Tools

Enterprise-class Open Source LDAP server for Linux.

A Smart Ethernet Switch for Earth

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Distributed, secure messenger with audio and video chat capabilities.

Proxy server to bypass Cloudflare protection

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

Plugable framework for automated decryption, often used as a Tang client.

CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.

Super timeline all the things

A fully customizable, Windows-based security distribution for malware analysis, incident response, penetration testing.

Dex to Java decompiler

Keep secrets out of emails or chat logs, share them using secure links with passphrase and expiration dates. `MIT` `Python`

A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

CLI for managing secrets

Acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container. This makes Acquire an excellent tool to, among others, speedup the process of digital forensic triage. It uses Dissect to gather that information from the raw disk, if possible.

Digging Deeper....

Self-evolving MCP server that generates and improves its own tools at runtime. Built on FastMCP, Janee uses LLM-driven tool generation to dynamically create, test, and refine MCP tools from natural language descriptions — enabling AI agents to extend their own capabilities on the fly.

In-depth attack surface mapping and asset discovery

HTTP(S)/WS(S)/TCP tunnels to localhost using only SSH (serveo/ngrok alternative)

Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.

UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It automates the collection of artifacts from a wide range of Unix-like systems, including AIX, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris.

Simple self hosted password generator

A cloud native data pipeline and transformation toolkit for security teams.

Web AI firewall utility which protects upstream resources from scraper bots.

tirreno is an open-source security framework. Event tracking, threat detection, and risk scoring for any application.

Volatility 3.0 development

Superagent protects your AI applications against prompt injections, data leaks, and harmful outputs. Embed safety directly into your app and prove compliance to your customers.

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

Simple to use, simple to deploy, one time self destruct messaging service, with hashicorp vault as a backend

easy-rsa - Simple shell based CA utility

Light LDAP implementation

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

KeePassXC is a cross-platform community-driven port of the Windows application “KeePass Password Safe”.

Fast customisable cross-platform suspicious file finder. Supports md5/sha1/sha256 hashs, litteral/wildcard strings, regular expressions and YARA rules. Can easily be packed to be deployed on any windows / linux host.

macOS (& ios) Artifact Parsing Tool

go-audit is an alternative to the auditd daemon that ships with many distros

A tool for reverse engineering Android apk files

Web-based dashboard for Fail2Ban log filtering and blocklist control

AI-safe secrets manager with MCP integration. Run commands with credentials injected as environment variables - AI agents never see plaintext secrets. Features output sanitization, AES-256-GCM encryption, and Argon2id key derivation.

Digital Forensics Artifact Repository

unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock

Zentral is a high-visibility platform for controlling Apple endpoints in enterprises. It brings great observability to IT and makes tracking & reporting compliance much less manual.

Collaborative forensic timeline analysis

Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (part of NCC Group).

Bloodhound Reporting for Blue and Purple Teams

Proxy over your Docker socket to restrict which requests it accepts

The pattern matching swiss knife