What is PurpleLab? This solution will allow you to easily deploy an entire lab to create/test your detection rules, simulate logs, play tests, download and run malware and mitre attack techniques, restore the sandbox,...
LDAP Watchdog LDAP Watchdog is a tool designed to monitor and record changes in an LDAP directory in real time. It provides a mechanism to track and visualize modifications, additions, and removals to user...
Forensic Tools forensictools is a toolkit designed for digital forensics, offering a wide array of tools. Its primary goal is to simplify the creation of a virtual environment for conducting forensic examinations. In addition to...
C2 Tracker Free to use IOC feed for various tools/malware. It started for just C2 tools but has morphed into tracking infostealers and botnets as well. It uses Shodan searches to collect the IPs....
VolWeb VolWeb is a digital forensic memory analysis platform that leverages the power of the Volatility 3 framework. It is dedicated to aiding in investigations and incident responses. Objective The goal of VolWeb is...
DroneXtract DroneXtract is a comprehensive digital forensics suite for DJI drones made with Golang. It can be used to analyze drone sensor values and telemetry data, visualize drone flight maps, audit for criminal activity,...
AttackGen AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident response scenarios based on user-selected threat...
AuthLogParser AuthLogParser is a powerful Digital Forensics and Incident Response tool designed specifically for analyzing Linux authentication logs, commonly known as auth.log. This tool serves as an invaluable asset for Incident Responders, streamlining the...
ChopChopGo ChopChopGo inspired by Chainsaw utilizes Sigma rules for forensics artifact recovery, enabling rapid and comprehensive analysis of logs and other artifacts to identify potential security incidents and threats on Linux. Features 🎯 Hunt...
MDE Kit MDE Kit’s objective is to help automate and empower your investigation, detection, prevention, and response capabilities leveraging the MDE API. MDE Kit leverages many of the available Microsoft Defender for Endpoint (MDE)...
ForensicMiner ForensicMiner, a PowerShell-based DFIR automation tool, revolutionizes the field of digital investigations. Designed for efficiency, it automates artifact and evidence collection from Windows machines. Compatibility with Flacon Crowdstrike RTR and Palo Alto Cortex...
JA4+ Network Fingerprinting JA4+ is a suite of network fingerprinting methods that are easy to use and easy to share. These methods are both human and machine-readable to facilitate more effective threat-hunting and analysis....
Linpmem — a physical memory acquisition tool for Linux Linpmem is a Linux x64-only tool for reading physical memory. Like its Windows counterpart, Winpmem, this is not a traditional memory dumper. Linpmem offers an API...
Forensics / Sniffing & Spoofing
by do son · Published December 2, 2023 · Last modified April 20, 2024
sniffnet Sniffnet is a network monitoring tool to help you easily keep track of your Internet traffic. Sniffnet is a technical tool, but at the same time it strongly focuses on the overall user experience: most of...
WhisperPot WhisperPot is an ongoing project aimed at creating a comprehensive VoIP honeypot system. It is designed to log attack attempts and identify potential threats and vulnerabilities in VoIP systems. WhisperPot simulates a realistic...
Secure Your Connection
