ecapture capture SSL/TLS text content without CA cert by eBPF. eBPF is a revolutionary technology with origins in the Linux kernel that can run sandboxed programs in an operating system kernel. It is used...
Malcolm Malcolm is a powerful network traffic analysis tool suite designed with the following goals in mind: Easy to use – Malcolm accepts network traffic data in the form of full packet capture (PCAP) files...
kubeshark Kubeshark is an API Traffic Analyzer for Kubernetes providing real-time, protocol-level visibility into Kubernetes’ internal network, capturing and monitoring all traffic and payloads going in, out, and across containers, pods, nodes, and clusters. Think TCPDump and Wireshark re-invented...
modpot modpot is a modular web application honeypot framework written in Golang and making use of the gin framework. It is the antithesis to honeydet in many ways and allows the user to deploy...
dahn – Deceptively Adaptive Honey Net Traditional honey nets offer static infrastructure and static responses. In DAHN, the infrastructure is abstracted, with lambda/gpt API (prompts stipulated) returning seemingly native responses to the threat actor,...
