Python

Parse YARA rules into a dictionary representation.

Distributed low interaction honeypot with Agent/Master design supporting various protocol handlers.

A digital forensics tool that extracts and analyzes Windows AppCompat and AmCache registry data for enterprise-scale forensic investigations.

An exploitation framework for industrial security with modules for controlling PLCs and scanning devices.

A Python-based Docker security audit tool that performs CIS benchmark assessments with customizable profiles and JSON reporting capabilities.

A honeypot specifically designed to detect and capture Log4Shell vulnerability exploitation attempts with payload analysis and flexible logging capabilities.

BleachBit is an open-source system cleaning utility that removes temporary files and system artifacts to free disk space and protect user privacy.

nyx is a threat intelligence artifact distribution system that facilitates the sharing of threat intelligence indicators from various sources to defensive security systems with configurable criticality levels.

PEDA is a Python extension for GDB that enhances debugging with colorized displays and specialized commands for exploit development and binary security analysis.

An open source honeypot for NoSQL databases with support for Redis and additional features for detecting attackers and logging attack incidents.

FeatherDuster is a cryptanalysis tool that automatically identifies and exploits weaknesses in cryptographic systems by analyzing ciphertext files.

A scalable python framework for security research and development teams.

iOSForensic is a Python tool for forensic analysis on iOS devices, extracting files, logs, SQLite3 databases, and .plist files into XML.

AfterGlow Cloud is a Django-based web application that allows users to upload data and generate graph visualizations through a browser interface.

ChopShop is a MITRE framework that helps analysts create pynids-based decoders and detectors for identifying APT tradecraft in network traffic.

A robust Python implementation of TAXII Services with a friendly pythonic API.

Python-based client for IBM XForce Exchange with an improved version available.

Python script to parse macOS MRU plist files into human-friendly format

A Python script that performs security testing attacks against AWS Cognito services including account creation, user enumeration, and privilege escalation vulnerabilities.

A Python script for creating a cohesive and up-to-date penetration testing framework.

ssh-audit is a Python-based tool for auditing SSH server and client configurations to identify security weaknesses and ensure compliance with best practices.

House: A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.

YETI is a proof-of-concept TAXII implementation that supports Inbox, Poll, and Discovery services for automated cyber threat intelligence indicator exchange.

A tool for fixing acquired .evt Windows Event Log files in digital forensics.