aqlmap - A tool to extract information from ArangoDB through AQL injection. See the introductory blogpost.
awstracer - An Anvil CLI utility that will allow you to trace and replay AWS commands.
awssig - Anvil Secure's Burp extension for signing AWS requests with SigV4.
ByteBanter - A Burp Suite extension that leverages LLMs to generate context-aware payloads for Burp Intruder. See the introductory blogpost.
dawgmon - Dawg the hallway monitor: monitor operating system changes and analyze introduced attack surface when installing software. See the introductory blogpost.
GhidraGarminApp - A Ghidra processor and loader for Garmin watch applications. See the introductory blogpost.
HANAlyzer - A tool that automates SAP HANA security checks and outputs clear HTML reports. See the introductory blogpost.
IPAAutoDec - A tool that decrypts IPA files end-to-end via SSH. See the introductory blogpost.
nanopb-decompiler - Our nanopb-decompiler is an IDA python script that can recreate .proto files from binaries compiled with 0.3.x, and 0.4.x versions of nanopb. See the introductory blogpost.
PQCscan - A scanner that can determine whether SSH and TLS servers support PQC algorithms. See the introductory blogpost.
SAPCARve - A utility Python script for manipulating SAP's SAR archive files. See the introductory blogpost.
ulexecve - A tool to execute ELF binaries on Linux directly from userland. See the introductory blogpost.
usb-racer - A tool for pentesting TOCTOU issues with USB storage devices.