thorium


thorium

License:


Description:

Thorium is a scalable, distributed malware analysis framework designed to facilitate cyber incident response, file analysis, and data generation with sandboxed environments, automation, and secure data handling.

Eviction Strategies Tool – Playbook-NG


Eviction Strategies Tool

License: MIT


Description:

CISA has developed and maintains the publicly accessible Eviction Strategies Tool to support cyber defenders during the containment and eviction phases of incident response (IR). The tool comprises: 

  • Playbook-NG, a web application for next-generation operations; and
  • COUN7ER, a database of atomic post-compromise countermeasures mapped to adversary tactics, techniques, and procedures (TTPs). 

Together, Playbook-NG and COUN7ER can assemble a systematic eviction plan that leverages distinct countermeasures to contain and evict a unique intrusion

GitPhish

GitPhish

License: Apache-2.0 license


Description:

GitPhish is a security research tool that assesses GitHub device code authentication flows through various modules, including an auth server and deployment engine, for security testing and analysis.

AdaptixC2


AdaptixC2

License: GPL-3.0 license


Description:

AdaptixC2 is an extensible post-exploitation and adversarial emulation framework designed for penetration testers. It features a server/client architecture, cross-platform GUI, encrypted communication, plugin support, task management, and multi-platform agents, making it a versatile tool for cybersecurity assessments.

VaulTLS

VaulTLS

License: GPL-3.0 license


Description:

VaulTLS is a self-hosted web app for managing mutual TLS certificates centrally, featuring a modern web interface, OpenID Connect support, email notifications, RESTful API, and Docker support. Built with Rust and Vue.js, it simplifies certificate management for home labs and small environments.

OWASP Nettacker


OWASP Nettacker

License: Apache-2.0 license


Description:

OWASP Nettacker is an open source automation tool in Python for information gathering, vulnerability scanning, and penetration testing. It discovers open ports, services, bugs, vulnerabilities, misconfigurations, default credentials, subdomains, and more, with multiple modes including command-line, API, Web GUI, and Docker.

WaybackLister

WaybackLister

License: GPL-3.0 license


Description:

WaybackLister is a reconnaissance tool that utilizes the Wayback Machine to find and verify historical URLs and directory listings for security assessments and bug bounty recon, supporting multithreaded scanning and subdomain discovery.