Python

A command-line tool that analyzes SPF and DMARC records to identify domains vulnerable to email spoofing attacks.

Clinv is a command line DevSecOps asset inventory tool for tracking and managing digital assets across organizational infrastructure.

Malscan is a tool to scan process memory for YARA matches and execute Python scripts.

A Python tool that analyzes AWS CloudTrail data to summarize IAM principal activities, API calls, regions, IP addresses, and user agents with configurable timeframes and visualization options.

A Python script that scans Nexus Repository Manager for artifacts with identical names across repositories to identify dependency confusion attack vulnerabilities.

A Windows Registry hive extraction library that provides C API access for reading and writing registry binary files with XML export capabilities.

An educational project that teaches data analysis techniques for cybersecurity applications using Python tools like IPython, Pandas, and Scikit Learn through practical exercises and realistic scenarios.

GuardDog is a CLI tool that identifies malicious PyPI and npm packages using heuristics-based analysis of source code and metadata.

A modular Python tool that obfuscates Android applications by manipulating decompiled smali code, resources, and manifest files without requiring source code access.

Pwntools is a Python CTF framework and exploit development library that provides tools for rapid prototyping and development of exploits and CTF challenge solutions.

Threat hunting tool leveraging Windows events for identifying outliers and suspicious behavior.

A Python-based forensic tool for extracting and analyzing browser artifacts from Firefox, Iceweasel, and Seamonkey browsers on Unix and Windows systems.

A Security Information and Event Management (SIEM) system with a focus on security and minimalism.

A Python-based network hacking toolkit that implements various attack and reconnaissance techniques for educational purposes and network security learning.

A command-line tool that discovers and catalogs all AWS resources across an account using botocore, outputting results in JSON format.

A set of commands for exploit developers and reverse-engineers to enhance GDB functionality.

Parse YARA rules into a dictionary representation.

Distributed low interaction honeypot with Agent/Master design supporting various protocol handlers.

A digital forensics tool that extracts and analyzes Windows AppCompat and AmCache registry data for enterprise-scale forensic investigations.

An exploitation framework for industrial security with modules for controlling PLCs and scanning devices.

A Python-based Docker security audit tool that performs CIS benchmark assessments with customizable profiles and JSON reporting capabilities.

A honeypot specifically designed to detect and capture Log4Shell vulnerability exploitation attempts with payload analysis and flexible logging capabilities.

BleachBit is an open-source system cleaning utility that removes temporary files and system artifacts to free disk space and protect user privacy.

nyx is a threat intelligence artifact distribution system that facilitates the sharing of threat intelligence indicators from various sources to defensive security systems with configurable criticality levels.