Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, build your taylor-made EASM tool, co…

Sampling profiler for Python programs

Scapy: the Python-based interactive packet manipulation program & library.

Official command-line client for RIPE Atlas

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl

Detect Browsers, OS, Devices, Bots, AI Crawlers, Apps, and more. Run in Browser (client-side) or Node.js (server-side).

Web browser forensics for Google Chrome/Chromium

Investigate malicious Windows logon by visualizing and analyzing Windows event log

Digital Forensics artifact repository

yarGen is a generator for YARA rules

A curated list of IDA x64DBG, Ghidra and OllyDBG plugins.

An Android NFC app for reading, writing, analyzing, etc. MIFARE Classic RFID tags.

analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multiple formats.

Extracts emails and attachments saved in Microsoft Outlook's .msg files

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

Pure Python parser for Windows Event Log files (.evtx)

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

A little tool to play with Windows security

JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

The official home of the LibVMI project is at https://github.com/libvmi/libvmi.

A modern Python-3-based alternative to RegRipper

SMBMap is a handy SMB enumeration tool

CLI tool for open source and threat intelligence

A cd command that learns - easily navigate directories from the command line

Python tool and library for decrypting and encrypting MS Office files using passwords or other keys

A library and cli tool to extract HWP files.

a recon tool that allows searching on URLs that are exposed via shortener services