Framework

OSTrICa is an open source plugin-based framework that collects and visualizes threat intelligence data from various sources to help cybersecurity professionals correlate IoCs and enhance their defensive capabilities.

FBCTF is a platform for hosting Jeopardy and King of the Hill style Capture the Flag competitions with support for various scales and participation models.

Themis is an open-source cryptographic services library that provides high-level encryption and data protection capabilities for securing data during authentication, storage, messaging, and network exchange.

ChopShop is a MITRE framework that helps analysts create pynids-based decoders and detectors for identifying APT tradecraft in network traffic.

SharpC2 is a C#-based Command and Control framework that provides remote access capabilities for penetration testing and red team operations.

A Python script for creating a cohesive and up-to-date penetration testing framework.

A Ruby framework designed to aid in the penetration testing of WordPress systems.

A framework for analyzing container images, running scripts inside containers, and gathering information for static analysis and policy enforcement.

A framework for creating standardized cybersecurity event schemas in JSON format that enables interoperability across security tools and platforms.

An open source network penetration testing framework with automatic recon and scanning capabilities.

A modular malware collection and processing framework with support for various threat intelligence feeds.

MITRE Caldera™ is an automated adversary emulation platform built on the MITRE ATT&CK framework that supports red team operations and incident response activities through a modular C2 server and plugin architecture.

Laika BOSS is a scalable object scanner and intrusion detection system that extracts child objects, applies security flags, and generates metadata from files for security analysis.

SILENTTRINITY is a Python-based, asynchronous C2 framework that uses .NET scripting languages for post-exploitation activities without relying on PowerShell.

WeirdAAL is an open-source framework that provides tools and libraries for simulating attacks and testing security vulnerabilities in AWS environments.

Unfetter is a reference implementation framework that collects events from client machines and performs CAR analytics using an ELK stack with Apache Spark to detect potential adversary activity.

CakeFuzzer is an automated vulnerability discovery tool specifically designed for identifying security issues in CakePHP web applications with minimal false positives.

Pupy is an open-source, cross-platform C2 framework that provides remote access and control capabilities for compromised systems across Windows, Linux, OSX, and Android platforms.

Cloudmarker is a configurable cloud monitoring tool and framework that audits Azure and GCP environments by retrieving, analyzing, and alerting on cloud security data.

An open-source penetration testing framework for social engineering with custom attack vectors.

CIRTKit is a DFIR console built on the Viper Framework that integrates various forensic tools and provides modules for packet analysis, memory analysis, and automated incident response workflows.

Python-based web server framework for setting up fake web servers and services with precise data responses.

A community-driven repository and development framework for creating custom automation activities within the Ayehu NG IT orchestration platform.

CTFd is a web-based framework for creating and managing Capture The Flag cybersecurity competitions with customizable challenges, scoring systems, and team management capabilities.