Search Results for "attacker"
Sort By:
Showing 39 open source projects for "attacker"
View related business solutions-
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI. Switch between models without switching platforms.
-
8 Monitoring Tools in One APM. Install in 5 Minutes.AppSignal works out of the box for Ruby, Elixir, Node.js, Python, and more. 30-day free trial, no credit card required.
-
1
Beelzebub
A secure low code honeypot framework
...Honeypots are systems intentionally exposed to attackers in order to capture malicious behavior, and Beelzebub enhances this concept by incorporating artificial intelligence and virtualization techniques. The platform allows organizations and researchers to deploy decoy services that mimic real infrastructure while recording attacker interactions. By using AI models to simulate realistic system behavior, the honeypot becomes harder for attackers to identify, increasing the likelihood that malicious activity can be observed and analyzed. The framework is designed with a low-code configuration approach so security teams can easily deploy honeypots for multiple services and ports. -
2
Algo VPN
Set of Ansible scripts that simplifies the setup of a personal VPN
...For anyone who is privacy conscious, travels for work frequently, or can’t afford a dedicated IT department, this one’s for you. Really, the paid-for services are just commercial honeypots. If an attacker can compromise a VPN provider, they can monitor a whole lot of sensitive data. Paid-for VPNs tend to be insecure: they share keys, their weak cryptography gives a false sense of security, and they require you to trust their operators. Even if you’re not doing anything wrong, you could be sharing the same endpoint with someone who is. ... -
3
Kubernetes Goat
Kubernetes Goat is a "Vulnerable by Design" cluster environment
...Understand how attackers think, work, and exploit security issues, and apply these learnings to detect and defend them. Also, learn best practices, defenses, and tools to mitigate, and detect in the real world. Learn the hacks, defenses, and tools. So that you can think like an attacker, and secure your Kubernetes, cloud, and container workloads right from the design, code, and architecture itself to prevent them. Use Kubernetes Goat to showcase the effectiveness of the tools, product, and solution. Also, educate the customers and share your product or tool knowledge in an interactive hands-on way. -
4
Joern
Open-source code analysis platform for C/C++/Java/Binary/Javascript
Joern is a platform for analyzing source code, bytecode, and binary executables. It generates code property graphs (CPGs), a graph representation of code for cross-language code analysis. Code property graphs are stored in a custom graph database. This allows code to be mined using search queries formulated in a Scala-based domain-specific query language. Joern is developed with the goal of providing a useful tool for vulnerability discovery and research in static program analysis. -
Full-stack observability with actually useful AI | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
5
Shannon
Fully autonomous AI hacker to find actual exploits in your web apps
...Instead of requiring you to manually reproduce findings, Shannon is designed to produce actionable evidence that a weakness can be weaponized, which helps teams prioritize what truly matters. It positions itself as a pre-attacker safety net, aiming to break your web app before someone else does and thereby reduce the gap between “potentially vulnerable” and “confirmed exploitable.” -
6
GTFOBins
GTFOBins is a curated list of Unix binaries
GTFOBins is a curated catalog of Unix / POSIX system binaries and how they can be misused to bypass restrictions, escalate privileges, exfiltrate data, spawn shells, or otherwise act as “living off the land” tools in a compromised environment. It collects documented techniques for how everyday binaries (e.g. awk, bash, tar, scp) can be abused under constrained conditions. Indexed list of Unix binaries and documented misuse techniques. Examples of command invocations to exploit... -
7
endlessh-go
A golang implementation of endlessh exporting Prometheus metrics
Endlessh is a great idea that not only blocks the brute force SSH attacks, but also wastes attackers time as a kind of counter-attack. Besides trapping the attackers, I also want to visualize the Geolocations and other statistics of the sources of attacks. Unfortunately the wonderful original C implementation of endlessh only provides text based log, but I do not like the solution that writes extra scripts to parse the log outputs, then exports the results to a dashboard, because it would... -
8
Domain Password Spray
A tool written in PowerShell to perform password assessments
DomainPasswordSpray is a focused security tool designed to perform enterprise-scale password spraying assessments against Active Directory environments. It automates the process of attempting common or customized passwords against many accounts while respecting timing and throttling controls to reduce obvious lockout noise. The project includes features for credential list management, target selection (users, service accounts, or collections), and configurable rate limits so testers can tune... -
9
Latte
The safest & truly intuitive templates for PHP
The first truly secure and intuitive templates for PHP. The most common critical vulnerability in websites is Cross-Site Scripting (XSS). It allows an attacker to insert a malicious script into a page that executes in the browser of an unsuspecting user. It can modify the page, obtain sensitive information or even steal the user's identity. Templating systems fail to defend against XSS. Latte is the only system with an effective defense, thanks to context-sensitive escaping. Latte is based on PHP, whereas Twig is based on Python. ... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
Parsedown
Better markdown parser in PHP
...In both cases you should strongly consider employing defence-in-depth measures, like deploying a Content-Security-Policy (a browser security feature) so that your page is likely to be safe even if an attacker finds a vulnerability in one of the first lines of defence. Safe mode does not necessarily yield safe results when using extensions to Parsedown. Extensions should be evaluated on their own to determine their specific safety against XSS. -
11
PowerUpSQL
A PowerShell toolkit for attacking SQL Server
PowerUpSQL is a PowerShell toolkit focused on auditing, discovering, and post-exploitation activities for Microsoft SQL Server environments. It bundles a wide range of functions that help enumerate SQL Server instances, configuration settings, and potentially risky features so operators and testers can quickly understand an instance's security posture. The project is aimed at internal penetration testers and red-teamers but is also useful for database administrators and defenders who want to... -
12
sqlmap
Automatic SQL injection and database takeover tool
sqlmap is a powerful, feature-filled, open source penetration testing tool. It makes detecting and exploiting SQL injection flaws and taking over the database servers an automated process. sqlmap comes with a great range of features that along with its powerful detection engine make it the ultimate penetration tester. It offers full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, and many other database management systems. It also... -
13
VeraCrypt
Open source disk encryption with strong security for the Paranoid
...This enhanced security adds some delay ONLY to the opening of encrypted partitions without any performance impact to the application use phase. This is acceptable to the legitimate owner but it makes it much harder for an attacker to gain access to the encrypted data. All released files are PGP signed with key ID=0x680D16DE, available on key servers and downloadable at https://www.idrix.fr/VeraCrypt/VeraCrypt_PGP_public_key.asc VeraCrypt can mount TrueCrypt volumes. It also can convert them to VeraCrypt format. Documentation: https://www.veracrypt.fr/en/Documentation.html FAQ : https://www.veracrypt.fr/en/FAQ.html -
14
hookprobe
Free AI that blocks hackers while you sleep. Runs on cheap hardware
...The stack includes NAPSE (AI packet inspection), HYDRA (threat intelligence pipeline), SENTINEL (ML classification engine), and AEGIS (autonomous defense orchestrator). In production, a single Raspberry Pi 5 processes 11M+ security events, classifies 177K ML verdicts, and tracks 11,800+ attacker IPs — all autonomously. Key features: - 5-minute install on Raspberry Pi 5 or any Linux device - eBPF/XDP wire-speed packet filtering and DDoS mitigation - ML-based threat classification (benign/suspicious/malicious - Real-time QSecBit security posture scoring - Web dashboard with live threat visualization - Post-quantum cryptography (Kyber KEM) - Collective mesh defense across nodes -
15
...It takes a string and brute-forces a prefix for it so that the hash of the string with the prefix has a certain number of leading zeroes. But that alone would've been too easy to hack. To prevent an attacker from forging the keys by generating a new prefix: the hash latch doesn't output the keys in the plaintext. Instead, it encrypts the key and outputs the ciphertext. That means that instead of giving you the actual key, it gives you a safe containing the key. This approach allows the hash latch to protect itself from forged keys and also enables you to put the same key into multiple safes without the recipients of these safes knowing they have the same key (even if they compare their ciphertexts). ...
-
16
HiddenWall
hidden firewall, custom firewall in kernel
HiddenWall is a Linux kernel module generator for custom rules with netfilter. (block ports, Hidden mode, rootkit functions etc). The motivation: on bad situation, attacker can put your iptables/ufw to fall... but if you have HiddenWall, the attacker will not find the hidden kernel module that block external access, because have a hook to netfilter on kernel land(think like a second layer for firewall). My beginning purpose at this project is protect my personal server, now is protect the machines of my friends. ... -
17
VaultSync
Sync directories and files in a secure folder on an external drive
VaultSync keeps synchronised data backups from one or more computers in an encrypted vault that is locked with a password. It is optimised to operate on a flash or external drive with minimal installation but it can also work on a hosted storage system like Dropbox, One Drive or Google Drive. It is really important that a backup is simple and fast to make. There is no point in having to decide what files are important or what has changed at the time of the backup, or having to manually... -
18
CVE-2021-31166
Remote HTTP.sys use-after-free triggered remotely
...UlpParseContentCoding where the function has a local LIST_ENTRY and appends an item to it. When it's done, it moves it into the Request structure; but it doesn't NULL out the local list. The issue with that is that an attacker can trigger a code-path that frees every entry of the local list leaving them dangling in the Request object. -
19
MaskPhish
Introducing "URL Making Technology" to the world
...It can be integrated into Phishing tools (with proper credits) to look the URL legit. Hiding phishing links in normal-looking trust-able links is a bigger part of social engineering. By using this method the attacker owns the trust of the victim, and the victim treats the phishing link as a normal link because the top-level domain (like Google, YouTube, New York Times, etc) is considered clean. -
20
obfusc
toolchain for obfuscated compilation
...The idea is that the platform machine `works encrypted' for the user and unencrypted for the operator, running a machine code instruction set in user mode that is provably safe against computational attacks, for code that is generated by a compiler that has introduced random variations into the code at each recompilation so that the attacker has no statistical leverage from human programming biases. -
21
CLASS_DOS_ATTACKER
it is written in Python and perform denial of service Attacks on LAN.
CLASS_DOS_ATTACKER is a tool written in PYTHON (in a Linux environment) to perform 5 Denial of Service Attack on a LAN: - ICMP FLOOD - TCP SYNFLOOD - ARP Cache Poisonning - DHCP Starvation - WIFI DEAUTHENTIFICATION -
22
Injectify
Perform advanced MiTM attacks on websites with ease
...Injectify is a modern web based MiTM tool, similiar to BeEF (although completely unrelated in terms of source code). It features cross-platform clients (Web, Desktop, Browser extension). Create a reverse Javascript shell between the victim and the attacker. Records keystrokes and logs them to a database. -
23
Mpge
Mpge
...With Mpge is possible make trojan horse files for Microsoft Windows, Linux and Mac OS X 10.3 Panther, OS X 10.4 Tiger, OS X 10.5 Leopard and OS X Montain Lion 10.8.1 for all Mac OS X is possible make a trojan horse files contains a reverse shell into files .pkg and files .app. I used three real Mac OS X: Attacker: MacBook with Snow Leopard 10.6.8 Target: Mac iBook PowerPC G4 with Mac OS X10.3.5 Panther and after MacBook and iMac Mac OS X Mountain Lion 10.8.1. All Mac OS X were connected on intranet lan of an italian ISP. The attacker MacBook is in listening and expected the reverse shell from the target Mac iBook PowerPC G4 that receive a package and when user click on file .pkg and insert the user password, the attacker receive a reverse shell of target. ... -
24
Abdal ICMP Attacker
Powerful ICMP Flooder With Customize icmp Packets
This Tools Can Be Send The 10,000 Packet in Only 4 Second - -
25
Mega-Panzer
Mega-Panzer tool source code
...This variant of Megapanzer in its ealiest days branched in 2006. First Megapanzers purpose was to connect back to its client through all kinds of firewalls and proxy servers and offering an attacker a simple command shell. The feature eavesdropping Skype conversations was added a little later and after proving its feasibility it became the new main focus. It injects function calls into the Skype process to intercept all audio data coming and going to the Skype process. It extracts the PCM audio data, converts it to MP3 and sends it to the attacker after encrypting it. ...
