Software
TrueCyber builds practical Windows tooling for offensive security work - software that lets you see exactly what an application is doing under the hood. Here is everything available right now.
inject · intercept · modify · capture
A Windows network-hooking framework that captures, inspects and rewrites a process's traffic before it is encrypted. Covers OpenSSL, Schannel, GnuTLS, wolfSSL, NSS, WinSock, WinINet, WinHTTP and File I/O - ideal for thick-client testing and applications that are not proxy-aware.
trace · inspect · understand
Trace Windows process calls and their arguments to better understand how an application behaves and executes. CallHook surfaces the API calls a target makes in real time - invaluable for reverse engineering, debugging and mapping an application's behaviour.