Skip to content

githubfoam/ubuntu_sandbox

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

127 Commits
.github/workflows
.github/workflows
 
 
scripts
scripts
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 

Repository files navigation

ubuntu_sandbox

ubuntu os matrix chain CI workflow
ubuntu os matrix compact CI workflow

Ubuntu volatility CI workflow
Ubuntu cuckoo CI workflow

/~https://github.com/actions/virtual-environments

security and data integrity tool for monitoring and alerting on file & directory changes.
/~https://github.com/Tripwire/tripwire-open-source
An extensively configurable tool providing a summary of the changes between two files or directories
/~https://github.com/airbus-seclab/diffware
In-depth comparison of files, archives, and directories
https://diffoscope.org/
Net2PCAP is a simple network-to-pcap capture file for Linux
/~https://github.com/nbareil/net2pcap
Hetty is an HTTP toolkit for security research
/~https://github.com/dstotijn/hetty
the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3
/~https://github.com/secdev/scapy
Toolbox for HPE iLO4 & iLO5 analysis
/~https://github.com/airbus-seclab/ilo4_toolbox
NAT-aware multipath tracerouting tool 
/~https://github.com/insomniacslk/dublin-traceroute

Burp Suite Community Edition,manual tools for exploring web security. Proxy your HTTPS traffic, edit and repeat requests, decode data
https://portswigger.net/burp/communitydownload
Ruby command-line interface to Burp Suite's REST API 
/~https://github.com/pentestgeek/burpcommander
Burp Commander written in Go
/~https://github.com/joanbono/Gurp
Burp Automator - A Burp Suite Automation Tool.Dynamic Application Security Testing (DAST) 
/~https://github.com/tristanlatr/burpa
A collection of scripts used to interact with the Burp Rest API
/~https://github.com/laconicwolf/Burp-API-Scripts

obfuscated meterpreter shells
/~https://github.com/smokeme/payloadGenerator

Binary code static analyser, with IDA integration
/~https://github.com/airbus-seclab/bincat
cpu_rec is a tool that recognizes cpu instructions in an arbitrary binary file. It can be used as a standalone tool, or as a plugin for binwalk
/~https://github.com/airbus-seclab/cpu_rec
Firmware Analysis Tool 
/~https://github.com/ReFirmLabs/binwalk
Firmware Analysis and Comparison Tool 
/~https://github.com/fkie-cad/FACT_core

vulnerabilities in hypervisors

American fuzzy lop is a security-oriented fuzzer that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states in the targeted binary.
https://lcamtuf.coredump.cx/afl/
GUSTAVE is a fuzzing platform for embedded OS kernels. It is based on QEMU and AFL (and all of its forkserver siblings). It allows to fuzz OS kernels like simple applications
/~https://github.com/airbus-seclab/gustave
a bare metal (type 1) VMM (hypervisor) with a python remote control API
/~https://github.com/airbus-seclab/ramooflax
/~https://github.com/airbus-seclab/ramooflax_scripts
/~https://github.com/airbus-seclab/AppVsWild
A tool dedicated to the research of vulnerabilities in hypervisors by creating unusual system configurations. 
/~https://github.com/airbus-seclab/crashos

CollabFuzz: A Framework for Collaborative Fuzzing 
/~https://github.com/vusec/collabfuzz

a free and open source tool for investigating the Dark Web
/~https://github.com/s-rah/onionscan
Extract accounts info from personal pages on various sites for OSINT purpose 
/~https://github.com/soxoj/socid-extractor
GitHub Recon
/~https://github.com/TheBinitGhimire/GitHub-Recon

C2/post-exploitation framework
/~https://github.com/loseys/BlackMamba

secures secrets used by privileged users and machine identities 
/~https://github.com/cyberark/conjur
The Secure Production Identity Framework For Everyone (SPIFFE) Project defines a framework and set of standards for identifying and securing communications between application services
/~https://github.com/spiffe/spiffe
Simple and flexible tool for managing secrets 
/~https://github.com/mozilla/sops
KSOPS - A Flexible Kustomize Plugin for SOPS Encrypted Resources
/~https://github.com/viaduct-ai/kustomize-sops

GitHub’s official command line tool
/~https://github.com/cli/cli

Docker

HTTP Desync Attack 
/~https://github.com/o-o-overflow/dc2020q-uploooadit
A production ready example Django app that's using Docker and Docker Compose
/~https://github.com/nickjj/docker-django-example

k8s

/~https://github.com/vfarcic/skaffold-demo

CVE

Proof of Concept Exploit for vCenter CVE-2021-21972
/~https://github.com/horizon3ai/CVE-2021-21972

AI

PyTorch package for the discrete VAE used for DALL·E
/~https://github.com/openai/DALL-E
DALL·E: Creating Images from Text
https://openai.com/blog/dall-e/
OpenAI Baselines: high-quality implementations of reinforcement learning algorithms 
/~https://github.com/openai/baselines
A Deep Learning based project for colorizing and restoring old images (and video!)
/~https://github.com/jantic/DeOldify
Perceptual Similarity Metric and Dataset
/~https://github.com/richzhang/PerceptualSimilarity

Storage

The Ceph File System, or CephFS
/~https://github.com/CCI-MOC/cephfs-provisioner-example

Network Automation

Network Source of Truth & Network Automation Platform
/~https://github.com/nautobot/nautobot
Nornir plugin to enable other Nautobot network automation plugins 
/~https://github.com/nautobot/nautobot-plugin-nornir
Pluggable multi-threaded framework with inventory management to help operate collections of devices
/~https://github.com/nornir-automation/nornir

Android

Mobile application testing toolkit 
/~https://github.com/nettitude/scrounger

AWS/Azure/GCP/Cloud

Serverless honeytoken
/~https://github.com/3CORESec/Trapdoor
Cloud Pentesting
/~https://github.com/TROUBLE-1/Cloud-Pentesting

log analytics,SIEM

ship data to ELK, Graylog, Loggly or some other SIEM
supports TCP and TLS based network transport and message buffering
common data sources such as the Windows Eventlog, flat files and syslog
parse and generate CSV, W3C, GELF, JSON, XML and KVP formats
https://nxlog.co/products/nxlog-community-edition

Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang
/~https://github.com/cyberark/kubesploit
Merlin is a cross-platform post-exploitation Command & Control server and agent written in Go.
/~https://github.com/Ne0nd0g/merlin

Cobalt Strike Python API 
/~https://github.com/dcsync/pycobalt

Python tool to explore PDF files
/~https://github.com/jesparza/peepdf

cuckoo
/~https://github.com/cuckoosandbox/cuckoo
https://cuckoosandbox.org/
Volatility 3: The volatile memory extraction framework
/~https://github.com/volatilityfoundation/volatility3

About

githubactions ubuntu

Topics

ubuntu matrix cuckoo volatility githubactions

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages