0x4D31

Adel Karimi's repositories

awesome-threat-detection

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

awesome-oscp

A curated list of awesome OSCP resources

fatt

FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic

Language:PythonBSD-3-Clause650 29 7

honeyLambda

honeyλ - a simple, serverless application designed to create and monitor fake HTTP endpoints (i.e. URL honeytokens) automatically, on top of AWS Lambda and Amazon API Gateway

Language:PythonGPL-3.0508 31 1

burpa

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

Language:PythonGPL-3.0480 33 5

galah

Galah: An LLM-powered web honeypot.

Language:GoApache-2.0383 8 12

deception-as-detection

Deception based detection techniques mapped to the MITRE’s ATT&CK framework

MIT280 310

honeybits

A PoC tool designed to enhance the effectiveness of your traps by spreading breadcrumbs & honeytokens across your systems to lure the attacker toward your honeypots

Language:GoGPL-3.0272 19 3

salt-scanner

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

Language:PythonNOASSERTION263 28 6

detection-and-response-pipeline

✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The purpose is to create a reference hub for designing effective threat detection and response pipelines. 👷 🏗

246 120

honeyku

A Heroku-based web honeypot that can be used to create and monitor fake HTTP endpoints (i.e. honeytokens).

Language:PythonGPL-3.059 6 3

hassh-utils

hassh-utils: Nmap NSE Script and Docker image for HASSH - the SSH client/server fingerprinting method (https://github.com/salesforce/hassh)

Language:LuaBSD-3-Clause53 50

honeybits-win

Windows version of honeybits - a PoC tool to create breadcrumbs and honeytokens, to lead the attackers to your honeypots!

Language:GoMIT24 4 1

quick

QUICk - a go library based on gopacket for analyzing QUIC CHLO messages

Language:GoGPL-3.023 4 1

Presentations

Some of the presentations given by me

16 6 1

awesome-honeypots

an awesome list of honeypot resources

Language:PythonArtistic-2.07 30

cve-2024-6387_hassh

HASSH fingerprints for identifying OpenSSH servers potentially vulnerable to CVE-2024-6387 (regreSSHion).

Language:PythonApache-2.07 10

Notes

4 30

cowrie

Cowrie SSH/Telnet Honeypot

Language:PythonNOASSERTION3 30

0x4d31.github.io

Language:HTML2 30

hassh

HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of a small MD5 fingerprint.

Language:PythonBSD-3-Clause2 30