Open Source

SkyWrapper analyzes temporary token behaviors in AWS accounts to detect suspicious activities and generates Excel reports with findings summaries.

A nodejs web application honeypot designed for small environments like Raspberry Pi to capture and analyze malicious web-based attacks.

A Mac OS X code injection library that enables copying code into target processes and remotely executing it through new thread creation.

A community-driven repository and development framework for creating custom automation activities within the Ayehu NG IT orchestration platform.

CVE Ape is an open source tool that creates a local CVE database from the National Vulnerability Database for offline vulnerability searching by package name, vendor, or OS components.

Interactive incremental disassembler with data/control flow analysis capabilities.

A Java-based API tool for programmatically searching and downloading Android applications from Google Play Store with Galaxy S3 device compatibility.

A Bash completion script that provides auto-completion functionality for Android SDK command-line tools including adb, emulator, fastboot, and repo.

A comprehensive repository of open-source security tools organized by attack phases for red team operations, adversary simulation, and threat hunting purposes.

An open-source Python software for creating honeypots and honeynets securely.

JD-GUI is a graphical Java decompiler that reconstructs and displays source code from compiled ".class" files for reverse engineering and code analysis purposes.

GitHub is a web-based platform that provides Git version control hosting and collaborative software development tools for managing code repositories and projects.

A community-driven GRC solution that is simple, affordable, and open-source.

A curated list documenting open-source projects that incorporate political protests in their software, ranging from messages to conditional malware.

ASH is an automated security scanning tool that integrates multiple open-source security scanners to perform preliminary security checks on code, infrastructure, and IAM configurations during development.

An open source DDoS protection system that uses distributed algorithms to defend against multi-vector attacks and scale to handle varying bandwidth requirements for network operators and service providers.

A community repository of custom AWS Config rules for evaluating AWS resource configurations against compliance and security standards.

Do Not Disturb is a free open-source macOS security tool that detects unauthorized physical access to laptops.

Amass is an open-source OWASP tool for comprehensive attack surface mapping and asset discovery through domain reconnaissance and subdomain enumeration.

secrepo.com is a curated repository providing access to various cybersecurity datasets including Snort logs, LANL datasets, and other security research data for analysis and testing purposes.

A recognition framework for identifying products, services, operating systems, and hardware by matching fingerprints against network probes.

ZAP is an open-source web application security scanner that helps identify vulnerabilities through automated scanning and manual testing capabilities.

A repository of public applications for the Shuffle security orchestration platform that enables automated security workflows and integrations.

A full-featured reconnaissance framework for web-based reconnaissance with a modular design.