A set of interrelated detection rules for improving detection and hunting visibility and context
DNS spoofer that drops DNS responses before they hit the router then replaces them with the spoofed DNS response. It can spoof all DNS lookup requests to point to a specific IP or redirect just a specific domain to a specific IP. Licensed under Copyright (c) 2013, Dan McInerney.
A set of interrelated detection rules for improving detection and hunting visibility and context
A free, open-source network protocol analyzer for capturing and displaying packet-level data.
Automated signature creation using honeypots for network intrusion detection systems.
A utility for splitting packet traces along TCP connection boundaries.
OpenSnitch is a GNU/Linux application firewall with interactive outbound connections filtering and system-wide domain blocking capabilities.
A tool for enumerating subdomains of a given domain