Network Security

WireGuardC

A fast, modern, secure kernel-based VPN tunnel using state-of-the-art cryptography.

CanaryTokensPython

Deploy honeytokens across your network to detect unauthorized access and data exfiltration attempts.

reverse-shellGo

A service that provides easy-to-remember reverse shell payloads for Unix-like systems, automatically detecting available software on the target.

JA4+Rust

A suite of network fingerprinting standards for TLS, TCP, HTTP, SSH, and other protocols to facilitate threat detection and security analysis.

hblockShell

A POSIX-compliant shell script that blocks ads, tracking, and malware domains by generating a hosts file.

mazaShell

A simple, native, and efficient local ad blocker written entirely in Bash, working across all browsers without extensions.

net-credsPython

A Python tool that sniffs sensitive credentials and data from network interfaces or pcap files across multiple protocols.

stenographerGo

A high-performance packet capture solution that buffers all network traffic to disk for fast retrieval of specific subsets.

netscannerRust

A terminal-based network scanner and diagnostic tool with a modern TUI for WiFi scanning, packet analysis, and port scanning.

pyrdpPython

A Python RDP man-in-the-middle tool and library for intercepting, monitoring, and analyzing Remote Desktop Protocol connections.

ssh-mitmC

A penetration testing tool that intercepts SSH connections to log plaintext passwords and full sessions.

RDPyPython

A pure Python implementation of Microsoft's Remote Desktop Protocol (RDP) and VNC client/server, built on Twisted.

sshesameGo

A lightweight SSH honeypot that logs all connection attempts and activity without executing commands.

moleGo

A CLI tool for creating resilient SSH tunnels with a focus on reliability and user experience.

KippoPython

A medium interaction SSH honeypot that logs brute force attacks and attacker shell interactions.

GatekeeperC

An open-source, scalable DDoS protection system designed for network operators to withstand high-bandwidth attacks.

SELKSShell

A Linux distribution for network detection and response (NDR) built around Suricata, providing a complete NDR platform.

ConpotPython

An open-source ICS/SCADA honeypot designed to emulate industrial control systems and collect adversary intelligence.

LinkLiarSwift

A macOS GUI application for spoofing MAC addresses of Wi-Fi and Ethernet interfaces to prevent tracking.

libSRTPC

An open-source C library implementing the Secure Real-time Transport Protocol (SRTP) for encrypting and authenticating RTP/RTCP media streams.

Network Flight Simulator (flightsim)Go

A lightweight utility to generate malicious network traffic patterns for evaluating security controls and network visibility.

HoneytrapGo

An extensible open-source framework for running, monitoring, and managing honeypots to detect and analyze cyber threats.

fragattacksC

A tool to test Wi-Fi clients and access points for fragmentation and aggregation vulnerabilities affecting all protected Wi-Fi networks.

VHostScanPython

A virtual host scanner for penetration testing that performs reverse lookups, detects catch-all scenarios, and works around wildcards and aliases.

sniffglueRust

A secure, multithreaded network packet sniffer written in Rust, designed for safe operation on untrusted networks.

kalitorifyShell

A shell script that creates a transparent proxy through the Tor network for Kali Linux, routing all system traffic anonymously.

NFStreamPython

A flexible Python framework for fast network flow data analysis, offering encrypted application identification, statistical feature extraction, and extensibility via plugins.

Harden Runner GitHub ActionTypeScript

A CI/CD security agent that monitors GitHub Actions runners for threats like network egress, file integrity, and process activity.

MalcomPython

A malware communication analyzer that visualizes network traffic and cross-references it with known malware sources.

DPKTPython

A Python library for fast packet creation and parsing with definitions for basic TCP/IP protocols.

LegionPython

Legion is a semi-automated network penetration testing framework for discovery, reconnaissance, and exploitation.

ProxelarRust

A programmable MITM proxy written in Rust for intercepting, inspecting, and modifying HTTP/HTTPS traffic with Lua scripting.

honeypotsPython

A Python package with 30 low-high level honeypots for monitoring network traffic, bots, and credential attacks.

Country IP Blocks

Hourly-updated CIDR country-level IP data sourced directly from Regional Internet Registries.

nfdumpC

A suite of tools for collecting, processing, and analyzing NetFlow, IPFIX, and sFlow data from network devices.

sshttpC++

A Linux daemon that multiplexes SSH and HTTP/HTTPS traffic on a single port, enabling SSH access through firewalls that only allow web traffic.