Search Results for "red-files"
Sort By:
170 projects for "red-files" with 2 filters applied:
-
Retool your internal operationsBuild internal software that meets enterprise security standards without waiting on engineering resources. Retool connects to your databases, APIs, and data sources while maintaining the permissions and controls you need. Create custom dashboards, admin tools, and workflows from natural language prompts—all deployed in your cloud with security baked in. Stop duct-taping operations together, start building in Retool.
-
Atera all-in-one platform IT management software with AI agentsAtera’s AI agents don’t just assist, they act. From detection to resolution, they handle incidents and requests instantly, taking your IT management from automated to autonomous.
-
1
XRAY
XRay for recon, mapping and OSINT gathering from public networks
...It provides a framework for writing and executing inspection modules that can parse structured data (JSON, XML, HTML), traverse graphs of endpoints, and perform intelligent probing guided by discovered surface area. XRay is typically used as a reconnaissance and vulnerability discovery engine in red-team or app-security workflows: it leverages extensible plugins to adapt to different protocols, inject payloads, and detect common bug classes such as injection flaws, misconfigurations, and unsafe endpoints. The modular architecture means users can customize or extend the engine with new analyzers, fuzzers, or output formats tailored to specific testing environments. ... -
2
BadUSB
Flipper Zero badusb payload library
...It typically contains firmware examples, payloads, and explanations showing how a device presenting as a Human Interface Device (HID) can inject keystrokes, open shells, or orchestrate data exfiltration when plugged into a machine. The codebase is frequently intended for security research and defensive testing: defenders and red teams use it to validate endpoint controls, USB whitelisting, and user training. Due to the dual-use nature of such techniques, responsible repositories emphasize lab-only experiments, consent-based testing, and mitigations like disabling autorun, enforcing device policies, and using endpoint detection. -
3
Claude Code Security Review
An AI-powered security review GitHub Action using Claude
...Rather than relying purely on pattern matching or static analysis, this action feeds diffs and surrounding context to Claude to reason about potential vulnerabilities (e.g. injection, misconfigurations, secrets exposure, etc). When a PR is opened, the action analyzes only the changed files (diff-aware scanning), generates findings (with explanations, severity, and remediation suggestions), filters false positives using custom prompt logic, and posts comments directly on the PR. It supports configuration inputs (which files/directories to skip, model timeout, whether to comment on the PR, etc). The tool is language-agnostic (it doesn’t need language-specific parsers), uses contextual understanding rather than simplistic rules, and aims to reduce noise with smarter filtering. -
4
emp3r0r
Linux/Windows post-exploitation framework made by linux user
A post-exploitation framework for Linux/Windows. Initially, emp3r0r was developed as one of my weaponizing experiments. It was a learning process for me trying to implement common Linux adversary techniques and some of my original ideas. So, what makes emp3r0r different? First of all, it is the first C2 framework that targets Linux platform including the capability of using any other tools through it. Take a look at the features for more valid reasons to use it. -
eProcurement SoftwareeBuyerAssist by Eyvo is a cloud-based procurement solution designed for businesses of all sizes and industries. Fully modular and scalable, it streamlines the entire procurement lifecycle—from requisition to fulfillment. The platform includes powerful tools for strategic sourcing, supplier management, warehouse operations, and contract oversight. Additional modules cover purchase orders, approval workflows, inventory and asset management, customer orders, budget control, cost accounting, invoice matching, vendor credit checks, and risk analysis. eBuyerAssist centralizes all procurement functions into a single, easy-to-use system—improving visibility, control, and efficiency across your organization. Whether you're aiming to reduce costs, enhance compliance, or align procurement with broader business goals, eBuyerAssist helps you get there faster, smarter, and with measurable results.
-
5
Themis
Easy to use cryptographic framework for data protection
...Themis provides ready-made building blocks (“cryptosystems”) for secure data storage, message exchange, socket connections, and authentication. Secure Cell is a multi-mode cryptographic container suitable for storing anything from encrypted files to database records. Use Secure Cell to encrypt data at rest. Secure Cell is built around AES-256-GCM, and AES-256-CTR. Secure Message is a simple encrypted messaging solution for the widest scope of applications. Use Secure Message to send encrypted and signed data from one user to another, from client to server, to prevent MITM attacks and avoid single secret leakage. ... -
6
BleachBit
deletes junk files to free disk space and improve privacy
BleachBit frees disk space and maintains privacy. Cleans cache, Internet history, temporary files, logs, cookies, Firefox, Google Chrome, Flash, Windows, Linux, and more. Downloads are at www.bleachbit.org and source code is at GitHub. -
7
Anti-Spam SMTP Proxy Server
Anti-Spam SMTP Proxy Server implements multiple spam filters
The Anti-Spam SMTP Proxy (ASSP) Server project aims to create an open source platform-independent SMTP Proxy server which implements auto-whitelists, self learning Hidden-Markov-Model and/or Bayesian, Greylisting, DNSBL, DNSWL, URIBL, SPF, SRS, Backscatter, Virus scanning, attachment blocking, Senderbase and multiple other filter methods. Click 'Files' to download the professional version 2.8.1 build 24261. A linux(ubuntu 20.04 LTS) and a freeBSD 12.2 based ready to run OVA of ASSP V2 are also available for download. NOTICE: V1 development has been stopped at the end of 2014 (1.10.1 build 16060). Possibly there will be done some bugfixing in future. Please upgrade to V2, which is and will be actively maintained. -
8
DAR - Disk ARchive
For full, incremental, compressed and encrypted backups or archives
DAR is a command-line backup and archiving tool that uses selective compression (not compressing already compressed files), strong encryption, may split an archive in different files of given size and provides on-fly hashing, supports differential backup with or without binary delta, ftp and sftp protocols to remote cloud storage Archive internal's catalog, allows very quick restoration even a single file from a huge, eventually sliced, compressed, encrypted archive eventually located on a remote cloud storage, by only reading/fetching the necessary data to perform the operation. ... -
9
OpenAS2
AS2 1.1 server implementation in Java
...It is intended to be used as a server. It is extremely configurable and supports a wide variety of signing and encryption algorithms. Supports very high traffic volume allowing parallel processing of files per partner. SUPPORT: Please use the Github issues and Discussions channels here: https://github.com/OpenAS2/OpenAs2App/ Requirements: - Java 11 or newer (tested with the LTS versions of Java up to 21) - Any OS that runs Java Planned enhancements in the next major release: - User interace configuration GUI - Certificate Exchange Management IMPORTANT: Java 8 is no longer supported. -
Easy-to-use Business Software for the Waste Management Software IndustryDOP Software’s mission is to streamline waste and recycling business’ processes by providing them with dynamic, comprehensive software and services that increase productivity and quality of performance.
-
10
Wapiti
Wapiti is a web-application vulnerability scanner
Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections, Server Side Request Forgery, Open Redirects... It use the Python 3 programming language. -
11
readpe
The PE file analysis toolkit
readpe (formerly known as pev) is a multiplatform toolkit to work with PE (Portable Executable) binaries. Its main goal is to provide feature-rich tools for properly analyze binaries with a strong focus on suspicious ones. -
12
key-elf
Forensic tool to recover lost BTC private keys.
A powerful utility to hunt down Bitcoin private keys from deleted wallet.dat files or damaged hard drives. If you accidentally deleted your Bitcoin Core wallet or formatted your disk, this tool can help. It bypasses the file system and scans the raw data directly, looking for the unique "fingerprint" (ASN.1 signature) of Bitcoin private keys to recover them from the digital wreckage.The Graphical User Interface (GUI) is the advanced/premium version. -
13
FileHashler
cross-platform (Java) file encryption and archiving tool
Java based API (library) and console utility for cross-platform file and directory encryption and archiving. Encrypts single files up to 9.2 EB length. Directories can be encrypted as sets of single files in a single action. Uses Twofish (CBC) and SHA-256. Security level is strong and benefits from the PWS3 (Password Safe) encrypted file format. The level can be lowered to 128-bit key-length (normally 256). -
14
In-Browser-File-Encrypter
The source code of the In-Browser-File-Encrypter web app
The In-Browser File Encrypter is a simple web application that enables you to securely encrypt your files directly in your browser using the AES-256 encryption algorithm in CBC mode. Check it out at: https://codepen.io/Northstrix/pen/xxvXvJL and https://northstrix.github.io/In-Browser-File-Encrypter/V1.0/web-app.html GitHub page: https://github.com/Northstrix/In-Browser-File-Encrypter The download shortcut: https://sourceforge.net/projects/in-browser-file-encrypter/files/V1.0%20%28Improved%20UI%29/V1.0%20%28Improved%20UI%29.zip/download Successfully tested in Google Chrome on Windows 11 and Fedora 40. -
15
multiOTP open source
PHP strong authentication library, web interface & CLI, OATH certified
...SMS code sending is currently implemented for several providers (ASPSMS, Clickatell and IntelliSMS). The data storage of the command line utility is by default flat files based in order to simplify deployment in a few minutes, but MySQL backend is supported too. multiOTP can be easily integrated in RADIUS servers like FreeRADIUS under Linux/Windows or TekRADIUS LT under Windows. multiOTP is also the engine of the credential provider multiOTP Credential Provider. -
16
File Encoder Application
Java application for encryption
Java application for encryption with a GUI. It is based in the XOR symetric encryption combined with a pseudorandom resorting of the bytes. Strenth and time to encrypt/decyrpt per MB adapted to size of input file. Multithread. zoom Multilanguage Dark mode JDK-17 compatibility It includes detailed documentation in English, Spanish and Catalan. -
17
FMSec - File Manager Security
Security Extensions to File Managers
FMSec (File Manager SECurity) is a set of extensions to file managers that enable some security-related operations to be easily performed. The operations are: - encryption and decryption using OpenSSL (https://www.openssl.org/), - safe removing (shredding) files and directories (recursively), - mounting and unmounting TrueCrypt and VeraCrypt (https://www.veracrypt.fr/en/) volumes, - wiping the free space on a filesystem using WipeFreeSpace (https://wipefreespace.sourceforge.io/), - running programs with LibSecRm (https://libsecrm.sourceforge.io) preloaded, - running programs with LibHideIP (https://libhideip.sourceforge.io) preloaded, - running programs with LibNetBlock (https://libnetblock.sourceforge.io) preloaded, - generating digital certificates (X.509 / SSL / TLS / PKCS#12 / P12). ... -
18
Teardroid
It's easy to use android botnet work without port forwarding
It's easy to use Android botnet work without port forwarding, VPS, and Android Studio. Run Shell Command ( use findphno command in a run shell command to get the device phone number and use findx:pdf to find all the pdf files on the device ) It will prompt you with your Control Panel url enter your deta space control panel url without /v4 or your own server URL (without/at the end of the URL). You will also be prompted for the title and text of the notification. Enter what you want to display on the notification. Using your own keystore it's not recommended to use the default keystore you can modify the values in the Config.py file to use your own keystore with Teardroid v4. -
19
SecretManager
FR : Outil de partage des mots de passe, EN : Sharing tool passwords
* SecretManager V2 started. *New design and new features ************************************ This tool allows you to store (AES 256) and share passwords. Passwords are placed in groups. Groups are associated with user profiles. Finally, we associate user porfiles with users. So users have access to passwords for which they are authorized. In addition, it is possible to supervise the access to secrets (alarm and all access). -
20
Exposure Notifications Server
Exposure Notification Reference Server | Covid19 Exposure Notification
...It handles essential backend functions, including receiving and validating temporary exposure keys from users who have tested positive, storing those keys, and generating downloadable key files for mobile devices to check for potential exposure matches. The system integrates cryptographic signing for authenticity, supports configurable data retention policies, and ensures user privacy by design—no personally identifiable information is stored or transmitted. Built to be platform-agnostic, it can be deployed on any infrastructure or cloud service. -
21
Alan Framework
A C2 post-exploitation framework
Alan Framework is a post-exploitation framework useful during red-team activities. You can run your preferred tool directly in-memory. JavaScript script execution (in-memory without third party dependency) Fully compliant SOCKS5 proxy. Supported agent types: Powershell (x86/x64), DLL (x86/x64), Executable (x86/x64), Shellcode (x86/x64). Server.exe can be executed in Linux (via dotnet core) The network communication is fully encrypted with a session key not recoverable from the agent binary or from a traffic dump. ... -
22
Chromepass
Hacking Chrome Saved Passwords
Chromepass is a python-based console application that generates a windows executable with the following features. Decrypt Google Chrome, Chromium, Edge, Brave, Opera and Vivaldi saved paswords and cookies. Send a file with the login/password combinations and cookies remotely (http server or email) Undetectable by AV if done correctly. Custom icon, custom error message, customize port. The new client build methodology practically ensures a 0% detection rate, even without AV-evasion tactics.... -
23
PyExfil
A Python Package for Data Exfiltration
...The purpose of PyExfil is to set as many exfiltrations, and now also communication, techniques that CAN be used by various threat actors/malware around to bypass various detection and mitigation tools and techniques. You can track changes at the official GitHub page. Putting it simply, it’s meant to be used as a testing tool rather than an actual Red Teaming tool. Although most techniques and methods should be easily ported and compiled to various operating systems, some stable some experimental, the transmission mechanism should be stable on all techniques. Clone it, deploy on a node in your organization and see which systems can catch which techniques. -
24
This is a simple web tool which allows users of a website to "securely" submit messages and files. They are sent over HTTPS to the server and there encrypted and forwarded to the administrator.
-
25
mod_sslcrl
Automatically updates and applies certificate revocation lists
mod_sslcrl is a module for the Apache Web server implementing CRL (Certificate Revocation Lists) verification automatically downloading new CRL files from the corresponding CA.
