IRIS – Incident Response Investigation System IRIS is a web collaborative platform for incident response analysts allowing them to share investigations at a technical level. It’s a web application, so it can be either...
OXO Scan Orchestration Engine OXO is a security scanning framework built for modularity, scalability, and simplicity. OXO Engine combines specialized tools to work cohesively to find vulnerabilities and perform actions like recon, enumeration, fingerprinting,...
nullinux nullinux is an internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB null sessions. Unlike many of the enumeration tools...
SEMA – ToolChain using Symbolic Execution for Malware Analysis SEMA is based on angr, a symbolic execution engine used to extract API calls. Especially, we extend ANGR with strategies to create representative signatures based...
DNS Diagnostics and Performance Measurement Tools Ever been wondering if your ISP is hijacking your DNS traffic? Ever observed any misbehavior with your DNS responses? Ever been redirected to wrong address and suspected something is...
osctrl osctrl is a fast and efficient osquery management solution, implementing its remote API as a TLS endpoint. With osctrl, you can monitor all your systems running osquery, distribute its configuration fast, collect all the status and result logs,...
NetAlertX – Network scanner & notification framework Get visibility of what’s going on on your WIFI/LAN network. Schedule scans for devices, port changes and get alerts if unknown devices or changes are found. Write...
BotKube BotKube integration with Slack, Mattermost, or Microsoft Teams helps you monitor your Kubernetes cluster, debug critical deployments, and gives recommendations for standard practices by running checks on the Kubernetes resources. You can also ask BotKube to execute...
chainsaw – Rapidly Search and Hunt through Windows Event Logs Chainsaw provides a powerful “first-response” capability to quickly identify threats within Windows event logs. It offers a generic and fast method of searching through...
Tempest Tempest is a command and control framework written in 100% Rust. TEMPEST COMPONENTS: anvil – server 2 servers with APIs. All APIs are authenticated and unauth-discovery resistent. sqlite local database internal functions (building imps,...