Search Results for "attacker"
Sort By:
Showing 59 open source projects for "attacker"
View related business solutions-
Earn up to 16% annual interest with Nexo.Put idle assets to work with competitive interest rates, borrow without selling, and trade with precision. All in one platform. Geographic restrictions, eligibility, and terms apply.
-
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
1
Beelzebub
A secure low code honeypot framework
...Honeypots are systems intentionally exposed to attackers in order to capture malicious behavior, and Beelzebub enhances this concept by incorporating artificial intelligence and virtualization techniques. The platform allows organizations and researchers to deploy decoy services that mimic real infrastructure while recording attacker interactions. By using AI models to simulate realistic system behavior, the honeypot becomes harder for attackers to identify, increasing the likelihood that malicious activity can be observed and analyzed. The framework is designed with a low-code configuration approach so security teams can easily deploy honeypots for multiple services and ports. -
2
GTFOBins
GTFOBins is a curated list of Unix binaries
GTFOBins is a curated catalog of Unix / POSIX system binaries and how they can be misused to bypass restrictions, escalate privileges, exfiltrate data, spawn shells, or otherwise act as “living off the land” tools in a compromised environment. It collects documented techniques for how everyday binaries (e.g. awk, bash, tar, scp) can be abused under constrained conditions. Indexed list of Unix binaries and documented misuse techniques. Examples of command invocations to exploit... -
3
Algo VPN
Set of Ansible scripts that simplifies the setup of a personal VPN
...For anyone who is privacy conscious, travels for work frequently, or can’t afford a dedicated IT department, this one’s for you. Really, the paid-for services are just commercial honeypots. If an attacker can compromise a VPN provider, they can monitor a whole lot of sensitive data. Paid-for VPNs tend to be insecure: they share keys, their weak cryptography gives a false sense of security, and they require you to trust their operators. Even if you’re not doing anything wrong, you could be sharing the same endpoint with someone who is. ... -
4
Joern
Open-source code analysis platform for C/C++/Java/Binary/Javascript
Joern is a platform for analyzing source code, bytecode, and binary executables. It generates code property graphs (CPGs), a graph representation of code for cross-language code analysis. Code property graphs are stored in a custom graph database. This allows code to be mined using search queries formulated in a Scala-based domain-specific query language. Joern is developed with the goal of providing a useful tool for vulnerability discovery and research in static program analysis. -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
Shannon
Fully autonomous AI hacker to find actual exploits in your web apps
...Instead of requiring you to manually reproduce findings, Shannon is designed to produce actionable evidence that a weakness can be weaponized, which helps teams prioritize what truly matters. It positions itself as a pre-attacker safety net, aiming to break your web app before someone else does and thereby reduce the gap between “potentially vulnerable” and “confirmed exploitable.” -
6
Kubernetes Goat
Kubernetes Goat is a "Vulnerable by Design" cluster environment
...Understand how attackers think, work, and exploit security issues, and apply these learnings to detect and defend them. Also, learn best practices, defenses, and tools to mitigate, and detect in the real world. Learn the hacks, defenses, and tools. So that you can think like an attacker, and secure your Kubernetes, cloud, and container workloads right from the design, code, and architecture itself to prevent them. Use Kubernetes Goat to showcase the effectiveness of the tools, product, and solution. Also, educate the customers and share your product or tool knowledge in an interactive hands-on way. -
7
PowerUpSQL
A PowerShell toolkit for attacking SQL Server
PowerUpSQL is a PowerShell toolkit focused on auditing, discovering, and post-exploitation activities for Microsoft SQL Server environments. It bundles a wide range of functions that help enumerate SQL Server instances, configuration settings, and potentially risky features so operators and testers can quickly understand an instance's security posture. The project is aimed at internal penetration testers and red-teamers but is also useful for database administrators and defenders who want to... -
8
Maltrail
Malicious traffic detection system
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything from domain name, URL, IP address (e.g. 185.130.5.231 for the known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in the discovery of unknown threats (e.g. new malware). Sensor(s) is a standalone component running on the monitoring node (e.g. Linux platform connected passively to the SPAN/mirroring port or transparently inline on a Linux bridge) or at the standalone machine (e.g. ... -
9
endlessh-go
A golang implementation of endlessh exporting Prometheus metrics
Endlessh is a great idea that not only blocks the brute force SSH attacks, but also wastes attackers time as a kind of counter-attack. Besides trapping the attackers, I also want to visualize the Geolocations and other statistics of the sources of attacks. Unfortunately the wonderful original C implementation of endlessh only provides text based log, but I do not like the solution that writes extra scripts to parse the log outputs, then exports the results to a dashboard, because it would... -
$300 in Free Credit Towards Top Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
-
10
react-native-keychain
Keychain Access for React Native
...The encrypted data is then stored in SharedPreferences. Since Conceal itself stores its encryption key in SharedPreferences, it follows that if the device is rooted (or if an attacker can somehow access the filesystem), the key can be obtained and the stored data can be decrypted. Therefore, on such a device, the concealed encryption is only an obscurity. On API level 23+ the key is stored in the Android Keystore, which makes the key non-exportable and therefore makes the entire process more secure. Follow best practices and do not store user credentials on a device. ... -
11
Latte
The safest & truly intuitive templates for PHP
The first truly secure and intuitive templates for PHP. The most common critical vulnerability in websites is Cross-Site Scripting (XSS). It allows an attacker to insert a malicious script into a page that executes in the browser of an unsuspecting user. It can modify the page, obtain sensitive information or even steal the user's identity. Templating systems fail to defend against XSS. Latte is the only system with an effective defense, thanks to context-sensitive escaping. Latte is based on PHP, whereas Twig is based on Python. ... -
12
Domain Password Spray
A tool written in PowerShell to perform password assessments
DomainPasswordSpray is a focused security tool designed to perform enterprise-scale password spraying assessments against Active Directory environments. It automates the process of attempting common or customized passwords against many accounts while respecting timing and throttling controls to reduce obvious lockout noise. The project includes features for credential list management, target selection (users, service accounts, or collections), and configurable rate limits so testers can tune... -
13
Pacu
The AWS exploitation framework, designed for testing security
Pacu (named after a type of Piranha in the Amazon) is a comprehensive AWS security-testing toolkit designed for offensive security practitioners. While several AWS security scanners currently serve as the proverbial “Nessus” of the cloud, Pacu is designed to be the Metasploit equivalent. Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. Pacu is the aggregation of all of the exploitation experience... -
14
Parsedown
Better markdown parser in PHP
...In both cases you should strongly consider employing defence-in-depth measures, like deploying a Content-Security-Policy (a browser security feature) so that your page is likely to be safe even if an attacker finds a vulnerability in one of the first lines of defence. Safe mode does not necessarily yield safe results when using extensions to Parsedown. Extensions should be evaluated on their own to determine their specific safety against XSS. -
15
sqlmap
Automatic SQL injection and database takeover tool
sqlmap is a powerful, feature-filled, open source penetration testing tool. It makes detecting and exploiting SQL injection flaws and taking over the database servers an automated process. sqlmap comes with a great range of features that along with its powerful detection engine make it the ultimate penetration tester. It offers full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, and many other database management systems. It also... -
16
VeraCrypt
Open source disk encryption with strong security for the Paranoid
...This enhanced security adds some delay ONLY to the opening of encrypted partitions without any performance impact to the application use phase. This is acceptable to the legitimate owner but it makes it much harder for an attacker to gain access to the encrypted data. All released files are PGP signed with key ID=0x680D16DE, available on key servers and downloadable at https://www.idrix.fr/VeraCrypt/VeraCrypt_PGP_public_key.asc VeraCrypt can mount TrueCrypt volumes. It also can convert them to VeraCrypt format. Documentation: https://www.veracrypt.fr/en/Documentation.html FAQ : https://www.veracrypt.fr/en/FAQ.html -
17
hookprobe
Free AI that blocks hackers while you sleep. Runs on cheap hardware
...The stack includes NAPSE (AI packet inspection), HYDRA (threat intelligence pipeline), SENTINEL (ML classification engine), and AEGIS (autonomous defense orchestrator). In production, a single Raspberry Pi 5 processes 11M+ security events, classifies 177K ML verdicts, and tracks 11,800+ attacker IPs — all autonomously. Key features: - 5-minute install on Raspberry Pi 5 or any Linux device - eBPF/XDP wire-speed packet filtering and DDoS mitigation - ML-based threat classification (benign/suspicious/malicious - Real-time QSecBit security posture scoring - Web dashboard with live threat visualization - Post-quantum cryptography (Kyber KEM) - Collective mesh defense across nodes -
18
...It takes a string and brute-forces a prefix for it so that the hash of the string with the prefix has a certain number of leading zeroes. But that alone would've been too easy to hack. To prevent an attacker from forging the keys by generating a new prefix: the hash latch doesn't output the keys in the plaintext. Instead, it encrypts the key and outputs the ciphertext. That means that instead of giving you the actual key, it gives you a safe containing the key. This approach allows the hash latch to protect itself from forged keys and also enables you to put the same key into multiple safes without the recipients of these safes knowing they have the same key (even if they compare their ciphertexts). ...
-
19
Slipstream
NAT Slipstreaming allows an attacker to remotely access any TCP/UDP
...The attack is able to bypass browser port restrictions by fragmenting or massaging packets so that the “exploit payload” lands in a packet boundary that gets parsed by the NAT/ALG as a legitimate protocol packet (e.g. SIP or H.323). Once successful, the NAT/firewall is deceived into opening a “hole” (port forwarding) back to the internal host, enabling the attacker to connect directly to internal services. -
20
Casper-fs
Casper-fs is a Custom LKM generator to protect and hide files.
Casper-fs is a Custom Hidden Linux Kernel Module generator. Each module works in the file system to protect and hide secret files.The motivation: An attacker can read every file in your machine in a bad situation. But if you have a Casper-fs custom module, the attacker will not find the hidden kernel module that has functions to turn any file invisible and protect to block read/remove/edit actions. My beginning purpose at this project is to protect my server, which is to protect my friends' machines. ... -
21
HiddenWall
hidden firewall, custom firewall in kernel
HiddenWall is a Linux kernel module generator for custom rules with netfilter. (block ports, Hidden mode, rootkit functions etc). The motivation: on bad situation, attacker can put your iptables/ufw to fall... but if you have HiddenWall, the attacker will not find the hidden kernel module that block external access, because have a hook to netfilter on kernel land(think like a second layer for firewall). My beginning purpose at this project is protect my personal server, now is protect the machines of my friends. ... -
22
VaultSync
Sync directories and files in a secure folder on an external drive
VaultSync keeps synchronised data backups from one or more computers in an encrypted vault that is locked with a password. It is optimised to operate on a flash or external drive with minimal installation but it can also work on a hosted storage system like Dropbox, One Drive or Google Drive. It is really important that a backup is simple and fast to make. There is no point in having to decide what files are important or what has changed at the time of the backup, or having to manually... -
23
CVE-2021-31166
Remote HTTP.sys use-after-free triggered remotely
...UlpParseContentCoding where the function has a local LIST_ENTRY and appends an item to it. When it's done, it moves it into the Request structure; but it doesn't NULL out the local list. The issue with that is that an attacker can trigger a code-path that frees every entry of the local list leaving them dangling in the Request object. -
24
MaskPhish
Introducing "URL Making Technology" to the world
...It can be integrated into Phishing tools (with proper credits) to look the URL legit. Hiding phishing links in normal-looking trust-able links is a bigger part of social engineering. By using this method the attacker owns the trust of the victim, and the victim treats the phishing link as a normal link because the top-level domain (like Google, YouTube, New York Times, etc) is considered clean. -
25
PiracyChecker
An Android library that prevents your app from being pirated
...This library applies some techniques to help protect your app's users and attempt to thwart reverse engineers and attackers. BUT, this isn't guaranteed to stop your app from getting pirated. There is no such thing as 100% security, and a determined and skilled attacker with enough time, could remove these checks from the code. The real objective here is to raise the bar out of reach of opportunist and automatic attackers. Google Play offers a licensing service that lets you enforce licensing policies for applications that you publish on Google Play. With Google Play Licensing, your application can query Google Play to obtain the licensing status for the current user. ...
