Security Analysis

Red Hand Analyzer is an online tool that provides automated behavioral analysis of PCAP files to detect malicious network activities and security vulnerabilities without decrypting traffic content.

An attack surface management platform that discovers, maps, and monitors an organization's external digital assets to identify vulnerabilities and security weaknesses before they can be exploited.

An API security and monitoring platform that automatically discovers, validates, and protects API endpoints while providing comprehensive management and analytics capabilities.

Automated security design review platform for developers

A comprehensive analysis of AWS IAM Access Analyzer, evaluating its capabilities, limitations, and effectiveness in identifying publicly exposed AWS resources.

A security analysis tool that detects and analyzes open redirection vulnerabilities in web applications.

ConventionEngine is a Yara rule collection that analyzes PE files by examining PDB paths for suspicious keywords, terms, and anomalies that may indicate malicious software.

Access Undenied on AWS analyzes CloudTrail AccessDenied events to explain access denial reasons and provide least-privilege remediation suggestions.

A Golang-based container security scanner that identifies potential vulnerabilities and misconfigurations in container environments by checking namespacing, capabilities, security profiles, and host device mounts.

A security dataset and CTF platform available in full (16.4GB) and attack-only (3.2GB) versions, pre-indexed for Splunk to help security professionals practice analysis skills.

A tool for advanced HTTPD logfile security analysis and forensics, implementing various techniques to detect attacks against web applications.

NodeSecure is a cybersecurity project that provides security monitoring and analysis capabilities specifically designed for Node.js applications.

A cloud security assessment tool that collects cloud resource information, analyzes it against best practices, and generates compliance reports in multiple formats.

A cloud security analysis tool that creates digital twins of AWS environments using graph databases to identify attack paths and security misconfigurations through automated and manual rule-based assessments.

RiskInDroid is a machine learning-based tool that performs quantitative risk analysis of Android applications by reverse engineering bytecode and analyzing permission usage to generate numeric risk scores.

DECAF++ is a fast whole-system dynamic taint analysis framework with improved performance and elasticity.

A report on detecting lateral movement through tracking event logs, updated to include analysis of various tools and commands used by attackers.

Tool for visualizing correspondences between YARA ruleset and samples

DroidRA is an instrumentation-based Android security analysis tool that improves the accuracy of reflective call analysis through composite constant propagation techniques.

A dependency security analysis tool that identifies potential risks in project dependencies including unsafe lock files, installation scripts, obfuscated code, and dangerous shell commands.

A Python tool that analyzes AWS CloudTrail data to summarize IAM principal activities, API calls, regions, IP addresses, and user agents with configurable timeframes and visualization options.

A command-line tool that extracts manifest and configuration data from Docker registry images for security analysis and reconnaissance purposes.

CFRipper is a security analyzer for AWS CloudFormation templates that identifies vulnerabilities and misconfigurations before cloud deployment.

A Node.js tool that analyzes HTTP security headers on websites to identify missing or problematic security configurations.