Skip to content
@WithSecureLabs

WithSecure Labs

Welcome to WithSecure Labs. Here we publish research, and share our tools with the security community.

Popular repositories Loading

  1. chainsaw chainsaw Public

    Rapidly Search and Hunt through Windows Forensic Artefacts

    Rust 3.2k 288

  2. doublepulsar-detection-script doublepulsar-detection-script Public

    A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.

    Python 1k 315

  3. python-exe-unpacker python-exe-unpacker Public

    A helper script for unpacking and decompiling EXEs compiled from python code.

    Python 954 341

  4. CallStackSpoofer CallStackSpoofer Public

    A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)

    C++ 505 68

  5. LinuxCatScale LinuxCatScale Public

    Incident Response collection and processing scripts with automated reporting scripts

    Shell 306 57

  6. Kanvas Kanvas Public

    A simple-to-use IR (incident response) case management tool for tracking and documenting investigations.

    Python 279 40

Repositories

Showing 10 of 41 repositories
  • chainsaw Public

    Rapidly Search and Hunt through Windows Forensic Artefacts

    WithSecureLabs/chainsaw’s past year of commit activity
    Rust 3,201 GPL-3.0 288 11 (1 issue needs help) 2 Updated Jul 5, 2025
  • Kanvas Public

    A simple-to-use IR (incident response) case management tool for tracking and documenting investigations.

    WithSecureLabs/Kanvas’s past year of commit activity
    Python 279 GPL-3.0 40 3 0 Updated Jul 3, 2025
  • iocs Public
    WithSecureLabs/iocs’s past year of commit activity
    Python 15 BSD-2-Clause 4 0 0 Updated Jun 26, 2025
  • CallStackSpoofer Public

    A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)

    WithSecureLabs/CallStackSpoofer’s past year of commit activity
    C++ 505 Apache-2.0 68 1 0 Updated Apr 8, 2025
  • tau-engine Public

    A document tagging library

    WithSecureLabs/tau-engine’s past year of commit activity
    Rust 30 MIT 4 0 0 Updated Mar 27, 2025
  • deject Public

    Memory dump and Sample analysis tool

    WithSecureLabs/deject’s past year of commit activity
    Python 14 GPL-3.0 1 0 0 Updated Mar 17, 2025
  • mongo-rs Public

    A higher-level wrapper on top of the official bson & mongodb crates.

    WithSecureLabs/mongo-rs’s past year of commit activity
    Rust 17 MIT 5 5 0 Updated Dec 3, 2024
  • python-exe-unpacker Public

    A helper script for unpacking and decompiling EXEs compiled from python code.

    WithSecureLabs/python-exe-unpacker’s past year of commit activity
    Python 954 GPL-3.0 341 18 4 Updated Aug 15, 2024
  • LinuxCatScale Public

    Incident Response collection and processing scripts with automated reporting scripts

    WithSecureLabs/LinuxCatScale’s past year of commit activity
    Shell 306 GPL-3.0 57 0 0 Updated Jun 25, 2024
  • hl7magic Public

    A Burp extension to allow for easy modification of HL7 messages sent to and from medical devices.

    WithSecureLabs/hl7magic’s past year of commit activity
    Python 6 Apache-2.0 2 0 0 Updated Mar 25, 2024
View all repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.