Endpoint visibility and DFIR.
MonitorAnalyzeEndpoints
cyberstars / target / endpoint
Tools for endpoints
Workstations, servers and EDR-managed devices.
122 tools indexed
Memory forensics framework.
AnalyzeEndpointsBinaries
Vuls
—Agent-less Linux vulnerability scanner.
ScanEndpointsCloud
Open-source EDR for Windows.
MonitorAnalyzeEndpoints
Open-source XDR and SIEM.
MonitorScanEndpointsCloud
Windows privilege-escalation enumerator.
ReconScanEndpointsActive Directory
YARA
—Pattern matching for malware research.
AnalyzeMonitorBinariesEndpoints
Community YARA rule repository.
MonitorAnalyzeBinariesEndpoints
Yeti
—Open-source threat-intel platform.
AutomateAnalyzeNetworksEndpoints
High-speed forensic feature extractor.
AnalyzeEndpointsBinaries
Encrypted C2 over DNS.
ExploitAutomateNetworksEndpoints
Capture SSL/TLS plaintext with eBPF.
InterceptAnalyzeNetworksEndpoints
GPU-accelerated password recovery.
CrackEndpointsActive Directory
Linux privesc enumeration script.
ReconScanEndpoints
Windows credential extraction.
ExploitAnalyzeEndpointsActive Directory
Generate NTLMv2 hash theft files.
InterceptExploitActive DirectoryEndpoints
SQL-powered endpoint visibility.
MonitorAnalyzeEndpoints
pspy
—Spy on Linux processes without root.
MonitorReconEndpoints
Mimikatz in pure Python.
AnalyzeCrackActive DirectoryEndpoints
Radare2 plug-in for Frida.
AnalyzeInterceptMobile appsBinaries
rage
—Modern file encryption with age.
HardenEndpointsSource code
SSH server and client config auditor.
ScanHardenNetworksEndpoints
Easy SSH honeypot.
MonitorNetworksEndpoints
Transparent SSH bastion.
HardenMonitorNetworksEndpoints