CrowdSec – An Open-Source Massively Multiplayer Firewall Able To Analyze Visitor Behavior And Provide An Adapted Response To All Kinds Of Attacks

CrowdSec is a free, modern & collaborative behavior detection engine, coupled with a global IP reputation network. It stacks on fail2ban’s philosophy but is IPV6 compatible and 60x faster (Go vs Python), uses Grok patterns to parse logs and YAML scenario to identify behaviors. CrowdSec is engineered for modern Cloud / Containers / VM basedRead More

PackageDNA – Tool To Analyze Software Packages Of Different Programming Languages That Are Being Or Will Be Used In Their Codes

[*] This tool gives developers, researchers and companies the ability to analyze software packages of different programming languages that are being or will be used in their codes, providing information that allows them to know in advance if this library complies with processes. secure development, if currently supported, possible backdoors (malicious embedded code), typosquatting analysis,Read More

Caronte – A Tool To Analyze The Network Flow During Attack/Defence Capture The Flag Competitions

Caronte is a tool to analyze the network flow during capture the flag events of type attack/defence. It reassembles TCP packets captured in pcap files to rebuild TCP connections, and analyzes each connection to find user-defined patterns. The patterns can be defined as regex or using protocol specific rules. The connection flows are saved intoRead More

IPED – Digital Forensic Tool – Process And Analyze Digital Evidence, Often Seized At Crime Scenes By Law Enforcement Or In A Corporate Investigation By Private Examiners

IPED is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners. Introduction IPED – Digital Evidence Processor and Indexer (translated from Portuguese) is a tool implemented in java and originally and still developed byRead More

DockerENT – The Only Open-Source Tool To Analyze Vulnerabilities And Configuration Issues With Running Docker Container(S) And Docker Networks

DockerENT is activE ruNtime application security scanning Tool (RAST tool) and framework which is pluggable and written in python. It comes with a CLI application and clean Web Interface written with StreamLit.DockerENT has been designed keeping in mind that during deployments there weak configurations which may get sticky in production deployments as well and canRead More

Intel Owl – Analyze Files, Domains, IPs In Multiple Ways From A Single API At Scale

Do you want to get threat intelligence data about a file, an IP or a domain?Do you want to get this kind of data from multiple sources at the same time using a single API request?You are in the right place!This application is built to scale out and to speed up the retrieval of threatRead More

Eavesarp – Analyze ARP Requests To Identify Intercommunicating Hosts And Stale Network Address Configurations (SNACs)

A reconnaissance tool that analyzes ARP requests to identify hosts that are likely communicating with one another, which is useful in those dreaded situations where LLMNR/NBNS aren’t in use for name resolution.Requirements/InstallationThis is only gon’ work on Kali or other Debian-based Linux distributionseavesarp requires Python3.7 and Scapy. After installing Python, run the following to installRead More

HoneyBot – Capture, Upload And Analyze Network Traffic

HoneyBot is a set of scripts and libraries for capturing and analyzing packet captures with PacketTotal.com. Currently this library provides three scripts: capture-and-analyze.py – Capture on an interface for some period of time, and upload capture for analysis. upload-and-analyze.py – Upload and analyze multiple packet captures to PacketTotal.com. trigger-and-analyze.py – Listen for unknown connections, andRead More

X