AI Summary: Security Onion 2.4 is an open-source Linux distribution for intrusion detection, network monitoring, and log management. Its primary use case is to provide security operations teams with tools to detect and respond to threats through features such as alert management, detailed dashboards, and packet capture (PCAP) capabilities. Notable functionalities include a hunting interface, customizable detection rules, and comprehensive configuration options, facilitating a proactive approach to cybersecurity.

README

Security Onion 2.4

Security Onion 2.4 is here!

AI Summary: Sandboxed Execution Environment (SEE) is a framework designed for automating tests in secure environments utilizing customizable sandboxes through libvirt. It supports various hypervisors, including QEMU and VirtualBox, and enables modular test platforms by allowing plugin integration for enhanced event-based interaction. Ideal for isolating and managing the execution of potentially dangerous or unstable software, SEE facilitates both quick prototyping and production-level testing.

README

Sandboxed Execution Environment

:Source: https://github.com/F-Secure/see :Documentation: https://see.readthedocs.io :Download: https://pypi.python.org/pypi/python-see

AI Summary: Seekr is a multi-purpose toolkit designed for gathering and managing Open Source Intelligence (OSINT) data, featuring a streamlined web interface for data collection, organization, and analysis. Key functionalities include integration with popular OSINT tools, account discovery, customizable themes, and the absence of API keys for any features, making it suitable for researchers and investigators seeking to enhance their OSINT workflows. It is currently in beta development and allows for easy setup on various platforms including Windows, Linux, and Docker.

AI Summary: Selenium-Driverless is a Python package that enables web automation using Selenium without the need for a chromedriver, allowing for interactions with sites that commonly employ anti-bot mechanisms like Cloudflare. Its notable features include support for multiple tabs and incognito contexts, proxy authentication, and network interception, making it suitable for use cases that require more advanced browser automation scenarios while maintaining anonymity. The tool is designed primarily for non-commercial use and provides integration with asyncio for asynchronous operations.

AI Summary: Hashtopolis is a client-server tool designed for distributing hashcat tasks across multiple computers, facilitating efficient password cracking on a scalable architecture. Notable features include multi-user support, a web-based administration interface, customizable agents, and strong security measures including agent trust levels and “secret” file handling. It utilizes an HTTP(S) communication protocol with a JSON-based configuration, enhancing usability and compatibility with common web hosting setups.

README

Hashtopolis

Hashtopolis is a multi-platform client-server tool for distributing hashcat tasks to multiple computers. The main goals for Hashtopolis’s development are portability, robustness, multi-user support, and multiple groups management. The application has two parts:

AI Summary: SessionGopher is a PowerShell-based tool designed to retrieve and decrypt saved session information from remote access applications like PuTTY, WinSCP, FileZilla, and RDP. Its primary use case is for security assessments to identify systems that may connect to sensitive environments such as Unix systems or remote desktops. Notable features include thorough filesystem searches for private key files and the ability to run queries across multiple hosts or domain-joined systems, with results conveniently outputted to CSV files.

AI Summary: SHAD0W is a modular command and control (C2) framework designed for advanced threat operations within mature environments, leveraging techniques to evade endpoint detection and antivirus systems. Built with Python and C, it enables the execution of payloads including .NET assemblies and scripts entirely in memory, while offering features such as HTTPS communication, dynamic process injection, and extensive modularity for tasking beacons. Notable components include built-in privilege escalation exploits, a live web proxy feature, and a robust command-line interface, facilitating customization and effective covert operations.

AI Summary: Shannon is an autonomous AI penetration testing tool designed for web applications and APIs, capable of performing white-box security assessments through source code analysis and real exploit execution. It identifies potential vulnerabilities such as injection attacks and authentication bypasses, generating reports that include only verified exploits with reproducible proof-of-concept evidence. Key features include fully automated operation, OWASP vulnerability coverage, and integrated security tooling, making it suitable for continuous security testing throughout the software development lifecycle.

AI Summary: The Shark Jack Payload Library provides a collection of community-driven payloads and extensions specifically designed for the Hak5 Shark Jack device, utilizing DuckyScript™ and Bash. Its primary use case is to enrich the functionality of the Shark Jack with customizable scripts for cybersecurity tasks, while also encouraging developer contributions for new payloads. Notable features include a platform for community collaboration and integration with Payload Studio for seamless payload creation.

AI Summary: Shellen is an interactive shellcoding environment designed for writing and utilizing shellcodes, supporting both assembly and disassembly operations. Leveraging the keystone and capstone engines, Shellen allows users to seamlessly switch between different modes, search syscall tables, and run shellcodes within a subprocess, while providing a user-friendly prompt that displays the current status and architecture. This tool caters primarily to developers and security researchers working with low-level code, making shellcode manipulation intuitive and efficient.

AI Summary: shhgit is a tool designed to enhance the security of development teams by identifying leaked secrets in code repositories, such as API tokens and private keys, before they can be exploited by malicious actors. It operates either by scanning public repositories via APIs of GitHub, GitLab, and BitBucket or processing local directories, and features a customizable search capability along with options for CSV reporting and entropy-based analysis. Notably, the tool is flexible for both cloud and local deployments, making it suitable for integration into CI/CD pipelines.

AI Summary: Shortscan is an IIS short filename enumeration tool that rapidly identifies files with short filenames on an IIS web server and attempts to discover their corresponding full filenames using a unique checksum matching method. Its notable features include support for custom headers, concurrency settings, and vulnerability checks without full file enumeration, as well as the ability to utilize custom wordlists and generate rainbow tables through an accompanying utility named shortutil.

AI Summary: SICAT is a comprehensive vulnerability and exploit finder that streamlines the reconnaissance process by aggregating data from multiple reputable databases based on user-defined keywords, Nmap scan results, or detected web technologies. Notable features include a modern web interface with real-time feedback, detailed HTML reporting with interactive elements, and intelligent keyword generation for enhanced search accuracy, all while supporting multithreaded scanning for optimized performance. This tool significantly aids security professionals in identifying vulnerabilities across various platforms and frameworks.

AI Summary: SIGIT is a modular OSINT CLI tool designed for efficient collection of public information, supporting reconnaissance, security testing, and digital forensics tasks. Its architecture leverages asynchronous programming and parallel scanning to enable fast data gathering across 14 diverse tools, including username checks, IP location services, and SSL certificate analysis. Notable features include a user-friendly command-line interface and a design that minimizes resource leaks through automated session management.

README

AI Summary: SILENTTRINITY is a modern, asynchronous, multiplayer command and control (C2) and post-exploitation framework designed for flexibility and stealth, utilizing Python 3 and the .NET Dynamic Language Runtime. It offers features such as real-time updates via Websockets, ECDHE encrypted communications, and a fully modular architecture allowing operators to customize their C2 channels and modules. The framework leverages embedded third-party .NET scripting languages for dynamic task evaluation, enhancing usability and providing capabilities akin to PowerShell without its direct use.

AI Summary: Silver is a mass vulnerability scanner that integrates with masscan and nmap to provide rapid, comprehensive TCP port scanning and vulnerability assessment. Notable features include resumable scanning, multi-core utilization, caching of vulnerability data, and integration with Shodan, allowing for efficient parallel processing and streamlined notifications through Slack. Its support for various input formats and customizable scanning options enhances its usability for security assessments across different environments.

README

Silver

Mass Vulnerability Scanner

AI Summary: The Simple Security Toolkit is a collection of practical guides and checklists designed to enhance the security of smart contract development, primarily targeting early-stage protocol teams. Key features include a structured development process, audit readiness and pre-launch security checklists, and an incident response plan template, all aimed at preventing vulnerabilities and ensuring robust deployment practices. This resource is intended to streamline security preparations and foster efficient auditing processes while encouraging contributions from the community.

AI Summary: Simplify is a generic Android deobfuscator that virtually executes obfuscated apps to enhance code readability while preserving their functional behavior. It operates through a combination of smalivm, which simulates Dalvik method execution, and simplify, which optimizes execution graphs by applying techniques such as constant propagation and dead code removal. Notable features include the ability to handle various obfuscation patterns without renaming methods or classes, and a customizable execution environment to manage optimization parameters.

AI Summary: SIPVicious OSS is a comprehensive toolset designed for auditing SIP-based VoIP systems. Its primary functions include discovering SIP servers, enumerating extensions, and facilitating password cracking through various methods, making it an essential resource for penetration testing of VoIP infrastructures. Notable features include its scanning capabilities (svmap), extension identification (svwar), password cracking (svcrack), session reporting (svreport), and the ability to exploit vulnerabilities in SIP systems (svcrash).

README

Welcome to SIPVicious OSS security tools

AI Summary: SiteDorks is a versatile tool designed for conducting advanced searches across multiple search engines like Google and Bing using predefined dork lists. It simplifies the querying process by allowing users to categorize their search terms and automate input from a default list of 629 dorkable websites. Notable features include the ability to customize searches, manage multiple domain queries easily, and access regularly updated lists for specific countries and categories.

AI Summary: Skanuvaty is a high-performance DNS/network/port scanning tool that allows users to quickly analyze a domain by discovering its subdomains and resolving their corresponding IPs. Notable features include support for concurrent scans, with the ability to test thousands of subdomains within seconds, and the generation of a comprehensive output file in JSON format for further analysis.

README

Skanuvaty

Dangerously fast dns/network/port scanner, all-in-one.

Start with a domain, and we’ll find everything about it.

AI Summary: Skidfuscator is a production-grade Java obfuscation tool that employs SSA form to enhance and obscure Java bytecode flow while maintaining execution efficiency. Its primary use case is to protect applications from reverse engineering by providing advanced obfuscation techniques, automatic dependency downloading, and an easy-to-configure command-line interface. Notable features include smart recovery, flow obfuscation, and out-of-the-box optimization.

README

🗣️ Discord: https://discord.gg/QJC9g8fBU9 📚 Wiki: https://skidfuscator.dev/docs/

🏢 Enterprise/Custom Version: https://skidfuscator.dev/pricing

AI Summary: SkyArk is a cloud security tool that focuses on detecting and mitigating the threat of Cloud Shadow Admins in AWS and Azure environments through its two main scanning modules: AWStealth and AzureStealth. It identifies the most privileged cloud users and helps organizations ensure these entities are secured with best practices such as strong credentials and MFA. Notably, SkyArk enables risk assessment by uncovering hidden admin accounts that may escalate privileges if left unmanaged.

AI Summary: Slowloris is a Python tool designed to execute HTTP Denial of Service attacks against threaded servers by maintaining numerous open connections through periodic header transmissions, thereby exhausting the server’s thread pool. It supports SOCKS5 proxy connections for enhanced anonymity and offers various configuration options such as socket count, random user agents, and logging verbosity to customize the attack parameters. This tool is primarily used for testing the resilience of web servers against DoS attacks.

AI Summary: The Smart Contract Auditor Tools and Techniques repository provides a compilation of resources and tools aimed at enhancing the security and auditing processes for smart contracts. It features a variety of transaction visualization tools, educational pathways for aspiring auditors, and various miscellaneous tools for detecting vulnerabilities, simulating attacks, and analyzing smart contract behavior across Ethereum and other EVM-compatible blockchains. Notably, it includes links to web-based platforms for on-chain investigation and defense against potential exploits, making it a critical resource for both new and experienced blockchain security professionals.