Showing 37 open source projects for "attack detection"

View related business solutions
  • $300 Free Credits for Your Google Cloud Projects Icon
    $300 Free Credits for Your Google Cloud Projects

    Start building on Google Cloud with $300 in free credits. No commitment, no credit card required until you're ready to scale.

    Launch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
    Start Free Trial
  • Compliant and Reliable File Transfers Backed by Top Security Certifications Icon
    Compliant and Reliable File Transfers Backed by Top Security Certifications

    Cerberus FTP Server delivers SOC 2 Type II certified security and FIPS 140-2 validated encryption.

    Stop relying on non-certified, legacy file transfer tools that creak under the weight of modern security demands. Get full audit trails, advanced access controls and more supported by an award-winning team of experts. Start your free 25-day trial today.
    Start Free Trial
  • 1
    Splunk Attack Range

    Splunk Attack Range

    A tool that allows you to create vulnerable environments

    The Splunk Attack Range is an open-source project maintained by the Splunk Threat Research Team. It builds instrumented cloud (AWS, Azure) and local environments (Virtualbox), simulates attacks, and forwards the data into a Splunk instance. This environment can then be used to develop and test the effectiveness of detections.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 2
    RedAmon

    RedAmon

    AI-powered framework for automated penetration testing and red teaming

    RedAmon is an AI-powered red team framework designed to automate offensive cybersecurity operations from reconnaissance to exploitation and post-exploitation. It combines artificial intelligence with traditional penetration testing tools to create a fully autonomous pipeline capable of discovering vulnerabilities and executing security assessments without human intervention. It begins with a multi-phase reconnaissance engine that maps the entire attack surface of a target, collecting...
    Downloads: 7 This Week
    Last Update:
    See Project
  • 3
    Web-Check

    Web-Check

    All-in-one OSINT tool for analysing any website

    Comprehensive, on-demand open source intelligence for any website. Get an insight into the inner-workings of a given website: uncover potential attack vectors, analyse server architecture, view security configurations, and learn what technologies a site is using. Currently the dashboard will show: IP info, SSL chain, DNS records, cookies, headers, domain info, search crawl rules, page map, server location, redirect ledger, open ports, traceroute, DNS security extensions, site performance,...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 4
    Arcjet

    Arcjet

    Arcjet JS SDKs. Rate limiting, bot protection, email verification

    Arcjet helps developers protect their apps in just a few lines of code. Implement rate limiting, bot protection, email verification, and defense against common attacks. Native security for Bun, Next.js, Node.js, SvelteKit, Vercel, Netlify, Fly.io, and other modern platforms. Customizable protection for signup forms, login pages, API routes, and your whole app. Test security rules locally. Protection that works in every environment. No agent is required.
    Downloads: 2 This Week
    Last Update:
    See Project
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • 5
    Claw Hunter

    Claw Hunter

    MDM-ready scripts for detecting and monitoring OpenClaw

    Claw Hunter is an open-source security tool designed to detect, analyze, and mitigate risks associated with autonomous AI agents, specifically those built on platforms like OpenClaw. As agentic AI systems gain popularity, they introduce a new class of security challenges because they can execute commands, access files, and interact with external systems with minimal human oversight. Claw-Hunter addresses this emerging threat landscape by providing visibility into these agents, helping...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 6
    tirith

    tirith

    Your browser catches homograph attacks

    Tirith is a terminal security guardrail that inspects what you paste or run in your shell and blocks or warns on suspicious patterns before execution, addressing an area where terminals traditionally provide almost no protection. It targets real-world attack classes like Unicode homograph URLs (lookalike domains), terminal injection tricks (ANSI escape sequences and bidi overrides), and “pipe-to-shell” installation patterns such as curl | bash that attackers frequently abuse. The project...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 7
    Coraza

    Coraza

    OWASP Coraza WAF is a golang modsecurity compatible firewall library

    ...Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 8
    xsrfprobe

    xsrfprobe

    Advanced toolkit for detecting and exploiting CSRF vulnerabilities

    XSRFProbe is an advanced security auditing toolkit designed to detect and analyze Cross Site Request Forgery (CSRF/XSRF) vulnerabilities in web applications. It uses an automated crawling engine that continuously scans a target application, collects forms and endpoints, and evaluates them for potential CSRF weaknesses. XSRFProbe performs numerous systematic checks to determine whether a web endpoint is vulnerable, including inspection of anti-CSRF tokens, cookie validation behavior, and...
    Downloads: 5 This Week
    Last Update:
    See Project
  • 9
    SSRFmap

    SSRFmap

    Automatic SSRF fuzzer and exploitation tool

    SSRFmap is a specialized security tool designed to automate the detection and exploitation of Server Side Request Forgery (SSRF) vulnerabilities. It takes as input a Burp request file and a user-specified parameter to fuzz, enabling you to fast-track the identification of SSRF attack surfaces. It includes multiple exploitation “modules” for common SSRF-based attacks or pivoting techniques, such as DNS zone transfers, MySQL/Postgres command execution, Docker API info leaks, and network scans. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • Build Agents and Models on One Platform Icon
    Build Agents and Models on One Platform

    Everything you need to build production-ready agents and models. Access 200+ Google and third-party AI models and tools.

    Gemini Enterprise Agent Platform is Google Cloud's comprehensive platform for developers to build, scale, govern, and optimize agents and models. Choose from Google's most advanced models and third-party models like Anthropic's Claude Model Family.
    Try It Free
  • 10
    sqlmap

    sqlmap

    Automatic SQL injection and database takeover tool

    sqlmap is a powerful, feature-filled, open source penetration testing tool. It makes detecting and exploiting SQL injection flaws and taking over the database servers an automated process. sqlmap comes with a great range of features that along with its powerful detection engine make it the ultimate penetration tester. It offers full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, and many other database management systems. It also...
    Downloads: 21 This Week
    Last Update:
    See Project
  • 11
    GmSSL

    GmSSL

    Password toolbox that supports national secret

    GmSSL is an open source library of domestic commercial ciphers independently developed by Peking University. It realizes comprehensive functional coverage of national secret algorithms, standards, and secure communication protocols. It supports mainstream operating systems and processors including mobile terminals, and supports cryptographic keys, Cipher cards and other typical domestic cryptographic hardware provide feature-rich command line tools and multiple compiled language programming...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 12
    Hardened Slarpx

    Hardened Slarpx

    Experimental hardened Linux based on Xennytsu,Poison,Silencer engine

    WARNING: EXPERIMENTAL / UNSTABLE RESEARCH PROJECT. NOT INTENDED FOR DAILY USE. Hardened Slarpx is a Debian-based Linux distribution built with a strict security-first approach. It uses a multi-layered defense model with aggressive mitigations and extensive kernel-level hardening. Due to its highly restrictive firewall policy, anonymization tools and certain network protocols are intentionally unsupported. The distribution includes there custom runtime security modules: Poison , Xennytsu...
    Leader badge
    Downloads: 0 This Week
    Last Update:
    See Project
  • 13
    Network Flight Simulator

    Network Flight Simulator

    A utility to safely generate malicious network traffic patterns

    flightsim is a lightweight utility used to generate malicious network traffic and help security teams to evaluate security controls and network visibility. The tool performs tests to simulate DNS tunneling, DGA traffic, requests to known active C2 destinations, and other suspicious traffic patterns.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 14
    Seven Kingdoms: Ambition

    Seven Kingdoms: Ambition

    An enhanced version of 7K:AA (Seven Kingdoms: Ancient Adversaries).

    Seven Kingdoms: Ambition is a real-time game of epic strategy and empire building featuring economy management, warfare, and intrigue. It is an updated and enhanced version of 7kaa (7K: Ancient Adversaries) featuring numerous fixes and improvements. https://discord.gg/xJs99xK38G Begin with a single, modest village under your command, and an entire world to be conquered by force of arms, guile, persuasion, or whatever other means you choose. Wage open warfare on your rivals, or forge...
    Downloads: 27 This Week
    Last Update:
    See Project
  • 15
    Adaptive Intelligence

    Adaptive Intelligence

    Adaptive Intelligence also known as "Artificial General Intelligence"

    Adaptive Intelligence is the implementation of neural science, forensic psychology , behavioral science with machine-learning and artificial intelligence to provide advanced automated software platforms with the ability to adjust and thrive in dynamic environments by combining cognitive flexibility, emotional regulation, resilience, and practical problem-solving skills.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 16
    Darklings FightingGame

    Darklings FightingGame

    DARKLINGS is an accessible F2P 2D fighting game with periodic updates

    Darklings Fighting Game is a 2D fighting game prototype built in Godot Engine, featuring stylized characters, hitboxes, and responsive controls. It serves as a base or learning tool for developers interested in building their own fighting games with modular character systems and mechanics.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 17
    VcenterKit

    VcenterKit

    Vcenter Comprehensive Penetration and Exploitation Toolkit

    VcenterKit is a Python-based toolkit focused on penetration testing and exploitation targeting VMware vCenter environments, giving security researchers and red team professionals a consolidated toolset to assess and exploit known vulnerabilities. The project includes modules that automate the detection and exploitation of specific CVEs (common vulnerabilities and exposures) in vCenter servers, often used to manage virtual infrastructure in enterprise environments. With features tailored toward reconnaissance, vulnerability triggering, and payload generation, the toolkit helps testers simulate real-world attack vectors on vulnerable vCenter instances. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 18
    Infection Monkey

    Infection Monkey

    Infection Monkey is a automated security testing tool for networks

    Infection Monkey is a open source automated security testing tool for testing a network's security baseline. Monkey is a tool that infects machines and propagates and Monkey Island is the server for an administrator to control and visualize progress of Infection Monkey.
    Downloads: 4 This Week
    Last Update:
    See Project
  • 19
    Shennina

    Shennina

    Automating Host Exploitation with AI

    Shennina is an automated host exploitation framework. The mission of the project is to fully automate the scanning, vulnerability scanning/analysis, and exploitation using Artificial Intelligence. Shennina is integrated with Metasploit and Nmap for performing the attacks, as well as being integrated with an in-house Command-and-Control Server for exfiltrating data from compromised machines automatically. Shennina scans a set of input targets for available network services, uses its AI engine...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 20
    OneForAll

    OneForAll

    OneForAll is a powerful subdomain collection tool

    ...The tool is particularly notable for incorporating many Chinese data sources that are often missed by Western-focused recon tools, increasing discovery coverage. It supports brute-force subdomain discovery, recursive scanning, and takeover detection to help identify potential attack surfaces. OneForAll also performs validation and enrichment of discovered domains, producing structured outputs for further analysis. Overall, it is a powerful asset discovery platform designed to maximize subdomain visibility during security assessments.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 21
    Kubesploit

    Kubesploit

    Kubesploit is a cross-platform post-exploitation HTTP/2 Command

    ...It can help the organization learn how to operate when real attacks happen, see if its other detection system works as expected and what changes should be made.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 22
    ReconSpider

    ReconSpider

    Most Advanced Open Source Intelligence (OSINT) Framework

    ...ReconSpider aggregate all the raw data, visualize it on a dashboard, and facilitate alerting and monitoring on the data. Recon Spider also combines the capabilities of Wave, Photon and Recon Dog to do a comprehensive enumeration of attack surfaces. Reconnaissance is a mission to obtain information by various detection methods, about the activities and resources of an enemy or potential enemy, or geographic characteristics of a particular area. A Web crawler, sometimes called a spider or spiderbot and often shortened to crawler, is an Internet bot that systematically browses the World Wide Web, typically for the purpose of Web indexing (web spidering).
    Downloads: 3 This Week
    Last Update:
    See Project
  • 23
    Hyenae NG

    Hyenae NG

    Advanced Network Packet Generator

    Hyenae NG is an advanced cross-platform network packet generator and the successor of Hyenae. It features full network layer spoofing, pattern based address randomization and flood detection breaking mechanisms. *** Please check out the latest source from my GitHub repository and check the Build informations. https://github.com/r-richter/hyenae-ng/
    Downloads: 0 This Week
    Last Update:
    See Project
  • 24
    OWASP ModSecurity CRS

    OWASP ModSecurity CRS

    OWASP ModSecurity Core Rule Set (CRS) Project

    The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 25
    Security Datasets

    Security Datasets

    Re-play Security Events

    Security‑Datasets is a community-driven repository maintained by the Open Threat Research Forge (OTRF) that curates publicly available malicious and benign datasets for threat-hunting, machine learning, event analysis, and cybersecurity research. Datasets include Windows events, logs, alerts, and simulated attack data to support detection engineering and academic research.
    Downloads: 2 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • 2
  • Next