https://github.com/riccio8/ThreatLab
Collection of tools for security purpouse
https://github.com/riccio8/ThreatLab
assembly cpp cybersecurity golang memo net network processes python security security-tools yara
Last synced: 5 months ago
JSON representation
Collection of tools for security purpouse
- Host: GitHub
- URL: https://github.com/riccio8/ThreatLab
- Owner: riccio8
- License: gpl-3.0
- Created: 2024-08-02T12:31:14.000Z (11 months ago)
- Default Branch: main
- Last Pushed: 2024-12-20T15:20:32.000Z (6 months ago)
- Last Synced: 2024-12-20T15:25:06.906Z (6 months ago)
- Topics: assembly, cpp, cybersecurity, golang, memo, net, network, processes, python, security, security-tools, yara
- Language: Go
- Homepage:
- Size: 93.3 MB
- Stars: 5
- Watchers: 1
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Security: SECURITY.md
Awesome Lists containing this project
README
---
# Offensive & Defensive Tools Repository
 [](https://github.com/riccio8/Offensive-defensive-tools/actions/workflows/codeql.yml)  
[](https://www.gnu.org/licenses/gpl-3.0)
## **Overview**
This repository includes a collection of tools, resources and libraries designed for offensive and defensive security operations, covering areas such as process and memory analysis, network security, vulnerability detection, and exploit development. It provides a versatile set of resources for researchers, cybersecurity professionals, and developers.
## **Directory Structure**
- **`lib/`**: Core libraries and DLLs for various security-related tasks.
- Includes C++, Python, Go, and Assembly-based libraries for memory, network, and sandboxing functionalities.
- **`shellcodes/`**: Pre-built shellcode examples for penetration testing and exploit development.
- Contains scripts for reverse shells, directory hiding, and more.
- **`src/`**: Main source files for various projects.
- **`Mem/`**: Tools for memory analysis, hex viewers, ROP chain detection, and system calls management.
- **`net/`**: Network-related utilities focusing on DOS/DDOS testing and network resilience.
- **`processes/`**: Process monitoring and manipulation tools, including privilege escalation scripts and anti-debugging mechanisms.
- **`resources/`**: That's a directory containing documents, videos and some other resources than may help u understanding deeply some args, for both beginners and advanced
- **`rules/`**: YARA rules for malware detection, ransomware identification, keylogging detection, and other threat signatures.
## **Key Features**
- **Process & Memory Analysis**:
Identify and analyze running processes, heap memory, and vulnerabilities in real-time.
- **Network Security Tools**:
Utilities designed to simulate and analyze various network threats like DOS and DDOS attacks.
- **Sandboxing**:
Isolated environments for malware testing and secure code execution.
- **Cross-Platform Capabilities**:
Primarily focused on Windows, with some support for Linux environments.
## **Technologies Used**
- **Assembly**: For low-level system manipulation.
- **C++**: High-performance process and memory handling tools.
- **Golang**: Lightweight and efficient network and process utilities.
- **Python**: Scripting for process automation and vulnerability detection.
- **YARA**: Advanced threat detection through rule-based signatures.
## **Disclaimer**
⚠️ **Disclaimer**: All tools in this repository are intended for **educational and legal security research purposes only**. Misuse of these tools for malicious purposes is strictly prohibited. The author takes no responsibility for any illegal use.
---
*Note: Continuous improvement is ongoing, especially for assembly-related tools!*