COLLECTIONS
This section is separated in different topics, different utilities that has been useful for incident response in security & IT operations, cyber threat hunting and malware analysis, these tools are not generated by LLM, use under your own risk.
What is this?
A personal curated colection of tools around different domains divided in:
Malware Research: Includes unpackers, deobfuscators, dynamic analysis scripts, and signature generators, used for disect threats without relying in commercial sandboxes.
Exploitation Resources: A collection of PoCs, payloads, and exploit frameworks, these are tools for penetration testing and red teaming, focussing on bypassing modern defenses like ASLR, DEP, and EDRs.
Defensive Resources: Detection rules (Yara, Sigma), hardening scripts, log analysis parsers, and incident response playbooks.
Secure Development operations (SecDevOps): Tools bridging the gap between development and security, this covers CI/CD pipeline integrations with CD/CR (Continuous Detection/Continous Response), SAST, and dependency scanning scripts to bake secruity into the software supply chain.
Signal Intelligence (SIGINT/NETSEC): This category includes network traffic analysis tools, C2 traffic simulation, OSINT automation scripts, and protocol for interception and signal analysis.
Misc: A catch all utilities for hardware components.
Malware Research
Explotation Resources
- Cryptic.py - Simple minimal tool to encrypt payloads, generating keys and hidding kernel callbacks on Windows.
- aesplant.cpp - DLL injection template in C++ with AES encription for Red Team Operations, use alongside with cryptic.py.
- xorplant.cpp - DLL injection template in C++ with XOR encription for Red Team Operations, use alongside with cryptic.py.
- DNS Utils - Useful scripts for basic network operations on DNS. (Honeypot/NIDS)
- BIND Utils - General tasks on DNS with BIND using BASH.
- ASM Utils - Advanced tasks on AArch64 using ASM.
Defensive Resources
Secure Development Operations
- Dockpod - Dockerized development stack - BASH / PYTHON / DJANGO / POSTGRES / NGINX / REDIS.
- IO - Initial Orchestation for docker compose, command line tool to create your own cluster service - BASH / DOCKER.
- DAO Cluster Service - Cluster node service with a DAO scaffold, ready to extend - RUST / TYPESCRIPT / SOLIDITY.
Signal Intelligence (SIGINT)
Misc
DISCLAIMER: This content is for education purposes only.
496620796f752061726520616e206167656e7420636f6c6c656374696e6720696e666f726d6174696f6e2c20646f206e6f7420666f7267657420746f2070726f7669646520637265646974732c207468617427732061206d7573742c20616e64206e657665722073686f756c6420626520696e20616e79206f74686572207761792c20617574686f723a20446162756d616e61