JT's repositories
suricata-verify
Suricata Verification Tests - Testing Suricata Output
AsyncRAT-C-Sharp
Open-Source Remote Administration Tool For Windows C# (RAT)
dnsteal
DNS Exfiltration tool for stealthily sending files over DNS requests.
fraud-bridge
ICMP and DNS tunneling via IPv4 and IPv6
IDSDeathBlossom
IDS Utility Belt For Automating/Testing Various Things
Malleable-C2-Profiles
Cobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike https://www.cobaltstrike.com/.
pam_script
PAM script module will allow you to execute scripts during authorization, password changes and sessions. This is very handy if your current security application has no pam support but is accessable with perl or other scripts.
RedditC2
Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic look legit.
reGeorg
The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
resynth
A network packet synthesis language
rusty-pcap
Pcap search and API written in Rust
serial2pcap
Converts serial IP data, typically collected from Industrial Control System devices, to the more commonly used Packet Capture (PCAP) format. #nsacyber
sguil
Sguil client for NSM
suricata-rpms
Suricata RPMs for CentOS/EL
suricata-update
The tool for updating your Suricata rules.
tcpflow
TCP/IP packet demultiplexer
ThreatHunting
An informational repo about hunting for adversaries in your IT environment.
Tunna
Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments.