Forensics / Networking / Sniffing & Spoofing
by do son · Published June 8, 2018 · Last modified October 10, 2021
POLYMORPH Polymorph is a framework written in the Python3 programming language that allows the modification of network packets in real-time, providing maximum control to the user over the contents of...
Forensics / Information Gathering / Malware Analysis / Web Information Gathering
by do son · Published June 5, 2018 · Last modified May 1, 2024
Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository. Yeti will also automatically enrich observables (e.g. resolve domains,...
GeoLogonalyzer is a utility to perform location and metadata lookups on source IP addresses of remote access logs. This analysis can identify anomalies based on the speed of required travel,...
Kansa A modular incident response framework in Powershell, useful for data collection and analysis. What does it do? It uses Powershell Remoting to run user-contributed, ahem, user-contributed modules across hosts in...
lsrootkit Rootkit Detector for UNIX (the actual beta only works as expected in Linux) Features The idea is very simple: a lot of rootkits uses a MAGIC GID (a random...
Windows Event Forwarding Guidance Windows Event Forwarding Windows Event Forwarding (WEF) is a powerful log forwarding solution integrated within modern versions of Microsoft Windows. One of the most comprehensive descriptions...
DATA: Credential Phish Analysis and Automation Download git clone https://github.com/hadojae/DATA.git BUCKLEGRIPPER (py) Given a suspected phishing url or file of line separated urls, visit, screenshot, and scrape for interesting files. Requirements...
Pytbull is a python based flexible IDS/IPS testing framework shipped with more than 300 tests, grouped in 9 modules, covering a large scope of attacks (clientSideAttacks, testRules, badTraffic, fragmentedPackets, multipleFailedLogins,...
DCSYNCMonitor Description This tool is an application/service that can be deployed on Domain controllers to alert on Domain Controller Synchronization attempts. When an attempt is detected, the tool will write...
PSHunt PSHunt is a Powershell Threat Hunting Module designed to scan remote endpoints* for indicators of compromise or survey them for more comprehensive information related to the state of those...
Zenected is a cloud-based security threat protection service. It’s delivered through a set of pre-configured services. Once a user connects to the Zenected, that user’s network traffic is filtered to keep the...
Exploitation / Forensics / Information Gathering / Network PenTest / Reverse Engineering / Sniffing & Spoofing / Vulnerability Analysis / Web Information Gathering / Web Vulnerability Analysis / WebApp PenTest / Wireless
by do son · Published April 25, 2018
PloitKit is a Python-based GUI tool designed as one-stop for all other software. I was facing these kinds of problem when I need to switch to the different system, or...
Guymager [ˈgɪmɪdʒər] is a free forensic imager for media acquisition. Its main features are: Easy user interface in different languages Runs under Linux Really fast, due to multi-threaded, pipelined design...
ntdsxtract – Active Directory forensic framework This framework was developed by the author in order to provide the community with a solution to extract forensically important information from the main database...
Red Team Automation (RTA) RTA provides a framework of scripts designed to allow blue teams to test their detection capabilities against malicious tradecraft, modeled after MITRE ATT&CK. RTA is composed of...
Support Securityonline.info site. Thanks!
Urgent Security Update: Guix System Patches Critical Vulnerability
October 22, 2024
