GDB dashboard Modular visual interface for GDB in Python. This comes as a standalone single-file .gdbinit which, among the other things, enables a configurable dashboard showing the most relevant information during the program execution. Its main...
sechub It enables the operation and integration of various security tools with one central API in a development environment. SecHub server orchestrates different security tools by one API layer. Users call SecHub Server but...
msInvader msInvader is an adversary simulation tool built for blue teams, designed to simulate adversary techniques within M365 and Azure environments. Its purpose is to generate attack telemetry that aids teams in building, testing,...
GTIRB The GrammaTech Intermediate Representation for Binaries (GTIRB) is a machine code analysis and rewriting data structure. It is intended to facilitate the communication of binary IR between programs performing binary disassembly, analysis, transformation,...
IntelMQ is a solution for IT security teams (CERTs, CSIRTs, abuse departments,…) for collecting and processing security feeds (such as log files) using a message queuing protocol. It’s a community-driven initiative called IHAP (Incident Handling...
SuperMega – Cordyceps Implementation SuperMega is a shellcode loader by injecting it into genuine executables (.exe or .dll). The loader is programmed in C. The idea is that injecting shellcode nicely into a non-malicious...
Maester Monitor your Microsoft 365 tenant’s security configuration using Maester! Maester is an open source PowerShell-based test automation framework designed to help you monitor and maintain the security configuration of your Microsoft 365 environment. Why Maester?...
simplewall A simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer. The lightweight application is less than a megabyte, and it is compatible with Windows Vista and...
VelLMes-AI-Honeypot The VelLMes read as (Vel-L-M-es, from Slavic deity Veles and LLMs) creates interactive, dynamic, and realistic honeypots through the use of Large Language Models (LLMs). The VelLMes tool was created from a research project to show the...
What the heck is a ferox anyway? Ferox is short for Ferric Oxide. Ferric Oxide, simply put, is rust. The name rustbuster was taken, so I decided on a variation. What’s it do tho?...
Intel Owl Do you want to get threat intelligence data about a file, an IP, or a domain? Do you want to get this kind of data from multiple sources at the same time using a...
SCAGoat SCAGoat is an application for Software Composition Analysis (SCA) that focuses on vulnerable and compromised JAR dependencies used in development code, providing users with hands-on learning opportunities to understand potential attack scenarios. It...
MSTIC Jupyter and Python Security Tools Microsoft Threat Intelligence Python Security Tools. The msticpy package was initially developed to support Jupyter Notebooks authoring for Azure Sentinel. Many of the included tools can be used in other security scenarios for...
Kubernetes Goat The Kubernetes Goat designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security. 🏁 Scenarios Sensitive keys in codebases DIND (docker-in-docker) exploitation SSRF in the Kubernetes (K8S) world Container...
MORF – Mobile Reconnaissance Framework Mobile Reconnaissance Framework is a powerful, lightweight and platform-independent offensive mobile security tool designed to help hackers and developers identify and address sensitive information within mobile applications. It is...
Runtime Mobile Security Runtime Mobile Security (RMS), powered by FRIDA, is a powerful web interface that helps you to manipulate Android Java Classes and Methods at Runtime. You can easily dump all the loaded classes...
