A network sniffer that logs all DNS server replies for use in a passive DNS setup

Simple IP enrichment service and API wrapping PyASN and MaxMind GeoIP.

A basic phishing kit scanner for dedicated and semi-dedicated hosting

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

VPN Rotator

Combination of different utilities, have fun!

PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.

A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analysis.

Malware Configuration And Payload Extraction

Sample staging & detonation utility to be used in combination with Cuckoo Sandbox.

Socks5man is a Socks5 management tool and Python library

A tool for IDN homograph attacks and detection.

Replay HTTP and HTTPS requests from a PCAP based on TLS Master Secrets.

Client API to query any Passive DNS implementation following the Passive DNS - Common Output Format.

Binary instrumentation framework based on FRIDA

Simple Docker Honeypot server emulating small snippets of the Docker HTTP API

Python logging made (stupidly) simple

Reverse engineering framework in Python

Some results of my DGA reversing efforts

The FLARE team's open-source tool to identify capabilities in executable files.

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

Search Emercoin NVS records

Command-line and Python debugger for instrumenting and modifying native software behavior on Windows and Linux.

FakeNet-NG - Next Generation Dynamic Network Analysis Tool