pwnspoof pwnSpoof (from Punk Security) generates realistic spoofed log files for common web servers with customisable attack scenarios. Every log bundle is unique and completely customisable, making it perfect for generating CTF scenarios and for...
What’s Cumulus Cumulus is a service that helps you monitor and fix security weaknesses in real-time. The issues will be reported on a web dashboard. It’s very simple and powerful. Key features Just install...
firezone A self-managed WireGuard-based VPN server and Linux firewall designed for simplicity and security. Features Fast: Uses WireGuard to be 3-4 times faster than OpenVPN. No dependencies: All dependencies are bundled thanks to Chef Omnibus. Simple: Takes minutes to set up....
SysFlow? The SysFlow Telemetry Pipeline is a framework for monitoring cloud workloads and for creating performance and security analytics. The goal of this project is to build all the plumbing required for system telemetry...
Metabadger Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2). Metabadger Purpose and functionality Diagnose and evaluate your current usage of the AWS Instance Metadata...
PoW Shield A project dedicated to provide DDoS protection with proof-of-work PoW Shield provides DDoS protection on the OSI application layer by acting as a proxy that utilizes proof of work between the backend...
Kestrel Threat Hunting Language Kestrel threat hunting language provides an abstraction for threat hunters to focus on what to hunt instead of how to hunt. The abstraction makes it possible to codify reusable hunting knowledge in a...
Kodex (Community Edition – CE) is an open-source toolkit for privacy and security engineering. It helps you to automate data security and data protection measures in your data engineering workflows. It offers the following functionality: Read...
Yobi Yobi is a basic Firefox extension which allows to run public or private YARA rules on all scripts and pages rendered by the browser. Yobi saves files that trigger its rules and allows...
cloudquery CloudQuery extracts the configuration and metadata of your infrastructure and transforms it into a relational SQL database. This allows you to write SQL queries for easy monitoring, governance, and security. Key Features Explore...
kubescape Kubescape is the first tool for testing if Kubernetes is deployed securely as defined in Kubernetes Hardening Guidance by to NSA and CISA Tests are configured with YAML files, making this tool easy to update...
NFStream NFStream is a Python framework providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real-world network...
Epiphany Epiphany – is a pre-engagement \ self-assessment tool to identify weak spots of a web property from a DDoS attacker perspective. In the first stage, the tool crawls pages, enumerates POST and GET...
REW-sploit Need help in analyzing Windows shellcode or attack coming from Metasploit Framework or Cobalt Strike (or maybe also other malicious or obfuscated code)? Do you need to automate tasks with simple scripting? Do you want help...
lockc lockc is open source software for providing MAC (Mandatory Access Control) type of security audit for container workloads. The main technology behind lockc is eBPF – to be more precise, its ability to attach to LSM...
Secure Your Connection
