aerleon Generate firewall configs for multiple firewall platforms from a single platform-agnostic configuration language through a command line tool and Python API. Aerleon is a fork of Capirca with the following enhancements:...
Mimicry Mimicry is a security tool developed by Chaitin Technology for active deception in exploitation and post-exploitation. Active deception can live to migrate the attacker to the honeypot without awareness....
Defense / Vulnerability Analysis
by do son · Published January 26, 2023 · Last modified July 1, 2023
Locksmith A tiny tool to identify and remediate common misconfigurations in Active Directory Certificate Services. Mode 0 (Default) – Identify Issues and Output to Console PS> .\Invoke-Locksmith.ps1 Running Invoke-Locksmith.ps1 with...
Metlo Metlo is an open-source API security platform Create an Inventory of all your API Endpoints. Proactively test your APIs before they go into production. Detect API attacks in real-time....
Indicator-of-Compromise (IOC) Matching IOC matching for incident responders, threat hunters, detection engineers, and security engineers. Use Cases Schema-agnostic IOC matching scan: During an incident response (IR) engagement, an analyst or...
Enhance your malware detection with WAF + YARA (WAFARAY) WAFARAY is a LAB deployment based on Debian 11.3.0 (stable) x64 made and cooked between two main ingredients WAF + YARA...
Self-Service Security Assessment tool Cybersecurity remains a very important topic and point of concern for many CIOs, CISOs, and their customers. To meet these important concerns, AWS has developed a...
NetLlix A project was created with the aim to emulate and test the exfiltration of data over different network protocols. The emulation is performed w/o the usage of native API’s....
cis-vsphere A tool to assess the compliance of a VMware vSphere environment against the CIS Benchmark for VMware vSphere. Requirements VMware PowerCLI 12.0.0 or higher VMware vSphere 7.0 Usage Clone...
YATAS Yet Another Testing & Auditing Solution Features YATAS is a simple and easy-to-use tool to audit your infrastructure for misconfiguration or potential security issues. AWS – 43 Checks APIGateway...
KRIe KRIe is a research project that aims to detect Linux Kernel exploits with eBPF. KRIe is far from being a bulletproof strategy: from eBPF-related limitations to post exploitation detections...
PowerHuntShares PowerHuntShares is designed to automatically inventory, analyze, and report excessive privilege assigned to SMB shares on Active Directory domain joined computers. It is intended to help IAM and other...
StackRox Kubernetes Security Platform The StackRox Kubernetes Security Platform performs a risk analysis of the container environment, delivers visibility and runtime alerts, and provides recommendations to proactively improve security by...
DC Sonar Analyzing AD domains for security risks related to user accounts Architecture For the visual descriptions, open the diagram files using the diagrams.net tool. The app consists of: The dc-sonar-frontend is the fronted part of...
BlueHound BlueHound is an open-source tool that helps blue teams pinpoint the security issues that actually matter. By combining information about user permissions, network access, and unpatched vulnerabilities, BlueHound reveals...
Support Securityonline.info site. Thanks!
