0x4D31

Adel Karimi's repositories

awesome-threat-detection

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

awesome-oscp

A curated list of awesome OSCP resources

fatt

FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic

Language:PythonBSD-3-Clause636 31 7

honeyLambda

honeyλ - a simple, serverless application designed to create and monitor fake HTTP endpoints (i.e. URL honeytokens) automatically, on top of AWS Lambda and Amazon API Gateway

Language:PythonGPL-3.0505 31 1

burpa

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

Language:PythonGPL-3.0481 33 5

galah

Galah: an LLM-powered web honeypot using the OpenAI API.

Language:GoApache-2.0279 6 3

deception-as-detection

Deception based detection techniques mapped to the MITRE’s ATT&CK framework

MIT276 310

honeybits

A PoC tool designed to enhance the effectiveness of your traps by spreading breadcrumbs & honeytokens across your systems to lure the attacker toward your honeypots

Language:GoGPL-3.0271 19 3

salt-scanner

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

Language:PythonNOASSERTION263 28 6

detection-and-response-pipeline

✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The purpose is to create a reference hub for designing effective threat detection and response pipelines. 👷 🏗

232 120

sqhunter

A simple threat hunting tool based on osquery, Salt Open and Cymon API

Language:PythonMIT65 120

honeyku

A Heroku-based web honeypot that can be used to create and monitor fake HTTP endpoints (i.e. honeytokens).

Language:PythonGPL-3.058 6 3

hassh-utils

hassh-utils: Nmap NSE Script and Docker image for HASSH - the SSH client/server fingerprinting method (https://github.com/salesforce/hassh)

Language:LuaBSD-3-Clause50 50

honeybits-win

Windows version of honeybits - a PoC tool to create breadcrumbs and honeytokens, to lead the attackers to your honeypots!

Language:GoMIT24 4 1

quick

QUICk - a go library based on gopacket for analyzing QUIC CHLO messages

Language:GoGPL-3.023 4 1

Presentations

Some of the presentations given by me

15 6 1

awesome-honeypots

an awesome list of honeypot resources

Language:PythonArtistic-2.07 30

Notes

4 30

cowrie

Cowrie SSH/Telnet Honeypot

Language:PythonNOASSERTION3 30

0x4d31.github.io

Language:HTML2 30

hassh

HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of a small MD5 fingerprint.

Language:PythonBSD-3-Clause2 30