CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting information is certainly very useful for conducting further penetration testing, and analyzing websites with the same server.

a tool to enumerate the resource records of a DNS zone using its DNSSEC NSEC or NSEC3 chain

Advanced kernel-native security framework to disrupt and prevent DNS-based breaches including C2 channels and tunneling with zero data loss. Combines TC, Netfilter, raw socket interception, BPF maps, and ring buffers, runs entirely on eBPF in the Linux kernel. Integrates with deep learning for advanced intelligent EDR

Command-line tool to detect email spoofing vulnerabilities by analyzing SPF and DMARC DNS records. Supports single and bulk domain checks with multiple output formats.

Configuration of filtering caching DNS server with DoH/DoH3/DoT/DoQ interfaces and second level cache. Ready for Prometheus, Loki, Promtail, Grafana.

Multi-layer real-time MITM protection for Linux — blocks ARP poisoning, DNS spoofing, rogue DHCP offers, rogue access points, SSL strip, broadcast poisoning (LLMNR, mDNS, NBNS, WS-Discovery), ICMP redirect exploits, HTTPS to HTTP downgrade attacks

Hardened Ubuntu 25.10 - NextDNS DoH

Bulk domain email security lockdown tool that prevents email phishing and spoofing attacks by automatically configuring SPF hard fail, null MX records, and DMARC rejection policies on unused Cloudflare-managed domains.

Secure your online experience with AdGuard Home, your ultimate solution for a clean and safe browsing environment.

Setting up DNS SEC Through Local Resolution Using Docker Containers - An Analysis

DANE Record Validator validates DANE/TLSA DNS records used for certificate authentication, providing security analysis and best practice recommendations.

A guide and config files for turning a Raspberry Pi into a powerful ad & malware blocker. This setup uses Pi-hole + Unbound for a private, secure, and self-hosted DNS solution that keeps your browsing history away from your ISP. 🛡️

An advanced, security-focused network traffic analysis tool designed for system administrators, cybersecurity professionals, and network engineers. The xsukax PCAP Analyzer provides comprehensive insights into network behavior while maintaining strong privacy protections and offering advanced threat detection capabilities.

Deterministic DNS Defense Module - Replace probabilistic threat detection with cryptographic verification and strict enforcement

一些用于学习DNS&DNSSEC的项目。 Some projects for self-learning & exploring DNS.