Soufian El Yadmani's repositories
Inversion-DNSBL-Generator
Generate malicious URL blocklists for DNSBL applications like pfBlockerNG or Pi-hole by scanning various public URL sources using the Safe Browsing API from Google and/or Yandex.
devika
Devika is an Agentic AI Software Engineer that can understand high-level human instructions, break them down into steps, research relevant information, and write code to achieve the given objective. Devika aims to be a competitive open-source alternative to Devin by Cognition AI.
IOCs
IOC's from the Uptycs Threat Research Blogs
fingerprintx
Standalone utility for service discovery on open ports!
TEx
Telegram Monitor
HEDnsExtractor
raw html extractor from Hurricane Electric portal
GOAD
game of active directory
noir
♠️ Noir is an attack surface detector form source code.
CSAW-CTF-2023-Quals
Challenge repository for the 2023 CSAW CTF Qualifiers
Qu1cksc0pe
All-in-One malware analysis tool.
attackgen
AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident response scenarios based on user-selected threat actor groups and your organisation's details.
jarm_randomizer
This tool was open sourced as part of JARM Randomizer: Evading JARM Fingerprinting for HiTB Amsterdam 2021.
cowitness
CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to mimic an HTTP server and a DNS server, providing complete responses and valuable insights during your testing process.
APIKit
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
perimeter-scanner
Building an Automated Perimeter Scanning System with Open Source Tools - NMAP, IVRE and Netbox
secrets-patterns-db
Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
gps
GPS is a scanning platform that learns and predicts the location of IPv4 services across all 65K ports.
python-Wappalyzer
Python driver for Wappalyzer, a web application detection utility.
lzr
LZR quickly detects and fingerprints unexpected services running on unexpected ports.
keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
pyWhat
🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
CertView
Platform that collects TLS certificates from active scans and certificate transparency logs and allows modules to perform analysis and provide tags.
zgrab2-configurations
A repository for possible zgrab2 configurations
RedEye
RedEye is a visual analytic tool supporting Red & Blue Team operations
ICS-Security
ICS security resources
HowToHunt
Collection of methodology and test case for various web vulnerabilities.
Havoc
The Havoc Framework
CVEDataFeed
A Python tool for converting and updating CVE data from NVD to mongodb. This is also a back-end tool for the CVEData.com site which is an alternative for the CVEDetails.com.
A-gentle-introduction-to-Tamarin
This is a beginner's Tamarin Guide which is not meant to be exhaustive. For a comprehensive explanation of Tamarin, please refer to the official manual on https://tamarin-prover.github.io.