Home Services Products & Freebies Case Studies Our Tech Blog Contact us

We develop security tools and free software

Our company develops software - both commercial solutions for our customers and free tools and utilities that we share with the security community. We strongly believe that developing our very own security tools is the best way to gain in-depth understanding of internal workings of the operating systems & network. Our programs are small, fast and portable.

Our tools evolved as are result of two decades of continuous security research and combine our interest in security, algorithms and programming. Some are simple scripts, some are quite advanced applications requiring a lot of research. We share them with the hope they will help others to work more efficiently.

Find out more about our software:

   Create IDT/IDS files for IDA from MS libs with this script
   Calculate APPids with appid_calc.pl
   Convert Shellcode to Portable Executable with shell2exe
   Enumerate Pinned items on the Taskbar with pinenum
   Carve timestamps with timecraver
   Extract string islands with motu
   Explore file relationship for data reduction purposes with visualisation 'Filighting' tools
   Detect Compromise with Hexacorn Compromise Detector
   Intelligently extract 'strings' with HexDive
   Analyze malware with Hexacorn Application Monitor
   Decrypt 20+ Quarantine files+ hidden .exes DeXRAY
   Extract PE sections and their strings with PESectionExtractor
   Extract Russian strings from evidence with RUStrings.pl
   Detect timestomped and other suspicious PE files with PECluester
   Detect network sniffers with Hexacorn Sniffer Detector
   Explore keys covered by Regripper with 3R
   Develop RegRipper Plugins with 3RPG
   Discover hidden windows (keyloggers!) with Windows Disco

Older software - no longer available

   Extract 50000+ API strings from evidence with HAPI(discontinued use HexDive)
   Extract $MFT from live systems and images with Hexacorn $MFT Extractor(discontinued)

Content for id "BGimgDiv" Goes Here