alexwebr / sshflow
Proof-of-concept that makes a guess at what applications are being tunneled through an SSH session. It works primarily by analyzing packet sizes and inter-packet timing.
☆10Updated 11 years ago
Related projects: ⓘ
- Exfiltration Framework - Exfiltration modeling tool written in Python. Naisho attempts to avoid detection from DLP, IPS/IDS egress filter…☆37Updated 9 years ago
- IDS Utility Belt For Automating/Testing Various Things☆30Updated 3 years ago
- An automated collection and analysis of malware from my honeypots.☆25Updated 6 years ago
- Cuckoo Sandbox Local Maltego Transforms Project☆48Updated 10 years ago
- Honeybrid is a network application built to 1) administrate network of honeypots, and 2) transparently redirect live network sessions (TC…☆31Updated 5 years ago
- My personal experience in Threat Hunting and knowledge gained so far.☆18Updated 7 years ago
- This repository is a curated list of pro bono incident response entities.☆19Updated last year
- Multiple rules for yara-project for detect compiler/packer/protector☆32Updated 4 years ago
- Maltese - Malware Traffic Emulator☆25Updated 7 years ago
- Network sinkhole for isolated malware analysis☆39Updated 6 years ago
- ☆42Updated this week
- Artefacts from various retefe campaigns☆10Updated 5 years ago
- An active domain name query tool to help keep track of domain name movements...☆15Updated 3 years ago
- Discover potential timestamps within the Windows Registry☆18Updated 10 years ago
- Cli interface to threatcrowd.org☆19Updated 7 years ago
- Metadata Inspection Database Alerting System☆41Updated 11 years ago
- ☆16Updated 9 years ago
- API Tools☆27Updated 8 years ago
- ☆21Updated 6 years ago
- ☆14Updated this week
- Detect malicious domain, Blablablablabla☆26Updated 7 years ago
- A Network Inspection Tool☆79Updated 6 years ago
- CHEF cookbook for automating provisioning of CTF competition and wargame challenge platforms☆12Updated 8 years ago
- Membrane: A Posteriori Detection of Malicious Code Loading by Memory Paging Analysis☆42Updated 8 years ago
- Tools☆13Updated last year
- ☆19Updated this week
- Vulnerability Assessment and Auditing Framework for all the Crypto Implementations.☆37Updated 8 years ago
- A ready to deploy docker container for a fresh sandbox for on-the-fly malware analysis☆42Updated 7 years ago
- FastIR Agent is a Windows service to execute FastIR Collector on demand☆14Updated 7 years ago