Category: Network Defense
DICOMHawk DICOMHawk is a powerful and efficient honeypot for DICOM servers, designed to attract and log unauthorized access attempts and interactions. Built using Flask and pynetdicom, DICOMHawk offers a streamlined web interface for monitoring...
Paladin Cloud Paladin Cloud is an extensible, Security-as-Code (SaC) platform designed to help developers and security teams reduce risks in their cloud environments. It functions as a policy management plane across multi-cloud and enterprise...
domain-protect scan Amazon Route53 across an AWS Organization for domain records vulnerable to takeover scan Cloudflare for vulnerable DNS records take over vulnerable subdomains yourself before attackers and bug bounty researchers automatically create known issues in Bugcrowd or HackerOne...
ADcheck Assess the security of your Active Directory with few or all privileges. This tool offers functionalities similar to PingCastle, ORADAD, or even PurpleKnight (with some bonuses). ADcheck is developed in pure Python to bypass operating system...
FalconHound FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with an SIEM...
Gatekeeper What is Gatekeeper? Gatekeeper is the first open-source DoS protection system. It is designed to scale to any peak bandwidth, so it can withstand DoS attacks both today and tomorrow. In spite of...
Venator – Threat Detection Platform A flexible detection system that simplifies rule management and deployment with K8s CronJob and Helm. Venator is optimized for Kubernetes deployment but is flexible enough to run standalone or...
Network Flight Recorder NFR is a lightweight application which processes network traffic using the AlphaSOC Analytics Engine. NFR can monitor log files on disk (e.g. Microsoft DNS debug logs, Bro IDS logs) or run as a network...
WhoYouCalling Monitors network activity made by a process through the use of Windows Event Tracing (ETW) and Full Packet Capture (FPC). Filters a generated .pcap file with BPF based on the detected network activity made by...
What is Acra Acra helps you easily secure your databases in distributed, microservice-rich environments. It allows you to selectively encrypt sensitive records with strong multi-layer cryptography, detect potential intrusions and SQL injections and cryptographically compartmentalize...
LuLu is the free open-source macOS firewall that aims to block unauthorized (outgoing) network traffic unless explicitly approved by the user: Full details and usage instructions can be found here. Feature 100% free As...
IPBan Service IPBan is a simple yet powerful solution for Windows and Linux to prevent botnets and hackers from breaching your computers. Protecting your security is the primary goal, but there are also performance...
The Update Framework (TUF) The Update Framework (TUF) is written in Python and intended to conform to version 1.0 of the TUF specification. This implementation is in use in production systems but is also...
Conjur Conjur provides secrets management and machine identity for modern infrastructure: Machine Authorization Markup Language (“MAML”), a role-based access policy language to define system components & their roles, privileges, and metadata A REST web...
What is Suricata The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry but...
OpenBAS OpenBAS is an open-source platform allowing organizations to plan, schedule, and conduct cyber adversary simulation campaigns and tests. The goal is to create a powerful, reliable, and open-source tool to effectively plan and...