Security Operations

A payload creation framework for generating and executing C# code payloads with anti-evasion capabilities for offensive security operations.

Syntax, indent, and filetype detection for YARA rule files with auto-indenting and error display in quickfix window.

A honeypot system that allows you to set up a decoy API to detect and analyze potential security threats.

Abusing DNSAdmins privilege for escalation in Active Directory

Event Log Explorer is a software solution for viewing, analyzing, and monitoring events recorded in Microsoft Windows event logs, offering advanced features and efficient filtering capabilities.

A new age tool for binary analysis that uses statistical visualizations to help find patterns in large amounts of binary data.

Open source security auditing tool to search and dump system configuration.

A Hadoop library for reading and querying PCAP files

WeirdAAL is an open-source framework that provides tools and libraries for simulating attacks and testing security vulnerabilities in AWS environments.

A static analysis framework for extracting key characteristics from various file formats

Altoro Mutual offers online banking, real estate financing, business credit cards, retirement solutions, and prioritizes privacy and security.

Honeyntp is an NTP honeypot and logging tool that captures NTP packets into a Redis database to detect DDoS attacks and monitor network time protocol traffic.

A honeypot tool to mimic the router backdoor 'TCP32764' found in various router firmwares, providing a way to test for vulnerabilities.

A powerful penetration testing platform for identifying vulnerabilities and weaknesses in computer systems.

Go bindings for YARA with installation and build instructions.

A command-line tool for analyzing and extracting detailed information from Windows Portable Executable (PE) files.

A training program that teaches security professionals how to conduct penetration testing and attack simulations against AWS and Azure cloud infrastructure.

bap is a webservice honeypot that logs HTTP basic authentication credentials.

An Ansible role that automates the deployment and management of Bifrozt honeypots for network security monitoring.

Fake SSH server that sends push notifications for login attempts

A PowerShell toolkit for penetration testing Microsoft Azure environments, providing discovery, configuration auditing, and post-exploitation capabilities.

A digital artifact extraction framework for extracting data from volatile memory (RAM) samples, providing visibility into the runtime state of a system.

Powershell Threat Hunting Module for scanning remote endpoints and collecting comprehensive information.

A command-line tool that parses Google Protobuf encoded data without schema definitions and displays the content in a readable, colored format.