We have collection of more than 1 Million open source products ranging from Enterprise product to small libraries in all platforms. We aggregate information from all open source repositories. Search and find the best for your needs. Check out projects section.



Displaying 1 to 12 from 12 results

Infosec_Reference - An Information Security Reference That Doesn't Suck

  •    Python

An Information Security Reference That Doesn't Suck

LOLBAS - Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

  •    XSLT

There are currently three different lists. The goal of these lists are to document every binary, script and library that can be used for Living Off The Land techniques.

LogonTracer - Investigate malicious Windows logon by visualizing and analyzing Windows event log

  •    Python

LogonTracer is a tool to investigate malicious logon by visualizing and analyzing Windows Active Directory event logs. This tool associates a host name (or an IP address) and account name found in logon-related events and displays it as a graph. This way, it is possible to see in which account login attempt occurs and which host is used. This tool can visualize the following event id related to Windows logon based on this research. LogonTracer uses PageRank, Hidden Markov model and ChangeFinder to detect malicious hosts and accounts from event log. With LogonTracer, it is also possible to display event logs in a chronological order.

rita - Real Intelligence Threat Analytics

  •    Go

Brought to you by Active Countermeasures. RITA is an open source framework for network traffic analysis.




GTFOBins

  •    HTML

GTFOBins is a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions. Browse the project here.

PlumHound - Bloodhound for Blue and Purple Teams

  •    Python

Released as Proof of Concept for Blue and Purple teams to more effectively use BloodHoundAD in continual security life-cycles by utilizing the BloodHoundAD pathfinding engine to identify Active Directory security vulnerabilities resulting from business operations, procedures, policies and legacy service operations. PlumHound operates by wrapping BloodHoundAD's powerhouse graphical Neo4J backend cypher queries into operations-consumable reports. Analyzing the output of PlumHound can steer security teams in identifying and hardening common Active Directory configuration vulnerabilities and oversights.

gray_hat_csharp_code - This repository contains full code examples from the book Gray Hat C#

  •    CSharp

This repository contains fully-fleshed out code examples from the book Gray Hat C#. In this book, a wide variety of security oriented tools and libraries will be written using the C# programming language, allowing for cross-platform automation of the most crucial aspects of a security engineer's roles in a modern organization. Many of the topics will also be highly useful for hobbyists and security enthusiasts who are looking to gain more experience with common security concepts and tools with real world examples for both offensive and defensive purposes. We cover a broad slice of concepts a modern security engineer must be familiar with, starting with a brief introduction to the C# language. After the introduction, we focus on fuzzing web application vulnerabilities and writing exploits for them. This is followed by C# payloads for pentesters to use for remote command execution and persistence. Then, we move onto security tool automation using true APIs, not just calling programs from the system shell. Finally, we focus on reverse engineering and forensics in the final chapters.

MalwarePersistenceScripts - A collection of scripts I've written to help red and blue teams with malware persistence techniques

  •    PowerShell

A collection of scripts I've written to help red and blue teams with malware persistence techniques. I take no responsibility for how they're used. These are techniques that I regularly use to ensure that my agents can survive reboots. Majority of my persistence scripts are written in PowerShell since it's an excuse for me to learn it. May these scripts help you evade many a blue team.


MalwLess - Test Blue Team detections without running any attack.

  •    CSharp

MalwLess is an open source tool that allows you to simulate system compromise or attack behaviours without running processes or PoCs. The tool is designed to test Blue Team detections and SIEM correlation rules. It provides a framework based on rules that anyone can write, so when a new technique or attack comes out you can write your own rules and share it a with the community. These rules can simulate Sysmon or PowerShell events. MalwLess can parse the rules and write them directly to the Windows EventLog, then you can foward it to your event collector.

macOS-ATTACK-DATASET - JSON DataSet for macOS mapped to MITRE ATT&CK Tactics.

  •    

JSON DATASET for macOS mapped to MITRE ATT&CK Techniques and Tactics recorded using Elastic Endpoint Security for macOS. N.B. for community contributions any forms of logs collection and formats are acceptable (preference for JSON).

kathe - A GUI/REST interface to find similarities in large sets (think: binaries). Based on ssdeep.

  •    Javascript

If you click the HTTP 200 code, it will open a new tab for you to the successful response that generated the graph. I found this sometimes comes in handy. For what kathe is, how it works and why I bothered building it, I kindly refer you to My slides for Bsides Cymru 2019.

Deploy-Deception - A PowerShell module to deploy active directory decoy objects.

  •    PowerShell

Import the module in the current PowerShell session. Use the script with dot sourcing.

Social Icons

Subscribe to our mailing list





Most Viewed Product

JForum
Asgbookphp - PHP Guestbook Script
Phorum - PHP based forum software
Usebb - UseBB forum software in PHP 4 and 5.3.
Crawltrack - Tracks the visits of Crawler
MyBB - professional,efficient discussion board
Storytlr - Lifestreaming and Microblogging platform written in PHP
Microlinkr - Tiny url generator
Webalizer - fast web server log file analysis
Simple Machines Forum - Elegant, Effective and Powerful

Recently Viewed Product

Coppermine - Photo Gallery in PHP
Awstats - Advanced web, streaming, ftp and mail server statistics
Buffalo - Rapid Web Development for Go
Plush - The powerful template system that Go needs
TypeDB - A strongly-typed database
Editor.md - The open source embeddable online markdown editor (component).
Tina - Site editing toolkit for modern React-based sites (Gatsby and Next.js)
react-markdown - Markdown component for React
Mantine - A fully featured React components library includes more than 120 customizable components and hooks
Prisma - Next-generation ORM for Node.js and TypeScript

We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.






2018 © findbestopensource.com. Made in India. All trademarks and copyrights are held by respective owners. Advertise  |  About us  |  Privacy Policy  |  Terms of Use  |