Description:
Thorium is a scalable, distributed malware analysis framework designed to facilitate cyber incident response, file analysis, and data generation with sandboxed environments, automation, and secure data handling.
Security
Eviction Strategies Tool – Playbook-NG
Description:
CISA has developed and maintains the publicly accessible Eviction Strategies Tool to support cyber defenders during the containment and eviction phases of incident response (IR). The tool comprises:
- Playbook-NG, a web application for next-generation operations; and
- COUN7ER, a database of atomic post-compromise countermeasures mapped to adversary tactics, techniques, and procedures (TTPs).
Together, Playbook-NG and COUN7ER can assemble a systematic eviction plan that leverages distinct countermeasures to contain and evict a unique intrusion
GitPhish
Description:
GitPhish is a security research tool that assesses GitHub device code authentication flows through various modules, including an auth server and deployment engine, for security testing and analysis.
pqcscan – Post-Quantum Cryptography Scanner
Description:
A Rust-based utility to scan SSH and TLS servers for Post-Quantum Cryptography support. It generates JSON results and helps identify assets lacking PQC support, aiding in migration efforts aligned with global deadlines for PQC adoption.
AdaptixC2
Description:
AdaptixC2 is an extensible post-exploitation and adversarial emulation framework designed for penetration testers. It features a server/client architecture, cross-platform GUI, encrypted communication, plugin support, task management, and multi-platform agents, making it a versatile tool for cybersecurity assessments.
VaulTLS
Description:
VaulTLS is a self-hosted web app for managing mutual TLS certificates centrally, featuring a modern web interface, OpenID Connect support, email notifications, RESTful API, and Docker support. Built with Rust and Vue.js, it simplifies certificate management for home labs and small environments.
mitmproxy
Description:
mitmproxy is an interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
fiddleitm
Description:
A mitmproxy addon designed to identify malicious web traffic, supporting rule management, real-time alerts, event logging, and traffic filtering.
OWASP Nettacker
Description:
OWASP Nettacker is an open source automation tool in Python for information gathering, vulnerability scanning, and penetration testing. It discovers open ports, services, bugs, vulnerabilities, misconfigurations, default credentials, subdomains, and more, with multiple modes including command-line, API, Web GUI, and Docker.
WaybackLister
Description:
WaybackLister is a reconnaissance tool that utilizes the Wayback Machine to find and verify historical URLs and directory listings for security assessments and bug bounty recon, supporting multithreaded scanning and subdomain discovery.