Awesome
Awesome Active Defense
an awesome list of active defense resources
Contents
Related Lists
- Awesome Honeypots - List of honeypot resources.
Resources
- Offensive Countermeasures: The Art of Active Defense - Book about the methodology of active defense using ADHD (see next item).
- Active Defense Harbinger Distribution (ADHD) - Linux distribution with many of these tools pre-installed. Useful for lab settings.
- ADHD Documentation - Contains usage scenarios and examples for tools in ADHD.
Annoyance
- Artillery - A blue team tool designed to protect Linux and Windows operating systems through multiple methods
- Bear Trap - A portable network defense utility
- Cowrie - A medium to high interaction SSH and Telnet honeypot
- DenyHosts - A utility to thwart SSH brute force attacks
- Honey Ports - A cross-platform HoneyPort solution
- OsChameleon - A tool that hides the fingerprint of modern linux kernels from tools such as nmap (Currently Python 2 only)
- PHP-HTTP-Tarpit - A tool designed to confuse and trap misbehaving webspiders
- Portspoof - A utility to supplement firewalls that attempts to slow an attacker's recon processes
- PSAD - An intrusion detection and log analysis tool
- Rubberglue - An evolution of the honeyports concept
- Spidertrap - A tool to trap web crawlers and spiders
- TcpRooter - A script that displays all ports as open upon being scanned
- Weblabyrinth - A tool that creates a maze of web pages to confuse web scanners
- Wordpot - A script that detects bots for wordpress installations
Attribution
- CanaryTokens - A service for injecting beacons into files
- Decloak - A tool to identify the real IP address of a web user regardless of proxy settings
- Honeybadger - A framework for targeted geolocation
- Jar-Combiner - A tool to combine Java applets
- OpenCanary - A program to host a local CanaryTokens server
- RITA - An open source framework for network traffic analysis (Currently not installed on ADHD4)
- Web Bug Server - A tool for embedding web bugs inside word processing documents
Attack
- Beef - A tool for browser exploitation
- Gcat - A tool for establishing and controlling C2 channels via gmail
- Ghostwriting.sh - A tool for bypassing antivirus protections
- Java-Web-Attack - A standalone version of a similar tool in SET
- Recon-ng - A framework for passive recon
- SET - A framework for social engineering