Open Source

A contribution guide that provides guidelines and instructions for developers to contribute custom activities to the Ayehu IT automation platform through GitHub pull requests.

Allstar is a GitHub App that continuously monitors repositories and organizations for security policy violations, creating alerts when best practices are not followed.

IronBee is an open source web application security sensor framework that provides detection and prevention capabilities for web application vulnerabilities.

A command line steganography tool that uses LSB technique to hide files within images without visible alteration.

A PHP library that provides secure data encryption capabilities using keys or passwords, designed to minimize implementation errors.

An educational repository providing structured lab materials and scripts for learning container technologies and their internal mechanisms.

A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing, utilizing Message Query Language (MQL) for behavior description.

Open-source honeypot tool for detecting and analyzing malicious activities in the Apache Struts exploit.

A repository of officially managed detection rules for the Falco runtime security monitoring system that identifies threats, abnormal behaviors, and compliance violations through syscall and container event analysis.

Prowler is an open source multi-cloud security assessment tool that performs audits, compliance checks, and security evaluations across AWS, Azure, GCP, and Kubernetes environments.

Needle is a discontinued open source modular framework for iOS application security assessments that was compatible with iOS 9 and iOS 10 before being replaced by Objection.

AuditJS is a command-line tool that scans JavaScript projects for known vulnerabilities and outdated packages in npm dependencies using the OSS Index API or Nexus IQ Server.

An open-source policy-as-code platform that analyzes multi-cloud and SaaS environments using SQL and YAML policies with GPT integration for security, cost, and architecture assessments.

Apache Spot is an open source big data platform that analyzes network flows and packet data to identify security threats and provide visibility into enterprise computing environments.

Unfurl is a URL analysis tool that extracts and visualizes data from URLs, breaking them down into components and presenting the information visually.

GridPot is a honeypot framework that combines GridLAB-D, Conpot, and libiec61850 to simulate industrial control systems and detect attacks on power grid infrastructure.

Preflight is a Go-based verification tool that helps organizations validate scripts and executables to prevent supply chain attacks by enabling secure self-compilation and trusted distribution methods.

A collection of tools and resources for threat hunters.

FuzzDB is an open-source dictionary of attack patterns and predictable resource locations for dynamic application security testing and vulnerability discovery.

A Yara ruleset designed to detect PHP shells and other webserver malware for malware analysis and threat detection.

Fridump is an open source memory dumping tool that uses the Frida framework to extract accessible memory addresses from iOS, Android, and Windows applications for security testing and analysis.

Assesses AWS accounts for subdomain hijacking via Route53/CloudFront

NodeSecure is a cybersecurity project that provides security monitoring and analysis capabilities specifically designed for Node.js applications.

A Burp Suite plugin that extracts keywords from HTTP responses using regex patterns and tests for reflected XSS vulnerabilities within the target scope.