Security Research

Open source security auditing tool to search and dump system configuration.

Provides indicators of compromise (IOCs) to combat malware with Yara and Snort rules.

Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.

A tool that generates Yara rules for strings and their XOR encoded versions, as well as base64-encoded variations with different padding possibilities.

A repository providing centralized access to presentation slides from major cybersecurity conferences including Black Hat, Offensivecon, and REcon events.

A collection of security reports and resources documenting various Android application vulnerabilities including hardcoded credentials, insecure deeplinks, and code execution flaws.

A tool for quick and effective Yara rule creation to isolate malware families and malicious objects.

A comprehensive repository documenting security vulnerabilities in regular expressions used by Web Application Firewalls, including bypass examples and SAST tools for vulnerability identification.

A Java bytecode assembler and disassembler toolkit that converts classfiles to human-readable format and provides decompilation capabilities for reverse engineering Java applications.

An open-source Python software for creating honeypots and honeynets securely.

An industrial control system testing tool that enables security researchers to enumerate SCADA controllers, read register values, and modify register data across different testing modes.

An observation camera honeypot for proof-of-concept purposes

Falcon Sandbox is a malware analysis framework that provides in-depth static and dynamic analysis of files, offering hybrid analysis, behavior indicators, and integrations with various security tools.

cowrie2neo parses Cowrie honeypot logs and imports the data into Neo4j databases for graph-based analysis and visualization of honeypot interactions.

secrepo.com is a curated repository providing access to various cybersecurity datasets including Snort logs, LANL datasets, and other security research data for analysis and testing purposes.

Personal website of Collin R. Mulliner with a focus on security research and mobile platforms.

A publicly available dataset of security incidents designed to support cybersecurity research and threat analysis.

Cortex is a tool for analyzing observables at scale and automating threat intelligence, digital forensics, and incident response.

A collection of free cloud security research articles by Rhino Security Labs covering AWS, Azure, and GCP security topics including best practices, vulnerability assessments, and threat mitigation strategies.

A three-part educational series documenting techniques for achieving domain administrator privileges in Windows environments, covering attack methods, defenses, and remediation strategies.