Change the repository type filter
All
Repositories list
90 repositories
- 30 different honeypots in one package! (dhcp, dns, elastic, ftp, http proxy, https proxy, http, https, imap, ipp, irc, ldap, memcache, mssql, mysql, ntp, oracle, pjl, pop3, postgres, rdp, redis, sip, smb, smtp, snmp, socks5, ssh, telnet, vnc)
- API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
- Analyze, extract and visualize features, artifacts and IoCs of files and memory dumps (Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more)
threat-intelligence
PublicThreat intelligence or Cyber Threat Intelligence is the process of identifying and analyzing gathered information about past, current, and future cyber threats (Collecting information about a potential threat, then analyzing that information to learn more about the negative events)- Data Lifecycle Management (DLM) is a policy-based model for managing data in an organization
cyber-kill-chain
PublicCyber Kill Chain is a model that Lockheed Martin created for understanding (Describe the sequence of events) and stopping cyberattacks- An adversary may utilize a sim swapping attack for defeating 2fa authentication
- An adversary may utilize a sim swapping attack for defeating 2fa authentication
- Digital Forensics is the process of finding and analyzing electronic data
- Cybersecurity is the measures taken to protect networks, devices, and data against cyberattacks
incident-response
PublicIncident response is a set of steps that are used to handle the aftermath of a data breach or cyberattackauthorization-bypass
PublicA threat actor may access the user's account using a stolen or leaked valid (existing) session identifierdefault-credential
PublicA threat actor may gain unauthorized access using the default username and passwordpassword-spraying
PublicA threat actor may guess the target credentials using a single password with a large set of usernames against the target- A threat actor may guess the target credentials using a known username and password pairs gathered from previous brute-force attacks
directory-listing
PublicA threat actor may list files on a misconfigured server- A threat actor may inject malicious content into HTTP requests. The content will be reflected in the HTTP response and executed in the victim's browser
- A threat actor may perform unauthorized functions belonging to another user with a higher privileges level
risk-management
PublicRisk management is the process of identifying, assessing, treating, and monitoring any negative events that affect a company's ability to operate (Preventing them or minimizing their harmful impact)- A threat actor may perform unauthorized functions belonging to another user with a similar privileges level
- A threat actor may lunch brute force to the two-factor authentication (2FA) logic causing unauthorized access to the target
authentication-bypass
PublicA threat actor may gain access to data and functionalities by bypassing the target authentication mechanismcaptcha-bypass
PublicA threat actor may bypass the Completely Automated Public Turing test to tell Computers and Humans Apart (captcha) by breaking the solving logic, human-assisted solving services, or utilizing automated technologyxpath-injection
PublicA threat actor may alter the XML path language (XPath) query to read data on the targetdata-compliance
PublicData compliance is the process of following various regulations and standards to ensure that sensitive digital assets (data) are guarded against loss, theft, and misuseaccess-control
PublicAccess Control is using security techniques to protect a system against unauthorized accessdata-security
PublicSafeguarding your personal information (How your info is protected)- Data classification defines and categorizes data according to its type, sensitivity, and value
- An adversary may inject malicious content into a vulnerable target