Open-Source Vulnerability Discovery Tools
Security practitioners around the world rely on Tharros’ world-leading expertise in emerging threats and cutting-edge open-source tools for vulnerability scanning, research and disclosure.
Enhance and Accelerate Windows Vulnerability Discovery with Crassus
Use Crassus, Tharros’ vulnerability discovery tool, to uncover DLL hijacking and privilege escalation flaws in Windows. Crassus takes previous vulnerability discovery tools one step further by digging deeper, moving faster, and accelerating mitigation.
Dig Deeper, Faster with Crassus
Extend Privilege Escalation Finding Beyond Missing Files
To provide a complete discovery of DLL hijacking and privilege escalation flaws in Windows, Crassus does more than simply search scan for missing files. The tool also identifies when unprivileged users can manipulate or modify processes or load libraries.
Parse Raw PML Log Files
Crassus utilizes the SysInternals Process Monitor and parses raw PML log files, typically using Process Monitor to generate and then parse a boot log.
Generate Source Code with All Relevant Exports
Crassus will automatically generate source code for proxy DLLs for all missing DLLs that were identified. For instance, if an application is vulnerable to DLL Hijacking via version.dll, Crassus will create version.cpp and version.def files with all exports included. By default, the proxy DLLs will launch calc.exe. Build scripts are included to build the DLLs on Visual Studio or MinGW.
Utilize World-Leading Vulnerability Expertise
Speak to an expert and explore our cutting-edge open-source tools for vulnerability discovery, research, and disclosure.
Explore Additional Solutions
Ready to boldly move missions forward without the worry of cyber intrusion? Explore our other solutions and find out how we can help solve your cybersecurity mission challenges.