Lofmir

windows

Windows inside a Docker container.

spiderfoot

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

qiling

A True Instrumentable Binary Emulation Framework

MTProxy

jsoncanvas

An open file format for infinite canvas data.

guac-install

Script for installing Guacamole on Ubuntu

attackgen

AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident response scenarios based on user-selected threat actor groups and your organisation's details.

BlueSpy

PoC to record audio from a Bluetooth device

FalconFriday

Hunting queries and detections

BadUSB-Files-For-FlipperZero

A Collection of Over 60 Scripts - updated specifically for the BadUSB function on the FlipperZero.

torpy

Pure python Tor client implementation

LinkedInDumper

Python 3 script to dump/scrape/extract company employees from LinkedIn API

Trawler

PowerShell script to help Incident Responders discover potential adversary persistence mechanisms.

tlosint-vm

Trace Labs OSINT VM

Microsoft-Analyzer-Suite

A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID

RF-Swift

🚀 A swifty RF toolbox baked for your needs, and it's multi-platform! 🌐✨ Available right now in for amd64 Linux & Windows, and with some limitations on aarch64 with Raspberry Pi 5 and Apple M1-M3

metrics

This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.

IOCs

IOCs published by Black Lotus Labs

Cyber_Security_Malware_APT_Simulation

All the principles of the AI modular structure that generates malicious code fragments sold on the dark web

coderex

A tool that automates regex generation for the x86 and x86-64 instruction sets

cyber-threat-profiling

A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense

cloudgazer

Find Real IPs hidden behind Cloudflare with Criminal IP(criminalip.io), security OSINT Tool.

seads

Search Engines ADs scanner - spotting malvertising in search engines has never been easier!

wireshark-telco-profile

Wireshark Profiles for SS7, Diameter & GTP

honeyscanner

Honeyscanner: A vulnerability analyzer for honeypots

100-Days-of-YARA-2024

ohcti-threatexposure

Openhunting CTI - Threat Exposure Data Breach Account (Telegram)

pie

Quick method to extract Indicators of Compromise (IOCs) from a Threat Intel Report in PDF format.

tor_spiders

Spiders a website using the darknet via Tor

ohcti-malwareinfra

Threat Hunting Malware Infrastructure