Description:
Lightweight fuzzing of a memory snapshot using KVM
Security
The Hive
Description:
TheHive is a scalable 3-in-1 open source and free Security Incident Response Platform designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly. It is the perfect companion to MISP. You can synchronize it with one or multiple MISP instances to start investigations out of MISP events. You can also export an investigation’s results as a MISP event to help your peers detect and react to attacks you’ve dealt with. Additionally, when TheHive is used in conjunction with Cortex, security analysts and researchers can easily analyze tens if not hundred of observables.
Gophish
Description:
Gophish is a powerful, open-source phishing framework that makes it easy to test your organization’s exposure to phishing.
Velociraptor
Description:
Velociraptor is an advanced digital forensic and incident response tool that enhances your visibility into your endpoints.
OpenCanary
Description:
OpenCanary creates a network honeypot allowing you to catch hackers before they fully compromise your systems. As a technical definition, OpenCanary is a daemon that runs several canary versions of services that alerts when a service is (ab)used.
Proton Pass
Description:
Proton Pass keeps your passwords and identity secure with rigorous end-to-end encryption.
NAXSI
Description:
NAXSI means Nginx Anti XSS & SQL Injection. Technically, it is a third party nginx module, available as a package for many UNIX-like platforms. This module, by default, reads a small subset of simple (and readable) rules containing 99% of known patterns involved in website vulnerabilities.
Arkime
Description:
Arkime (formerly Moloch) is an open source, large scale, full packet capturing, indexing, and database system.
CyberChef
Description:
The Cyber Swiss Army Knife CyberChef is a simple, intuitive web app for carrying out all manner of “cyber” operations within a web browser. These operations include simple encoding like XOR and Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character encodings, and much more. The tool is designed to enable both technical and non-technical analysts to manipulate data in complex ways without having to deal with complex tools or algorithms. It was conceived, designed, built and incrementally improved by an analyst in their 10% innovation time over several years.