Clik here to view.
psad v2.4.5 – Intrusion Detection and Log Analysis with iptables.
Changelog psad(The Port Scan Attack Detector) v2.4.5: – Added proper port sweep detection based on a single port being probed across a configurable number of destination hosts. The number of...
View ArticleClik here to view.
Scutum is an ARP firewall that prevents your computer from being arp spoofed.
Scutum is an ARP firewall that prevents your computer from being arp spoofed. Scutum controls “arptables” in your computer so it accepts ARP packets only from the gateway. This way, when people with...
View ArticleClik here to view.
python-haystack – a memory forensic & Process heap analysis framework.
python-haystack is an heap analysis framework, focused on searching and reversing of C structure in allocated memory. The first function/API is the SEARCH function. It gives the ability to search for...
View ArticleClik here to view.
NeoSentry is an open-source linux based for network monitoring solution,...
NeoSentry NMS is an open-source, linux based, network monitoring solution, built with security in mind. Real-time monitoring for all types of deviceng for all types of devices via Ping, SNMP, SSH, and...
View ArticleClik here to view.
Pentest-Detections ~ WannaCry and Petya Fast Detection Tool.
Pentest-Detections is a Repository for penetration testing tools and Vulnerability scanner for MS17-010. Feature: + IPv4, IPv6 compatible. + IPv6 auto discover mode + Input range, file-list support +...
View ArticleClik here to view.
maltran – a malware traffic analysis tools.
maltran is tool was developed with the purpose of furthering and organizing access to Malware-Traffic-Analysis (http://malware-traffic-analysis.net/) exercises. Maltran makes it easy to list and...
View ArticleClik here to view.
Zeus – AWS Auditing & Hardening Tool.
Zeus is a powerful tool for AWS EC2 / S3 best hardening practices. It checks security settings according to the profiles the user creates and changes them to recommended settings based on the CIS AWS...
View ArticleClik here to view.
shellbug – Basic command line, text-based, shellcode debugging.
shellbug is a Basic command line, text-based, shellcode debugger using Capstone/Unicorn. Wanted to put together a small tool for stepping forward and backwards through basic shellcode interactively....
View ArticleClik here to view.
SSMA – Simple Static Malware Analyzer.
SSMA is a simple malware analyzer written in Python 3. Latest Change 3/7/2017: + add new args + requirements.txt: ELF support init + ssma.py : check .tls SSMA – Simple Static Malware Analyzer Features:...
View ArticleClik here to view.
bofhwall – Bastard Operator From Hell Firewall.
(BOFHWALL)Bastard Operator From Hell Firewall can send message to online port scanners, like: Shodan scanners, raw port scanners, port analyzers. You can redirect some ports or all ports to the BOFH...
View ArticleClik here to view.
smap – shellcode mapper.
Note: For educational purposes only. smap is a python2 scripting for shellcode analysis. Requirements: + All Linux Platform support + objdump + Python 2.7.x get sampling shellcodes: +...
View ArticleClik here to view.
AIEngine v1.8.0 – Artificial Inteligent Engine.
Changelog aiengine v1.8.0 15/7/2017: + Support for extract TXT records from DNS, fix minor issue in OpenFlow and clean code. – Support for Point to Point over Ethernet protocol. – Support for multiple...
View ArticleClik here to view.
Toucan is a Wireless Intrusion Detection System.
Toucan is currently a monitor to defend against man in the middle attacks (Both IPv4/IPv6 attacks) on a wireless network. For IPv4, when an attacker is discovered sending a gratuitous ARPs, Toucan will...
View ArticleClik here to view.
APKiD – Android Applications Identifier for Packer, Protectors, Obfuscator...
APKiD gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff. It’s PEiD for Android. APKiD can be used for: + Android Compiler...
View ArticleClik here to view.
stoQ – An open source framework for enterprise level automated analysis.
stoQ is a modular and highly customizable framework for the creation of data sets from multiple disparate data sources. stoQ leverages multiple robust technologies in order to allow for a scalable and...
View ArticleClik here to view.
avpass – Tool for leaking and bypassing Android malware detection system.
AVPASS is a tool for leaking the detection model of Android malware detection systems (i.e., antivirus software), and bypassing their detection logics by using the leaked information coupled with APK...
View ArticleClik here to view.
fwgen – A small management framework to simplify the management of...
fwgen is a small management framework to simplify the management of ip(6)tables based firewalls, that also integrates ipset support and zones in a non-restrictive way. It is not an abstraction layer of...
View ArticleClik here to view.
objdump2shellcode – A very simple tool that dump shellcode from a provided...
objdump2shellcode is A very simple tool that dumps shellcode from a provided binary. This tools is useful when encoding and creating custom shellcode as it includes bad character detection. This is...
View ArticleClik here to view.
TALOS – Computer Network Defender’s Toolkit, specializing in active defense...
TALOS as of this latest update now comes compete with a fully functional scripting language (working title Bluescript). In this script you can design network sensors/automated scans that perform...
View ArticleClik here to view.
SigFW – an Open Source Signaling Firewall for SS7, Diameter filtering,...
SigFW is an Open Source SS7/Diameter firewall for Antisniff, Antispoof & Threat Hunt. Abstract The SS7/Sigtran protocol stack mobile vulnerabilities affect the security of all mobile users...
View Article