Security Operations for Security Research

DorkSearch

Curated Google dork search tool for OSINT and web reconnaissance.

Zenyard RE Agent

AI agent for in-depth binary analysis and reverse engineering assistance.

Two Six Technologies

R&D firm providing cyber defense & operational tech for DoD and DHS.

Thinkst Applied Research

Deception-based breach detection tools including honeypots & canary tokens.

REDLattice

AI-assisted vulnerability research and advanced offensive cyber tooling firm.

The Honeynet Project

Open-source nonprofit org developing honeypot tools & threat research.

Cyborg Security HUNTER

Threat hunting platform with free hunt packages and educational resources.

Nightwing DejaVM

Whole-system emulation environment for software dev, debugging, testing & security

tko-subs

A tool for detecting and taking over subdomains with dead DNS records

Can I take over XYZ?

A list of services and how to claim (sub)domains with dangling DNS records.

dref

A DNS rebinding exploitation framework

Depix

A tool that recovers passwords from pixelized screenshots

Tugarecon

A subdomain enumeration tool for penetration testers and security researchers.

Puredns

A fast domain resolver and subdomain bruteforcing tool

Project Honey Pot

The Web's Largest Community Tracking Online Fraud & Abuse

Workbench

A scalable python framework for security research and development teams.

cowrie2neo

cowrie2neo parses Cowrie honeypot logs and imports the data into Neo4j databases for graph-based analysis and visualization of honeypot interactions.

InvalidSign

InvalidSign is a security research tool that bypasses endpoint solutions by obtaining valid signed files with different hashes to evade signature-based detection mechanisms.

Otseca

Open source security auditing tool to search and dump system configuration.

Masochist

A framework for creating XNU based rootkits for OS X and iOS security research

GridPot

GridPot is a honeypot framework that combines GridLAB-D, Conpot, and libiec61850 to simulate industrial control systems and detect attacks on power grid infrastructure.

MagSpoof

MagSpoof is a hardware device that emulates magnetic stripe cards using electromagnetic fields for security research and educational purposes.

HoneyFS

HoneyFS is an LLM-powered honeypot tool that generates realistic fake file systems using GPT-3.5 to deceive attackers and enhance security analysis.

CapTipper

CapTipper is a python tool to analyze, explore, and revive HTTP malicious traffic.