Python

A Python library that provides an interface to query ThreatCrowd's API for threat intelligence data including email, IP, domain, and antivirus reports with built-in caching capabilities.

Unfurl is a URL analysis tool that extracts and visualizes data from URLs, breaking them down into components and presenting the information visually.

GridPot is a honeypot framework that combines GridLAB-D, Conpot, and libiec61850 to simulate industrial control systems and detect attacks on power grid infrastructure.

An unofficial Python API that enables programmatic searching, browsing, and downloading of Android apps from Google Play Store.

Incident response framework focused on remote live forensics

A semi-automatic tool to generate YARA rules from virus samples.

A Python framework for building custom Command and Control interfaces that implements Cobalt Strike's External C2 specification for data transfer between frameworks.

angr is a Python-based binary analysis framework that provides disassembly, symbolic execution, and program analysis capabilities for cross-platform binary examination.

A free book providing design and implementation guidelines for writing secure programs in various languages.

A post-exploitation framework for attacking AWS infrastructure, enabling attacks on EC2 instances without SSH keypairs and extraction of AWS secrets and parameters.

A Python tool that uses AWS Cloud Control API to enumerate and catalog AWS resources across specified accounts and regions, outputting results in JSON format.

Open source application for retrieving passwords stored on a local computer with support for various software and platforms.

ISF (Industrial Exploitation Framework) - An exploitation framework for industrial systems with various ICS protocol clients and exploit modules.

A Python library that simplifies format string vulnerability exploitation by providing tools for payload generation, memory manipulation, and automated parameter detection.

Watchmen is a framework that centralizes AWS Config rule lambda functions into a single account for streamlined compliance management and automation.

A tool for signature analysis of RTF files to detect potentially unique parts and malicious documents.

Assesses AWS accounts for subdomain hijacking via Route53/CloudFront

Modular honeypot based on Python with support for Siemens S7 protocol.

Metta is an information security preparedness tool for adversarial simulation.

ZAT is a Python package that processes and analyzes Zeek network security data using machine learning libraries like Pandas, scikit-learn, Kafka, and Spark.

A web-based tool that scrapes and organizes CTF writeups from ctftime.org with prioritization features and a local database for easy access.

Instructions for setting up SIREN, including downloading Linux dependencies, cloning the repository, setting up virtual environment, installing pip requirements, running SIREN, setting up Snort on Pi, and MySQL setup.

A Python-based command-line tool that scans websites for CORS misconfigurations by analyzing HTTP response headers to identify potential security vulnerabilities.

Ghidra is an NSA-developed software reverse engineering framework that provides disassembly, decompilation, and analysis tools for examining compiled code across multiple platforms and processor architectures.