Python

Developer documentation providing REST API and SDK resources for ThreatConnect platform integration across Python, Java, and JavaScript environments.

Interactive incremental disassembler with data/control flow analysis capabilities.

An open-source Python software for creating honeypots and honeynets securely.

DroidBox is a dynamic analysis framework for Android applications that monitors runtime behavior, network activity, file operations, and security events while generating behavioral visualizations.

Converts OpenIOC v1.0 XML files into STIX Indicators, generating STIX v1.2 and CybOX v2.1 content.

A collection of Python scripts for conducting penetration testing activities against Amazon Web Services (AWS) environments.

An observation camera honeypot for proof-of-concept purposes

A Python utility that identifies and exploits domains vulnerable to AWS name server takeover attacks by detecting misconfigured DNS settings.

Principal Mapper is a Python tool that models AWS IAM configurations as directed graphs to identify privilege escalation risks and alternative attack paths in AWS environments.

A low to medium interaction honeypot with a variety of plugins for cybersecurity monitoring.

A Python telnet honeypot that emulates shell environments to capture and analyze IoT malware and botnet binaries through automated detection mechanisms.

Python exploitation tool for gaining root access to Sixnet RTUs in SCADA networks by exploiting application-level vulnerabilities.

A deliberately vulnerable web application written in under 100 lines of Python code for educational purposes and web security testing.

A full-featured reconnaissance framework for web-based reconnaissance with a modular design.

Open source penetration testing tool for detecting and exploiting command injection vulnerabilities.

A honeypot that simulates an exposed networked printer using PJL protocol to capture and log attacker interactions through a virtual filesystem.

Repository for IBM SOAR Apps source-code and development resources.

A modular and script-friendly multithread bruteforcer for managing task parameters in Python scripts.

hpfeeds is a lightweight authenticated publish-subscribe protocol with Python 3 compatible broker and client.

drozer is an open source Android security testing framework that identifies vulnerabilities in mobile apps and devices through Android Runtime and IPC endpoint interaction.

A portable forensic tool that detects encrypted containers like Truecrypt and Veracrypt by analyzing file headers, block cipher patterns, and entropy without external dependencies.

A Python utility that calculates RSA cryptographic parameters and generates OpenSSL-compatible private keys from prime numbers or modulus/exponent pairs.

A Cross-Platform Forensic Framework for Google Chrome that allows investigation of history, downloads, bookmarks, cookies, and provides a full report.

A command-line tool for analyzing Cowrie honeypot log files over time, generating statistics and visualizations from local or remote log data.