Security Operations

Encode or encrypt strings to various hashes and formats, including MD5, SHA1, SHA256, URL encoding, Base64, and Base85.

The Proxmark III is a versatile device for sniffing, reading, and cloning RFID tags with strong community support.

Open-source observable analysis engine and companion tool for TheHive platform

A multi-threaded, feedback-driven evolutionary fuzzer that uses low-level process monitoring to discover security vulnerabilities in software applications.

PlumHound is a reporting engine that converts BloodHoundAD's Neo4J queries into operational security reports for analyzing Active Directory vulnerabilities and attack paths.

MFT and USN parser for direct extraction in filesystem timeline format with YARA rule support.

A high-level C++ library for creating and decoding network packets with a Scapy-like interface.

A simplified UI for showing honeypot alarms for the DTAG early warning system

Uploader honeypot designed to look like poor website security.

A cheat sheet providing examples of creating reverse shells for penetration testing.

Access a repository of Analytic Stories and security guides mapped to industry frameworks, with Splunk searches, machine learning algorithms, and playbooks for threat detection and response.

Open source penetration testing tool for detecting and exploiting command injection vulnerabilities.

A library to access the Windows New Technology File System (NTFS) format with read-only support for NTFS versions 3.0 and 3.1.

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets.

Emulates Docker HTTP API with event logging and AWS deployment script.

A simple Telnet honeypot program that logs login attempts and credentials from botnet attacks, specifically designed to track Mirai botnet activity.

An API for constructing and injecting network packets with additional functionality.

ezXSS is a testing framework that helps penetration testers and bug bounty hunters identify Cross Site Scripting vulnerabilities, especially blind XSS attacks.

Exploiting WordPress With Metasploit, containing 45 modules for exploits and auxiliaries.

Incident response and digital forensics tool for transforming data sources and logs into graphs.

DFIR ORC Documentation provides detailed instructions for setting up the build environment and deploying the tool.

A hardware security validation toolkit for x86 platforms that provides bootable tools for checking platform configuration registers and managing SecureBoot keys.

A honeypot that simulates an exposed networked printer using PJL protocol to capture and log attacker interactions through a virtual filesystem.

An open-source shellcode and PE packer for creating and managing portable executable files.