Flare is a network analytic framework designed for data scientists, security researchers, and network professionals. Written in Python, it is designed for rapid prototyping and development of behavioral analytics and...
FIR (Fast Incident Response) is a cybersecurity incident management platform designed with agility and speed in mind. It allows for easy creation, tracking, and reporting of cybersecurity incidents. FIR is...
Snoopdigg Snoopdigg is a simple tool to automate some basic steps to acquire some evidence of compromise from Windows computers. Snoopdigg is normally intended for trainers, researchers, and incident responders...
chainbreaker The chainbreaker can extract user credential in a Keychain file with Master Key or user password in forensically sound manner. Master Key candidates can be extracted from volafox or volatility keychaindump module. Supported...
Glastopf Glastopf is a Python web application honeypot founded by Lukas Rist. General approach: Vulnerability type emulation instead of vulnerability emulation. Once a vulnerability type is emulated, Glastopf can handle unknown attacks...
djangoctf v1.1 A platform for jeopardy CTF (capture-the-flag) competitions written in Django. CTF cybersecurity competitions have become an increasingly popular form of challenges for aspiring cybersecurity students. After the success...
honssh HonSSH is designed to be used in conjunction with a high interaction honeypot. HonSSH sits between the attacker and the honeypot and creates two separate SSH connections. Features Captures...
Rootkit Hunter (commonly abbreviated as RKH) is a security monitoring and analyzing tool for POSIX compliant systems, to help you detect known rootkits, malware, and signal general bad security practices. Rootkits...
APT Simulator APT Simulator is a Windows Batch script that uses a set of tools and output files to make a system look as if it was compromised Use Cases...
ARTLAS Apache Real Time Logs Analyzer System Real-time Apache log analyzer, based on top 10 OWASP vulnerabilities, identifies attempts of exploration in your web application, and notify you or your...
tcpTrigger tcpTrigger is a Windows service intended to notify you of incoming network connections. You specify a TCP port to monitor and an action to take. Actions taken include: sending...
Pcap Capture File Analysis Tool Features 1-Top 10 Visited Sites 2-Emails 3-All Request Urls 4-User-Agents List 5-String Grep Mode 6-Connection details 7-Ports Used 8-ALL Ip List 9-Manuel Packet Filter 10-Smtp...
RecuperaBit A software which attempts to reconstruct file system structures and recover files. Currently, it supports only NTFS. RecuperaBit attempts the reconstruction of the directory structure regardless of: missing partition...
inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps using microarchitecture independent Virtual Machine Introspection...
Turbinia is an open-source framework for deploying, managing and running forensic workloads on cloud platforms. It is intended to automate running of common forensic processing tools (i.e. Plaso, TSK, strings,...
Support Securityonline.info site. Thanks!
