Framework

A Python framework for building custom Command and Control interfaces that implements Cobalt Strike's External C2 specification for data transfer between frameworks.

angr is a Python-based binary analysis framework that provides disassembly, symbolic execution, and program analysis capabilities for cross-platform binary examination.

AFE Android Framework for Exploitation is a framework that provides tools and techniques for exploiting vulnerabilities in Android devices and applications.

A cryptographic framework that secures software update systems by enabling publishers to sign content offline and consumers to verify authenticity through trusted verification mechanisms.

echoCTF is a cybersecurity framework for running Capture the Flag competitions and training exercises on real IT infrastructure.

CustomProcessor is a policy management tool that enables users to create and manage custom policies for IETF policy frameworks through a user-friendly interface.

SALO is a framework that generates synthetic log events for security testing and research without requiring actual infrastructure or triggering real events.

MCIR is a unified framework for building code injection vulnerability testbeds that combines SQL, XML, shell, and XSS injection testing tools with shared functionality and template-based extensibility.

Clevis is a pluggable framework that enables automated decryption of data and LUKS volumes through a pin-based plugin system.

Alpha release of External C2 framework for Cobalt Strike with enhanced data channels.

A Python-based framework that generates evidence of MITRE ATT&CK tactics to help blue teams test their detection capabilities against simulated malicious activities.

NightShade is a Django-based capture the flag framework that enables organizations to create and manage cybersecurity competitions with support for multiple contest formats and multi-tenant architecture.

Pacu is an open-source AWS exploitation framework designed for offensive security testing against cloud environments through modular attack capabilities.

A lightweight Command and Control (C2) implant written in Nim that provides remote access capabilities for penetration testing and red team operations.

A dynamic multi-cloud infrastructure framework that enables rapid deployment of disposable instances pre-loaded with security tools for distributed offensive and defensive security operations.

A web-based visualization tool for navigating and annotating MITRE ATT&CK matrices to support threat analysis, defensive planning, and security coverage assessment.

An open-source framework that detects and prevents dependency confusion attacks across multiple package management systems and development environments.

MiniCPS is a framework for real-time Cyber-Physical Systems simulation that supports physical process and control device simulation along with network emulation capabilities.

A framework for managing cyber threat intelligence in structured formats.

A COM Command & Control framework that uses JScript to provide fileless remote access capabilities on Windows systems through a modular plugin architecture.

A modular, cross-platform framework for creating repeatable, time-delayed security events and scenarios for Blue Team training and Red Team operations.

Havoc is a malleable post-exploitation command and control framework that provides a client-server architecture with payload generation, customizable C2 profiles, and team collaboration capabilities for red team operations.

AutoTTP automates complex attack sequences and testing scenarios for regression tests and research using frameworks like Empire, Metasploit, and Cobalt Strike.

A disassembly framework with support for multiple hardware architectures and clean API.