Security Tool

Binwalk is a firmware analysis tool that enables reverse engineering and extraction of embedded file systems and archives from firmware images.

PyIOCe is a Python-based OpenIOC editor that enables security professionals to create, edit, and manage Indicators of Compromise for threat intelligence and incident response operations.

A GNU Emacs editor mode that provides syntax highlighting, indentation, and language server integration for editing YARA rule files.

A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)

A Python 3 tool for analyzing XOR-encrypted data that can guess key lengths and decrypt XOR ciphers based on character frequency analysis.

ClamAV is an open-source antivirus engine that detects trojans, viruses, malware, and other malicious threats.

A command-line tool that secures shell command history by clearing sensitive commands, displaying command summaries, and providing stash functionality for presentations across multiple shell environments.

Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for Linux, XML or JSONL/NDJSON Logs.

PyIntelOwl is a Python SDK and CLI client for interacting with IntelOwl's threat intelligence API to submit files and observables for automated security analysis.

An OCaml Ctypes wrapper for the YARA matching engine that enables malware identification capabilities in OCaml applications.

Tool for deleting logs on Linux/Windows servers.

Binkit is a binary analysis tool that merged with DarunGrim and incorporates its analysis algorithms, currently in internal testing before official release.

A honeypot system designed to detect and analyze potential security threats

A comprehensive reference guide covering Nessus vulnerability scanner configuration, management, API usage, and best practices.

Kubernetes security platform with industry standard open source utilities for securing Kubernetes clusters and apps.

A cross-platform security application that functions as a laptop kill cord, automatically locking or shutting down your computer when physically separated from you via a USB connection.

A command-line password manager that encrypts credentials using GnuPG and stores them in YAML files with git synchronization support.

A Vim syntax-highlighting plugin for YARA rules that supports versions up to v4.3 and provides enhanced code readability for malware analysts.

A hybrid honeypot framework that combines low and high interaction honeypots for network security

A multi-cloud DNS security tool that detects dangling DNS records and potential subdomain takeover vulnerabilities by scanning cloud infrastructure and DNS zones.

A Go-based tool for discovering and inventorying internet-facing AWS assets across single or multiple accounts to help maintain comprehensive cloud attack surface visibility.

FIR is a Python-based cybersecurity incident management platform designed for CSIRTs, CERTs, and SOCs to create, track, and report security incidents.

A key and secret validation workflow tool built in Rust, supporting over 30 providers and exporting to JSON or CSV.

A PowerShell module for interacting with VirusTotal to analyze suspicious files and URLs.