notebook
      0000Updated Jul 6, 2020Jul 6, 2020
    ProTip! When viewing an organization's repositories, you can use the props. filter to filter by custom property.