Network Security
Explore 147 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
PINNED
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
LATEST ADDITIONS
An enterprise resilience platform providing self-healing security solutions for endpoints, applications, and network access with firmware-embedded technology to ensure systems remain visible, connected, and protected.
An enterprise resilience platform providing self-healing security solutions for endpoints, applications, and network access with firmware-embedded technology to ensure systems remain visible, connected, and protected.
An automated DDoS vulnerability testing platform that continuously evaluates DDoS protection systems without causing operational downtime.
An automated DDoS vulnerability testing platform that continuously evaluates DDoS protection systems without causing operational downtime.
A platform that maps enterprise attack surfaces by consolidating asset inventory, prioritizing vulnerabilities based on exposure, and providing contextual visualization of security risks.
A platform that maps enterprise attack surfaces by consolidating asset inventory, prioritizing vulnerabilities based on exposure, and providing contextual visualization of security risks.
A network forensics toolkit that transforms network traffic data into graph-based representations for interactive analysis and visualization through a web interface.
A network forensics toolkit that transforms network traffic data into graph-based representations for interactive analysis and visualization through a web interface.
A low-interaction honeypot that simulates network services to detect and monitor potential intrusion attempts on internal networks.
A low-interaction honeypot that simulates network services to detect and monitor potential intrusion attempts on internal networks.
An IP address intelligence API that provides geolocation data and threat detection capabilities for IPv4 and IPv6 addresses.
An IP address intelligence API that provides geolocation data and threat detection capabilities for IPv4 and IPv6 addresses.
OpenVAS is an open-source vulnerability scanner that provides extensive testing capabilities for identifying security weaknesses in networks and systems.
OpenVAS is an open-source vulnerability scanner that provides extensive testing capabilities for identifying security weaknesses in networks and systems.
Arkime is an open-source network capture and analysis tool that provides comprehensive network visibility, facilitating swift identification and resolution of security and network issues.
Arkime is an open-source network capture and analysis tool that provides comprehensive network visibility, facilitating swift identification and resolution of security and network issues.
Prisma SASE is a cloud-delivered service integrating network security, SD-WAN, and user experience management for comprehensive protection and optimization of hybrid work environments.
Prisma SASE is a cloud-delivered service integrating network security, SD-WAN, and user experience management for comprehensive protection and optimization of hybrid work environments.
LogRhythm NetMon is a network traffic analytics tool that provides real-time visibility, automated threat detection, and investigation capabilities for organizational networks.
LogRhythm NetMon is a network traffic analytics tool that provides real-time visibility, automated threat detection, and investigation capabilities for organizational networks.
Akamai Guardicore Segmentation is a microsegmentation tool that provides network visibility, policy creation, and enforcement to prevent lateral movement and protect critical assets in diverse IT environments.
Akamai Guardicore Segmentation is a microsegmentation tool that provides network visibility, policy creation, and enforcement to prevent lateral movement and protect critical assets in diverse IT environments.
Darktrace is a cyber security solution that uses AI to detect and prevent cyber attacks in real-time.
Darktrace is a cyber security solution that uses AI to detect and prevent cyber attacks in real-time.
A collaborative platform that gathers and analyzes security data to help professionals identify and mitigate cyber threats.
A collaborative platform that gathers and analyzes security data to help professionals identify and mitigate cyber threats.
A DNS rebinding attack framework for security researchers and penetration testers.
A DNS rebinding attack framework for security researchers and penetration testers.
NFStream is a multiplatform Python framework for network flow data analysis with a focus on speed and flexibility.
NFStream is a multiplatform Python framework for network flow data analysis with a focus on speed and flexibility.
Scan the internet for publicly exposed network components
Scan the internet for publicly exposed network components
WireGuard is a fast, simple, and secure VPN that uses cutting-edge cryptography, designed for ease of use and performance.
WireGuard is a fast, simple, and secure VPN that uses cutting-edge cryptography, designed for ease of use and performance.
A script for extracting network metadata and fingerprints such as JA3 and HASSH from packet capture files or live network traffic.
A script for extracting network metadata and fingerprints such as JA3 and HASSH from packet capture files or live network traffic.
A collection of PCAPs for ICS/SCADA utilities and protocols with the option for users to contribute.
A tool for analyzing TCP packet traces with color support.
pfSense is a leading open source firewall and network security solution, providing advanced protection and connectivity options.
pfSense is a leading open source firewall and network security solution, providing advanced protection and connectivity options.
Open source software for leveraging insights from flow and packet analysis to identify potential security threats or attacks.
Open source software for leveraging insights from flow and packet analysis to identify potential security threats or attacks.
A utility for splitting packet traces along TCP connection boundaries.
Tcpreplay is a suite of Open Source utilities for editing and replaying captured network traffic.
Tcpreplay is a suite of Open Source utilities for editing and replaying captured network traffic.
Tang is a server for binding data to network presence, providing an easy and secure alternative to key escrow.
Tang is a server for binding data to network presence, providing an easy and secure alternative to key escrow.
A foundational guide for using deception against computer network adversaries using honeypots to detect adversaries before they accomplish their goals.
A foundational guide for using deception against computer network adversaries using honeypots to detect adversaries before they accomplish their goals.
A list of most queried domains based on passive DNS usage across the Umbrella global network.
A list of most queried domains based on passive DNS usage across the Umbrella global network.
A utility to generate malicious network traffic for security evaluation.
A utility to generate malicious network traffic for security evaluation.
A set of Bro/Zeek scripts that detect ATT&CK-based adversarial activity and raise notices
A set of Bro/Zeek scripts that detect ATT&CK-based adversarial activity and raise notices
A service for better visibility on networking issues in Kubernetes clusters by detecting traffic denied by iptables.
A service for better visibility on networking issues in Kubernetes clusters by detecting traffic denied by iptables.
A suite of tools for Wi-Fi network security assessment and penetration testing.
A suite of tools for Wi-Fi network security assessment and penetration testing.
A new approach to computer network defense that leverages knowledge about advanced persistent threats, using a kill chain model to describe phases of intrusions and map adversary kill chain indicators to defender courses of action.
A new approach to computer network defense that leverages knowledge about advanced persistent threats, using a kill chain model to describe phases of intrusions and map adversary kill chain indicators to defender courses of action.
CapTipper is a python tool to analyze, explore, and revive HTTP malicious traffic.
CapTipper is a python tool to analyze, explore, and revive HTTP malicious traffic.
Honeytrap is a low-interaction honeypot and network security tool with various modes of operation and plugin support for catching attacks against TCP and UDP services.
Honeytrap is a low-interaction honeypot and network security tool with various modes of operation and plugin support for catching attacks against TCP and UDP services.
Tcpreplay is a network traffic editing and replay tool used for testing network devices and applications.
Tcpreplay is a network traffic editing and replay tool used for testing network devices and applications.
A framework for generating log events without the need for infrastructure, allowing for simple, repeatable, and randomized log event creation.
A framework for generating log events without the need for infrastructure, allowing for simple, repeatable, and randomized log event creation.
A tool for classifying packets into flows based on 4-tuple without additional processing.
A tool for classifying packets into flows based on 4-tuple without additional processing.
App-Ray offers comprehensive security analysis and compliance solutions for mobile applications.
App-Ray offers comprehensive security analysis and compliance solutions for mobile applications.
testssl.sh is a free command line tool for checking server's TLS/SSL configurations with clear and machine-readable output.
testssl.sh is a free command line tool for checking server's TLS/SSL configurations with clear and machine-readable output.
Makes output from the tcpdump program easier to read and parse.
Low interaction MySQL honeypot with various configuration options.
A set of Go-based emulators for testing network security and analyzing network traffic.
A set of Go-based emulators for testing network security and analyzing network traffic.
A network protocol panic button operating decentralized through UDP broadcasts and HTTP, intended for sensitive networks to prevent cold boot attacks.
A network protocol panic button operating decentralized through UDP broadcasts and HTTP, intended for sensitive networks to prevent cold boot attacks.
Discover and understand the Docker Layer 2 ICC Bug and its implications on inter-container communication.
Discover and understand the Docker Layer 2 ICC Bug and its implications on inter-container communication.
A technique to encode data within DNS queries for covert communication channels.
A technique to encode data within DNS queries for covert communication channels.
A comprehensive list of search filters for the SHODAN search engine.
A comprehensive list of search filters for the SHODAN search engine.
A Fake Protocol Server tool with support for multiple network services and protocols.
A Fake Protocol Server tool with support for multiple network services and protocols.
LaBrea is a 'sticky' honeypot and IDS tool that traps malicious actors by creating virtual servers on unused IP addresses.
LaBrea is a 'sticky' honeypot and IDS tool that traps malicious actors by creating virtual servers on unused IP addresses.
A super-simple, modern framework for organizing and automating cybersecurity tasks.
A super-simple, modern framework for organizing and automating cybersecurity tasks.
Best practices for corporate network segmentation to protect against basic targeted attacks
Best practices for corporate network segmentation to protect against basic targeted attacks
Open-source abuse management toolkit for automating and improving the abuse handling process.
Open-source abuse management toolkit for automating and improving the abuse handling process.
A technique to associate applications with TLS parameters for identifying malware and vulnerable applications.
A technique to associate applications with TLS parameters for identifying malware and vulnerable applications.
Tool for setting up Glutton, a cybersecurity tool for monitoring SSH traffic.
Tool for setting up Glutton, a cybersecurity tool for monitoring SSH traffic.
Impost is a powerful network security auditing tool with honey pot and packet sniffer capabilities.
Impost is a powerful network security auditing tool with honey pot and packet sniffer capabilities.
A tracker that detects and logs SYN packets with a specific signature generated by the Mirai malware, providing real-time information on Mirai-based campaigns.
A tracker that detects and logs SYN packets with a specific signature generated by the Mirai malware, providing real-time information on Mirai-based campaigns.
A wrapper around jNetPcap for packet capturing with Clojure, available for Linux and Windows.
A wrapper around jNetPcap for packet capturing with Clojure, available for Linux and Windows.
An open-source network security monitoring tool.
A robust endpoint security solution that offers data security, network security, and advanced threat prevention, all managed from a single console to protect your devices and data.
A robust endpoint security solution that offers data security, network security, and advanced threat prevention, all managed from a single console to protect your devices and data.
An SDN honeypot tool for detecting and analyzing malicious activities in Software-Defined Networking environments.
An SDN honeypot tool for detecting and analyzing malicious activities in Software-Defined Networking environments.
An OpenFlow honeypot that detects unused IP addresses and simulates network traffic to attract and analyze potential threats
An OpenFlow honeypot that detects unused IP addresses and simulates network traffic to attract and analyze potential threats
A next-generation network scanner for identifying security configuration weaknesses in devices like routers, firewalls, and switches.
A next-generation network scanner for identifying security configuration weaknesses in devices like routers, firewalls, and switches.
Symantec Enterprise Cloud provides comprehensive cybersecurity for large enterprises, with a focus on data-centric hybrid security and innovation in threat and data protection.
Symantec Enterprise Cloud provides comprehensive cybersecurity for large enterprises, with a focus on data-centric hybrid security and innovation in threat and data protection.
A honeypot system designed to detect and analyze potential security threats
A honeypot system designed to detect and analyze potential security threats
BPF+ is a generalized packet filter framework that achieves both high-level expressiveness and good performance for network monitoring and intrusion detection applications.
BPF+ is a generalized packet filter framework that achieves both high-level expressiveness and good performance for network monitoring and intrusion detection applications.
Snort 3 is the next generation Snort IPS with enhanced features and improved cross-platform support.
Snort 3 is the next generation Snort IPS with enhanced features and improved cross-platform support.
TCPFLOW is a tool for capturing data transmitted over TCP connections.
A KDE Plasma 4 widget that displays real-time traffic information for active network connections on Linux computers.
A KDE Plasma 4 widget that displays real-time traffic information for active network connections on Linux computers.
Cisco Umbrella is a cloud security platform that offers protection against threats on the internet by blocking malicious activity.
Cisco Umbrella is a cloud security platform that offers protection against threats on the internet by blocking malicious activity.
SharpPrinter enables efficient discovery of network printers for security and management purposes.
SharpPrinter enables efficient discovery of network printers for security and management purposes.
Nmap is an essential network scanning tool used for network security auditing and status monitoring.
Nmap is an essential network scanning tool used for network security auditing and status monitoring.
High-speed packet capture library with user-level network socket.
A tool that reads IP packets from the network or a tcpdump save file and writes an ASCII summary of the packet data.
A tool that reads IP packets from the network or a tcpdump save file and writes an ASCII summary of the packet data.
Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.
Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.
Dataplane.org is a nonprofit organization providing free data, tools, and analysis to increase awareness of Internet trends, anomalies, threats, and misconfigurations.
Dataplane.org is a nonprofit organization providing free data, tools, and analysis to increase awareness of Internet trends, anomalies, threats, and misconfigurations.
A multi-threaded intrusion detection system using Yara for network and stream IDS
A multi-threaded intrusion detection system using Yara for network and stream IDS
A multiplatform C++ library for capturing, parsing, and crafting network packets with support for various network protocols.
A multiplatform C++ library for capturing, parsing, and crafting network packets with support for various network protocols.
Heimdal Enterprise provides a unified cybersecurity platform with advanced network and endpoint security solutions, including threat hunting and privileged access management.
Heimdal Enterprise provides a unified cybersecurity platform with advanced network and endpoint security solutions, including threat hunting and privileged access management.
Nebula is a scalable overlay networking tool emphasizing performance, simplicity, and security.
Nebula is a scalable overlay networking tool emphasizing performance, simplicity, and security.
A specialized packet sniffer for displaying and logging HTTP traffic, designed to capture, parse, and log traffic for later analysis.
A specialized packet sniffer for displaying and logging HTTP traffic, designed to capture, parse, and log traffic for later analysis.
Snort is an open source intrusion prevention system that uses rules to detect and prevent malicious network activity.
Snort is an open source intrusion prevention system that uses rules to detect and prevent malicious network activity.
Network Dump data Displayer and Editor framework for tcpdump trace files manipulation.
Network Dump data Displayer and Editor framework for tcpdump trace files manipulation.
Open source framework for network traffic analysis with advanced features.
Open source framework for network traffic analysis with advanced features.
A subset of the Modern Honey Network project set up to run in docker, including hpfeeds broker, cowrie honeypot, and dionaea honeypot.
A TCP-based traceroute implementation that bypasses firewall filters to trace the path to a destination.
A TCP-based traceroute implementation that bypasses firewall filters to trace the path to a destination.
Identify unintended network access to AWS resources and ensure network security by analyzing network reachability conditions.
Identify unintended network access to AWS resources and ensure network security by analyzing network reachability conditions.
Yaraprocessor allows for scanning data streams in unique ways and dynamic scanning of payloads from network packet captures.
Yaraprocessor allows for scanning data streams in unique ways and dynamic scanning of payloads from network packet captures.
A Linux command-line tool that allows you to kill in-progress TCP connections based on a filter expression, useful for libnids-based applications that require a full TCP 3-way handshake for TCB creation.
A Linux command-line tool that allows you to kill in-progress TCP connections based on a filter expression, useful for libnids-based applications that require a full TCP 3-way handshake for TCB creation.
A multi-threading tool for sniffing HTTP header records with support for offline and live sniffing, TCP flow statistics, and JSON output.
A multi-threading tool for sniffing HTTP header records with support for offline and live sniffing, TCP flow statistics, and JSON output.
A simple Docker-based honeypot to detect port scanning
A Docker analysis tool for identifying potential security vulnerabilities and weaknesses in Docker environments
A Docker analysis tool for identifying potential security vulnerabilities and weaknesses in Docker environments
Automated signature creation using honeypots for network intrusion detection systems.
Automated signature creation using honeypots for network intrusion detection systems.
A powerful command-line packet analyzer and a portable C/C++ library for network traffic capture with comprehensive documentation.
A powerful command-line packet analyzer and a portable C/C++ library for network traffic capture with comprehensive documentation.
Netcap efficiently converts network packets into structured audit records for machine learning algorithms, using Protocol Buffers for encoding.
Netcap efficiently converts network packets into structured audit records for machine learning algorithms, using Protocol Buffers for encoding.
Passive Network Audit Framework (PNAF) v0.1.2 provides passive network auditing capabilities and is now a project of COSMIC-Chapter of The Honeynet Project.
Passive Network Audit Framework (PNAF) v0.1.2 provides passive network auditing capabilities and is now a project of COSMIC-Chapter of The Honeynet Project.
SecurityWeek provides comprehensive cybersecurity news and analysis across various security domains.
SecurityWeek provides comprehensive cybersecurity news and analysis across various security domains.
An open source network penetration testing framework with automatic recon and scanning capabilities.
An open source network penetration testing framework with automatic recon and scanning capabilities.
Freely available network IOCs for monitoring and incident response
Open source security-oriented language for describing protocols and applying security policies on captured traffic.
Open source security-oriented language for describing protocols and applying security policies on captured traffic.
A hybrid honeypot framework that combines low and high interaction honeypots for network security
A hybrid honeypot framework that combines low and high interaction honeypots for network security
replayproxy allows you to 're-live' a HTTP session captured in a .pcap file, parsing HTTP streams, caching them, and starting a HTTP proxy to reply to requests with matching responses.
replayproxy allows you to 're-live' a HTTP session captured in a .pcap file, parsing HTTP streams, caching them, and starting a HTTP proxy to reply to requests with matching responses.
A command line tool for running SQL queries on PCAP files with various output options and a simplistic web-server.
A command line tool for running SQL queries on PCAP files with various output options and a simplistic web-server.
A comprehensive guide to network security monitoring, teaching readers how to detect and respond to intrusions using open source software and vendor-neutral tools.
A comprehensive guide to network security monitoring, teaching readers how to detect and respond to intrusions using open source software and vendor-neutral tools.
Visualize and analyze network relationships with AfterGlow
6Guard is an IPv6 attack detector sponsored by Google Summer of Code 2012 and supported by The Honeynet Project organization.
6Guard is an IPv6 attack detector sponsored by Google Summer of Code 2012 and supported by The Honeynet Project organization.
A Graphical Realism Framework for Industrial Control Simulation organized as 5 VirtualBox VMs for realistic ICS network simulation.
A Graphical Realism Framework for Industrial Control Simulation organized as 5 VirtualBox VMs for realistic ICS network simulation.
A database of Tor exit nodes with their corresponding IP addresses and timestamps.
A database of Tor exit nodes with their corresponding IP addresses and timestamps.
Romana automates cloud native network creation and secures applications with a distributed firewall.
Romana automates cloud native network creation and secures applications with a distributed firewall.
AWS Network Firewall provides fine-grained control over network traffic and enables easy deployment of firewall security.
AWS Network Firewall provides fine-grained control over network traffic and enables easy deployment of firewall security.
Tcpdump is a command-line packet analyzer for capturing and analyzing network traffic.
Tcpdump is a command-line packet analyzer for capturing and analyzing network traffic.
A powerful interactive packet manipulation program and library for network exploration and security testing.
A powerful interactive packet manipulation program and library for network exploration and security testing.
A network recon framework including tools for passive and active recon
A network recon framework including tools for passive and active recon
AhnLab PLUS is a unified security platform providing comprehensive cybersecurity solutions for businesses.
AhnLab PLUS is a unified security platform providing comprehensive cybersecurity solutions for businesses.
A nonprofit security organization that collects and shares threat data to make the Internet more secure.
A nonprofit security organization that collects and shares threat data to make the Internet more secure.
Passively maps and visually displays ICS/SCADA network topology for network security
Passively maps and visually displays ICS/SCADA network topology for network security
Cybersecurity industry portal offering articles, tools, and resources.
A suite for man in the middle attacks, featuring sniffing of live connections, content filtering, and protocol dissection.
A suite for man in the middle attacks, featuring sniffing of live connections, content filtering, and protocol dissection.
Open source DDoS protection system with centralized policy for network operators.
Open source DDoS protection system with centralized policy for network operators.
A simple honeypot that opens a listening socket and waits for connection attempts, with configurable reply and event handling
A simple honeypot that opens a listening socket and waits for connection attempts, with configurable reply and event handling
Network metadata capture and analysis tool
NECOMA focuses on data collection, threat analysis, and developing new cyberdefense mechanisms to protect infrastructure and endpoints.
NECOMA focuses on data collection, threat analysis, and developing new cyberdefense mechanisms to protect infrastructure and endpoints.
A guide outlining security considerations for using OpenLDAP Software, including selective listening and IP firewall capabilities.
Stenographer is a high-performance full-packet-capture utility for intrusion detection and incident response purposes.
Stenographer is a high-performance full-packet-capture utility for intrusion detection and incident response purposes.
High-performance packet capture library with zero copy functionality.
High-performance packet capture library with zero copy functionality.
Building Honeypots for Industrial Networks using Honeyd and simulating SCADA, DCS, and PLC architectures.
Building Honeypots for Industrial Networks using Honeyd and simulating SCADA, DCS, and PLC architectures.
A featured networking utility for reading and writing data across network connections with advanced capabilities.
A featured networking utility for reading and writing data across network connections with advanced capabilities.
A high-level C++ library for creating and decoding network packets with a Scapy-like interface.
A high-level C++ library for creating and decoding network packets with a Scapy-like interface.
A program to log login attempts on Telnet (port 23) and track the Mirai botnet
A program to log login attempts on Telnet (port 23) and track the Mirai botnet
An API for constructing and injecting network packets with additional functionality.
An API for constructing and injecting network packets with additional functionality.
Suricata offers real-time intrusion detection, intrusion prevention, and network monitoring.
Suricata offers real-time intrusion detection, intrusion prevention, and network monitoring.
A medium interaction printer honeypot that simulates a standard networked printer
A medium interaction printer honeypot that simulates a standard networked printer
A printer honeypot PoC that simulates a printer on a network to detect and analyze potential attackers.
A printer honeypot PoC that simulates a printer on a network to detect and analyze potential attackers.
Independent software vendor specializing in network security tools and network forensics.
Independent software vendor specializing in network security tools and network forensics.
AWS Shield provides managed DDoS protection for your applications, automatically detecting and mitigating sophisticated network-level DDoS events.
AWS Shield provides managed DDoS protection for your applications, automatically detecting and mitigating sophisticated network-level DDoS events.
DOS attack by sending fake BPDUs to disrupt switches' STP engines.
DOS attack by sending fake BPDUs to disrupt switches' STP engines.
A lookup service for AS-numbers and prefixes by country
A container of PCAP captures mapped to the relevant attack tactic
Netis Cloud Probe is an open source project for capturing and analyzing network packets across different machines.
Netis Cloud Probe is an open source project for capturing and analyzing network packets across different machines.
Monitors network traffic for suspicious activity and alerts when potential threats are detected.
Monitors network traffic for suspicious activity and alerts when potential threats are detected.
A Go-based honeypot server for detecting and logging attacker activity
A toolkit for forensic analysis of network appliances with YARA decoding options and frame extraction capabilities.
A toolkit for forensic analysis of network appliances with YARA decoding options and frame extraction capabilities.
Passive sniffer tool for analyzing traffic patterns.
OpenSnitch is a GNU/Linux application firewall with interactive outbound connections filtering and system-wide domain blocking capabilities.
OpenSnitch is a GNU/Linux application firewall with interactive outbound connections filtering and system-wide domain blocking capabilities.
Normalize, index, enrich, and visualize network capture data using Potiron.
Normalize, index, enrich, and visualize network capture data using Potiron.
A private network system utilizing WireGuard for enhanced networking capabilities.
A private network system utilizing WireGuard for enhanced networking capabilities.
Validate baseline cybersecurity skills with CompTIA Security+ certification.
Validate baseline cybersecurity skills with CompTIA Security+ certification.