#Credential-theft
Showing 3 of 3 repositories tagged #credential-theft, ranked by stars
ReversecLabs
physmem2profit
Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely
Score
0
★ 423
⑂ 74
—
C#
jestasecurity
thumper
Thumper is an open-source tripwire for the Shai-Hulud npm worm. Plant fake-but-realistic credentials where the worm scans - the instant one is read, you know the box might be breached. Free and built in the open by Jesta.
Score
100
★ 223
⑂ 13
—
Python
gensecaihq
Shai-Hulud-2.0-Detector
Detect npm packages compromised in the Shai-Hulud 2.0 supply chain attack (Nov 2025). Scans for 790+ malicious packages, suspicious scripts, TruffleHog activity, SHA1HULUD runners, and secrets exfiltration. GitHub Action with SARIF support.
Score
50
★ 141
⑂ 34
—
TypeScript