AD Privileged Audit Provides various Windows Server Active Directory (AD) security-focused reports. Designed to be fast and efficient, typically provides “immediate” (no post-processing required) results within a minute. Available for anyone to run for...
melting-cobalt A tool to hunt/mine for Cobalt Strike beacons and “reduce” their beacon configuration for later indexing. Hunts can either be expansive and internet-wide using services like SecurityTrails, Shodan, or ZoomEye or a list...
Rspamd Rspamd is an advanced spam filtering system and email processing framework that allows the evaluation of messages by a number of rules including regular expressions, statistical analysis, and custom services such as URL...
ThePhish ThePhish is an automated phishing email analysis tool based on TheHive, Cortex, and MISP. It is a web application written in Python 3 and based on Flask that automates the entire analysis process starting from the extraction...
http-desync-guardian Analyze HTTP requests to minimize risks of HTTP Desync attacks (precursor for HTTP request smuggling/splitting). Overview HTTP/1.1 went through a long evolution since 1991 to 2014: HTTP/0.9 – 1991 HTTP/1.0 – 1996 HTTP/1.1 RFC 2068 – 1997...
Dependency Combobulator Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks. This facilitates a holistic approach for ensuring secure application releases that can be...
DetectionLabELK DetectionLabELK is the perfect lab to use if you would like to build effective detection capabilities. It has been designed with defenders in mind. Its primary purpose is to allow blueteams to quickly...
FiddleZAP FiddleZAP is a simplified version of EKFiddle for OWASP ZAP. With ZAP as your web proxy, you are able to flag malicious traffic based on predefined regular expressions. Example: Alert, highlighting, and tagging when a...
rpcfirewall: Open Source Ransomware Kill Switch Tool Why should I care? RPC is the underlying mechanism which is used for numerous lateral movement techniques, reconnaissance, relay attacks, or simply to exploit vulnerable RPC services. DCSync attack? over RPC. Remote DCOM?...
Spam Scanner Spam Scanner is a drop-in replacement and the best alternative to SpamAssassin, rspamd, SpamTitan, and more. Foreword Spam Scanner is a tool and service built by @niftylettuce after hitting countless roadblocks with existing spam-detection...
Atomic Threat Coverage Actionable analytics designed to combat threats based on MITRE’s ATT&CK. Atomic Threat Coverage is a tool which allows you to automatically generate actionable analytics, designed to combat threats (based on the MITRE...
Deepfence ThreatMapper Deepfence ThreatMapper helps you to monitor and secure your running applications, in Cloud, Kubernetes, Docker, and Fargate Serverless. Your ‘Shift Left’ initiatives enable you to deliver secure applications; ThreatMapper picks up where...
detect-secrets detect-secrets is an aptly named module for (surprise, surprise) detecting secrets within a code base. However, unlike other similar packages that solely focus on finding secrets, this package is designed with the enterprise client...
SyntheticSun SyntheticSun is defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats. Synopsis Uses event- and...
CloudSpec CloudSpec is an open-source tool for validating your resources in your cloud providers using a logical language that everybody can understand. With its reasonably simple syntax, you can validate the configuration of your...
Secure Your Connection
