SSH3: faster and rich secure shell using HTTP/3
SSH3: faster and rich secure shell using HTTP/3 SSH3 is a complete revisit of the SSH protocol, mapping its semantics on top of the HTTP mechanisms. In a nutshell, SSH3...
Category: Defense
RTI-Toolkit: open-source PowerShell toolkit for Remote Template Injection attacks
RTI-Toolkit RTI-Toolkit is an open-source PowerShell toolkit for Remote Template Injection attacks. This toolkit includes a PowerShell script named PS-Templator.ps1 which can be used from both an attacking and defensive perspective....
drs-malware-scan: Perform file-based malware scan on your on-prem servers with AWS
Perform malware scan analysis of on-prem servers using AWS services Challenges with on-premises malware detection It can be difficult for security teams to continuously monitor all on-premises servers due to...
ved-ebpf: Kernel Exploit and Rootkit Detection using eBPF
VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF VED (Vault Exploit Defense)-eBPF leverages eBPF (extended Berkeley Packet Filter) to implement runtime kernel security monitoring and exploit detection for Linux systems....
PurpleOps: open-source self-hosted purple team management web application
PurpleOps PurpleOps is a free, open-source web app to track Purple Team assessments. Create assessments aligned with MITRE ATT&CK, leveraging data from sources like Atomic Red Team and SIGMA. Centralise...
antisquat: An AI-Powered Phishing Domain Finder
AntiSquat AntiSquat leverages AI techniques such as natural language processing (NLP), large language models (ChatGPT) and more to empower detection of typosquatting and phishing domains. What sets AntiSquat apart Large...
ebpfmon: tool for monitoring eBPF programs
ebpfmon ebpfmon is a tool for monitoring eBPF programs. It is designed to be used with bpftool from the Linux kernel. ebpfmon is a TUI (terminal UI) application written in Go that allows...
Web Application Firewall (WAF) Comparison Project
Web Application Firewall (WAF) Comparison Project This project repository contains testing datasets and tools to compare WAF efficacy in the two most important categories: Security Coverage (True Positive Rate) –...
Malcore Office Shield: protect you from malware, viruses, and phishing attempts
Malcore Office Shield Introducing The Malcore Office Shield imagine having the ability to analyze every attachment that is sent to your inbox, putting the power in your hands to protect...
melee: Detect Infections in MySQL Instances
MELEE: A Tool to Detect Ransomware Infections in MySQL Instances Attackers are abusing MySQL instances for conducting nefarious operations on the Internet. The cybercriminals are targeting exposed MySQL instances and...
ELITEWOLF: NSA’s Countermove Against Rising Cyber Threats
Cybercriminals persistently assail America’s vital infrastructure, exploiting readily accessible and vulnerable operational technology (OT) assets online. In response to this looming menace, the US National Security Agency (NSA) has unveiled...
IAMActionHunter: an IAM policy statement parser and query tool
IAMActionHunter IAMActionHunter is an IAM policy statement parser and query tool that aims to simplify the process of collecting and understanding permission policy statements for users and roles in AWS...
DIAL: centralised security misconfiguration detection framework
DIAL Workloads on the cloud provide equal opportunities for hackers as much as they do for internal teams. Cloud-native companies are open to attacks from both outside forces and from...
dynmx: Signature-based detection of malware
dynmx dynmx (spoken dynamics) is a signature-based detection approach for behavioural malware features based on Windows API call sequences. In a simplified way, you can think of dynmx as a sort of YARA...
RogueSliver: disrupt campaigns using the Sliver C2 framework
RogueSliver A suite of tools to disrupt campaigns using the Sliver C2 framework. This tool, its uses, and how it was created will be covered in depth on ACEResponder.com This tool...
