chameleon Customizable honeypots for monitoring network traffic, bots activities, and username\password credentials (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET and Postgres, and MySQL). General Features Modular...
The Blue Team PowerShell Security Package This repo contains a collection of PowerShell tools that can be utilized to protect defend an environment based on Microsoft’s recommendations. This repo also assumes that you have...
Watcher Watcher is a Django & React JS automated platform for discovering new potential cybersecurity threats targeting your organization. It should be used on webservers and available on Docker. Watcher capabilities Detect emerging vulnerability,...
HiJackThis Fork HiJackThis Fork is a free utility for Microsoft Windows that scans your computer for settings changed by adware, spyware, malware and other unwanted programs. HiJackThis Fork primarily detects hijacking methods rather than comparing items...
bunkerized-nginx nginx Docker image secure by default. Avoid the hassle of following security best practices each time you need a web server or reverse proxy. Bunkerized-nginx provides generic security configs, settings, and tools so...
Wynis Just a powershell scripts for auditing security with CIS BEST Practices Windows 10 and Windows Server 2016. You just need to run the script, it will create a directory named: AUDIT_CONF_%DATE% The directory...
ThreatPursuit-VM Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and...
teler teler is a real-time http intrusion detection and threat alert based on a weblog that runs in a terminal with resources that we collect and provide by the community. Features Real-time: Analyze logs and...
Raccine A Simple Ransomware Protection Why We see ransomware delete all shadow copies using vssadmin pretty often. What if we could just intercept that request and kill the invoking process? Let’s try to create a...
MKIT – Managed Kubernetes Inspection Tool Quickly discover key security risks of your managed Kubernetes clusters and resources MKIT is a Managed Kubernetes Inspection Tool that leverages FOSS tools to query and validate several common security-related configuration...
Manuka A modular, scalable OSINT honeypot targeting pre-attack reconnaissance techniques. Manuka is an Open-source intelligence (OSINT) honeypot that monitors reconnaissance attempts by threat actors and generates actionable intelligence for Blue Teamers. It creates a...
Nethive Project The Nethive Project provides a Security Information and Event Management (SIEM) infrastructure empowered by CVSS measurements. This infrastructure offers zero to no latency vulnerability monitoring and has been empowered by ELK Infrastructure as...
CobaltStrikeScan Scan files or process memory for Cobalt Strike beacons and parse their configuration. CobaltStrikeScan scans Windows process memory for evidence of DLL injection (classic or reflective injection) and performs a YARA scan on...
Adaz: Active Directory Hunting Lab in Azure This project allows you to easily spin up Active Directory labs in Azure with domain-joined workstations, Windows Event Forwarding, Kibana, and Sysmon using Terraform/Ansible. It exposes a high-level configuration...
kube-bench kube-bench is a Go application that checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes Benchmark. Tests are configured with YAML files, making this tool easy to update...
Secure Your Connection
