SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

Adversary tradecraft detection, protection, and hunting

Attack Graph Visualizer and Explorer (Active Directory) ...Who's *really* Domain Admin?

一款适用于红蓝对抗中的仿真钓鱼系统

Find cloud assets that no one wants exposed 🔎 ☁️

A BeaconEye implement in Golang. It is used to detect the cobaltstrike beacon from memory and extract some configuration.

Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives output with cryptographic hashes.

Detect real scammers with Wallet-Tracker CLI from anywhere.

The simplest way to find how to report abusive domains

dll劫持、dll hijack、Bypass Antivirus、Red Team

Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.

Is this IP a C2 server?

urlyzer is a URL parsing analysis tool.

Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.

A collection of Go tools I make while I learn a little about GoLang.

Collect IPFIX / Netflow v9 Records and Ship them to RITA for Analysis

⚙️ Operating Account Operators (OAO) is a Golang tool to interact with the LDAP protocol to manage account groups, roles, ACLs/ACEs, etc...

Continuous PII classification and reporting on the internet, powered by AI!

Linux Persistence Collector collects malware persistence entries in Linux and looks for IP addresses , domains and some keywords