RDFP
Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.
BruteShark is a Network Forensic Analysis Tool (NFAT) that performs deep processing and inspection of network traffic, including password extracting, network mapping, TCP session reconstruction, encrypted password hash extraction, and conversion to Hashcat format for offline Brute Force attacks. It aims to assist security researchers and network administrators in identifying network weaknesses. It offers both a GUI-based application for Windows and a Command Line Interface tool for Windows and Linux, with independent project modules for network traffic analysis on Linux or Windows machines.
Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
A multiplatform C++ library for capturing, parsing, and crafting network packets with support for various network protocols.
Netcap efficiently converts network packets into structured audit records for machine learning algorithms, using Protocol Buffers for encoding.
A tool for discovering open S3 Buckets starting from a domain using various techniques such as crawling and DNS crawling.
A set of Bro/Zeek scripts that detect ATT&CK-based adversarial activity and raise notices