Skip to content
@WithSecureLabs

WithSecure Labs

Welcome to WithSecure Labs. Here we publish research, and share our tools with the security community.

Popular repositories Loading

  1. chainsaw chainsaw Public

    Rapidly Search and Hunt through Windows Forensic Artefacts

    Rust 3.2k 291

  2. doublepulsar-detection-script doublepulsar-detection-script Public

    A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.

    Python 1k 313

  3. python-exe-unpacker python-exe-unpacker Public

    A helper script for unpacking and decompiling EXEs compiled from python code.

    Python 960 342

  4. CallStackSpoofer CallStackSpoofer Public

    A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)

    C++ 510 69

  5. Kanvas Kanvas Public

    A simple-to-use IR (incident response) case management tool for tracking and documenting investigations.

    Python 339 42

  6. LinuxCatScale LinuxCatScale Public

    Incident Response collection and processing scripts with automated reporting scripts

    Shell 305 56

Repositories

Showing 10 of 41 repositories
  • chainsaw Public

    Rapidly Search and Hunt through Windows Forensic Artefacts

    WithSecureLabs/chainsaw’s past year of commit activity
    Rust 3,227 GPL-3.0 291 11 (1 issue needs help) 2 Updated Jul 5, 2025
  • Kanvas Public

    A simple-to-use IR (incident response) case management tool for tracking and documenting investigations.

    WithSecureLabs/Kanvas’s past year of commit activity
    Python 339 GPL-3.0 42 2 0 Updated Jul 3, 2025
  • iocs Public
    WithSecureLabs/iocs’s past year of commit activity
    Python 16 BSD-2-Clause 4 0 0 Updated Jun 26, 2025
  • CallStackSpoofer Public

    A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)

    WithSecureLabs/CallStackSpoofer’s past year of commit activity
    C++ 510 Apache-2.0 69 1 0 Updated Apr 8, 2025
  • tau-engine Public

    A document tagging library

    WithSecureLabs/tau-engine’s past year of commit activity
    Rust 30 MIT 4 0 0 Updated Mar 27, 2025
  • deject Public

    Memory dump and Sample analysis tool

    WithSecureLabs/deject’s past year of commit activity
    Python 16 GPL-3.0 1 0 0 Updated Mar 17, 2025
  • mongo-rs Public

    A higher-level wrapper on top of the official bson & mongodb crates.

    WithSecureLabs/mongo-rs’s past year of commit activity
    Rust 17 MIT 5 5 0 Updated Dec 3, 2024
  • python-exe-unpacker Public

    A helper script for unpacking and decompiling EXEs compiled from python code.

    WithSecureLabs/python-exe-unpacker’s past year of commit activity
    Python 960 GPL-3.0 342 18 4 Updated Aug 15, 2024
  • LinuxCatScale Public

    Incident Response collection and processing scripts with automated reporting scripts

    WithSecureLabs/LinuxCatScale’s past year of commit activity
    Shell 305 GPL-3.0 56 0 0 Updated Jun 25, 2024
  • hl7magic Public

    A Burp extension to allow for easy modification of HL7 messages sent to and from medical devices.

    WithSecureLabs/hl7magic’s past year of commit activity
    Python 6 Apache-2.0 2 0 0 Updated Mar 25, 2024
View all repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.