Real Intelligence Threat Analytics Real Intelligence Threat Analytics (RITA) is an open-source framework for network traffic analysis. The framework ingests Bro Logs, and currently supports the following analysis features: Beaconing Detection: Search for signs of...
strace – the Linux syscall tracer strace is a diagnostic, debugging, and instructional userspace utility for Linux. It is used to monitor and tamper with interactions between processes and the Linux kernel, which include...
PANIX PANIX is a highly customizable Linux persistence tool for security research, detection engineering, penetration testing, CTFs and more. It prioritizes functionality over stealth and is easily detectable. PANIX is supported on popular distributions...
BloodHound BloodHound CE is a security tool that uses graph theory to reveal the hidden and often unintended relationships within an Active Directory or Entra ID (formerly known as Azure AD) environment. Attackers can...
Snort++ Snort 3 is the next generation Snort IPS (Intrusion Prevention System). This version of Snort++ includes new features as well as all Snort 2.X features and bug fixes for the base version...
brutespray Brutespray has been updated to golang. Without needing to rely on other tools this version will be extensible to bruteforce many different services and is way faster than its Python counterpart. Currently, Brutespray...
BunkerWeb BunkerWeb is a next-generation and open-source Web Application Firewall (WAF). Being a full-featured web server (based on NGINX under the hood), it will protect your web services to make them “secure by default”. BunkerWeb integrates...
opensquat openSquat is an opensource Intelligence (OSINT) R&D project to identify cybersquatting threats to specific companies or domains, such as: Domain squatting Typosquatting IDN homograph attacks Phishing Scams It does support some key features such as:...
DeadPotato DeadPotato is a Windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the original GodPotato source code by...
Wazuh Wazuh helps you gain deeper security visibility into your infrastructure by monitoring hosts at an operating system and application level. This solution, based on lightweight multi-platform agents, provides the following capabilities: Log...