Soufian El Yadmani's repositories
A-gentle-introduction-to-Tamarin
This is a beginner's Tamarin Guide which is not meant to be exhaustive. For a comprehensive explanation of Tamarin, please refer to the official manual on https://tamarin-prover.github.io.
APIKit
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
attackgen
AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident response scenarios based on user-selected threat actor groups and your organisation's details.
CertView
Platform that collects TLS certificates from active scans and certificate transparency logs and allows modules to perform analysis and provide tags.
cowitness
CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to mimic an HTTP server and a DNS server, providing complete responses and valuable insights during your testing process.
CSAW-CTF-2023-Quals
Challenge repository for the 2023 CSAW CTF Qualifiers
CVEDataFeed
A Python tool for converting and updating CVE data from NVD to mongodb. This is also a back-end tool for the CVEData.com site which is an alternative for the CVEDetails.com.
devika
Devika is an Agentic AI Software Engineer that can understand high-level human instructions, break them down into steps, research relevant information, and write code to achieve the given objective. Devika aims to be a competitive open-source alternative to Devin by Cognition AI.
fingerprintx
Standalone utility for service discovery on open ports!
GOAD
game of active directory
gps
GPS is a scanning platform that learns and predicts the location of IPv4 services across all 65K ports.
HEDnsExtractor
raw html extractor from Hurricane Electric portal
ICS-Security
ICS security resources
Inversion-DNSBL-Generator
Generate malicious URL blocklists for DNSBL applications like pfBlockerNG or Pi-hole by scanning various public URL sources using the Safe Browsing API from Google and/or Yandex.
IOCs
IOC's from the Uptycs Threat Research Blogs
jarm_randomizer
This tool was open sourced as part of JARM Randomizer: Evading JARM Fingerprinting for HiTB Amsterdam 2021.
keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
lzr
LZR quickly detects and fingerprints unexpected services running on unexpected ports.
noir
♠️ Noir is an attack surface detector form source code.
perimeter-scanner
Building an Automated Perimeter Scanning System with Open Source Tools - NMAP, IVRE and Netbox
python-Wappalyzer
Python driver for Wappalyzer, a web application detection utility.
pyWhat
🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
Qu1cksc0pe
All-in-One malware analysis tool.
secrets-patterns-db
Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
TEx
Telegram Monitor
zgrab2-configurations
A repository for possible zgrab2 configurations