Framework

A Python-based framework that generates evidence of MITRE ATT&CK tactics to help blue teams test their detection capabilities against simulated malicious activities.

NightShade is a Django-based capture the flag framework that enables organizations to create and manage cybersecurity competitions with support for multiple contest formats and multi-tenant architecture.

Pacu is an open-source AWS exploitation framework designed for offensive security testing against cloud environments through modular attack capabilities.

A lightweight Command and Control (C2) implant written in Nim that provides remote access capabilities for penetration testing and red team operations.

A dynamic multi-cloud infrastructure framework that enables rapid deployment of disposable instances pre-loaded with security tools for distributed offensive and defensive security operations.

A web-based visualization tool for navigating and annotating MITRE ATT&CK matrices to support threat analysis, defensive planning, and security coverage assessment.

An open-source framework that detects and prevents dependency confusion attacks across multiple package management systems and development environments.

MiniCPS is a framework for real-time Cyber-Physical Systems simulation that supports physical process and control device simulation along with network emulation capabilities.

A framework for managing cyber threat intelligence in structured formats.

A COM Command & Control framework that uses JScript to provide fileless remote access capabilities on Windows systems through a modular plugin architecture.

A modular, cross-platform framework for creating repeatable, time-delayed security events and scenarios for Blue Team training and Red Team operations.

Havoc is a malleable post-exploitation command and control framework that provides a client-server architecture with payload generation, customizable C2 profiles, and team collaboration capabilities for red team operations.

AutoTTP automates complex attack sequences and testing scenarios for regression tests and research using frameworks like Empire, Metasploit, and Cobalt Strike.

A disassembly framework with support for multiple hardware architectures and clean API.

OSTrICa is an open source plugin-based framework that collects and visualizes threat intelligence data from various sources to help cybersecurity professionals correlate IoCs and enhance their defensive capabilities.

FBCTF is a platform for hosting Jeopardy and King of the Hill style Capture the Flag competitions with support for various scales and participation models.

Themis is an open-source cryptographic services library that provides high-level encryption and data protection capabilities for securing data during authentication, storage, messaging, and network exchange.

ChopShop is a MITRE framework that helps analysts create pynids-based decoders and detectors for identifying APT tradecraft in network traffic.

SharpC2 is a C#-based Command and Control framework that provides remote access capabilities for penetration testing and red team operations.

A Python script for creating a cohesive and up-to-date penetration testing framework.

A Ruby framework designed to aid in the penetration testing of WordPress systems.

A framework for analyzing container images, running scripts inside containers, and gathering information for static analysis and policy enforcement.

A framework for creating standardized cybersecurity event schemas in JSON format that enables interoperability across security tools and platforms.

An open source network penetration testing framework with automatic recon and scanning capabilities.