QeeqBox (@qeeqbox)

Top repositories

1

social-analyzer

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
JavaScript
11,527
star
2

honeypots

30 different honeypots in one package! (dhcp, dns, elastic, ftp, http proxy, https proxy, http, https, imap, ipp, irc, ldap, memcache, mssql, mysql, ntp, oracle, pjl, pop3, postgres, rdp, redis, sip, smb, smtp, snmp, socks5, ssh, telnet, vnc)
Python
666
star
3

chameleon

19 Customizable honeypots for monitoring network traffic, bots activities and username\password credentials (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres, MySQL, MSSQL, Elastic and ldap)
Dockerfile
657
star
4

analyzer

Analyze, extract and visualize features, artifacts and IoCs of files and memory dumps (Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more)
Python
267
star
5

url-sandbox

Scalable URL Sandbox for analyzing URLs and Domains from phishing attacks
Python
167
star
6

raven

Advanced Cyber Threat Map (Simplified, customizable, responsive and optimized)
JavaScript
159
star
7

docker-images

Kali and Parrot OS docker images accessible via VNC, RDP and Web
Dockerfile
111
star
8

mitre-visualizer

🧬 Mitre Interactive Network Graph (APTs, Malware, Tools, Techniques & Tactics)
Python
86
star
9

osint

Build custom OSINT tools and APIs (Ping, Traceroute, Scans, Archives, DNS, Scrape, Whois, Metadata & built-in database for more info) with this python package
Python
79
star
10

rhino

Agile Sandbox for analyzing Windows, Linux and macOS malware and execution behaviors
JavaScript
62
star
11

woodpecker

Custom security distro for remote penetration testing
51
star
12

seahorse

ELKFH - Elastic, Logstash, Kibana, Filebeat and Honeypot (HTTP, HTTPS, SSH, RDP, VNC, Redis, MySQL, MONGO, SMB, LDAP)
Python
45
star
13

image-analyzer

Interface for Image-Related Deep Learning Models (E.g. NSFW, MAYBE and SFW)
HTML
24
star
14

octopus

Pure Honeypots with an automated bash script
Shell
19
star
15

cyber-attacks

A collection of attacks metadata that were used in my previous pen-test tools
17
star
16

reports

Recent cyber attacks reports & interesting analysis files
15
star
17

APT-Malware-Reports-Set-1

Some extracted Features\IoCs\Artifacts\Patterns from APT Malware
HTML
14
star
18

pentest-labs

HTML
14
star
19

falcon

Collection of exploits that were verified by an automated system
13
star
20

two-factor-authentication-sim-swapping

An adversary may utilize a sim swapping attack for defeating 2fa authentication
11
star
21

worldmap

An interactive world-map that has been used in live Cyber Threat interfaces
JavaScript
11
star
22

two-factor-authentication-sim-cloning

An adversary may utilize a sim swapping attack for defeating 2fa authentication
11
star
23

threat-intelligence

Threat intelligence or Cyber Threat Intelligence is the process of identifying and analyzing gathered information about past, current, and future cyber threats (Collecting information about a potential threat, then analyzing that information to learn more about the negative events)
9
star
24

cyber-kill-chain

Cyber Kill Chain is a model that Lockheed Martin created for understanding (Describe the sequence of events) and stopping cyberattacks
7
star
25

ixora

Internal package for visualization
HTML
6
star
26

world-json

Multiple JSON files contain world cities with names, longitude & latitude, country, and timezone
6
star
27

automation-protocols-metadata

JSON file that contains an update metadata of Automation Protocols (Industrial control system, process automation, building automation, automatic meter reading, and automobile)
6
star
28

incident-response

Incident response is a set of steps that are used to handle the aftermath of a data breach or cyberattack
5
star
29

ics-visualizer

ICS-Visualizer is an interactive Industrial Control Systems (ICS) network graph that contains up-to-date related automation protocols metadata (Name, company, port, user manuals, external links, and mapped wireshark\namp modules and scripts).
Python
5
star
30

mobile-numbers-metadata

JSON file contains all mobile number metadata (Country, prefix, and carrier)
5
star
31

countries-metadata

JSON file contains all countries metadata (Country name, cc, a3, and flag)
4
star
32

digital-forensics

Digital Forensics is the process of finding and analyzing electronic data
4
star
33

stored-cross-site-scripting

An adversary may inject malicious content into a vulnerable target
4
star
34

cybersecurity

Cybersecurity is the measures taken to protect networks, devices, and data against cyberattacks
3
star
35

directory-listing

A threat actor may list files on a misconfigured server
3
star
36

dom-based-cross-site-scripting

A threat actor may inject malicious content into HTTP requests. The content is not reflected in the HTTP response and executed in the victim's browser.
3
star
37

vertical-privilege-escalation

A threat actor may perform unauthorized functions belonging to another user with a higher privileges level
3
star
38

ports-metadata

JSON file contains all ports metadata
3
star
39

reflected-cross-site-scripting

A threat actor may inject malicious content into HTTP requests. The content will be reflected in the HTTP response and executed in the victim's browser
3
star
40

client-side-template-injection

A threat actor may trick a victim into executing native template syntax on a vulnerable target
3
star
41

risk-management

Risk management is the process of identifying, assessing, treating, and monitoring any negative events that affect a company's ability to operate (Preventing them or minimizing their harmful impact)
3
star
42

data-compliance

Data compliance is the process of following various regulations and standards to ensure that sensitive digital assets (data) are guarded against loss, theft, and misuse
3
star
43

open-redirect

A threat actor may send a malicious redirection request for a vulnerable target to a victim; the victim gets redirected to a malicious website that downloads an executable file
3
star
44

public-ip-metadata

JSON file contains all public ip ranges with description
2
star
45

minimal-server

Asyncio websocket http server [Needed for internal testing]
Python
2
star
46

authentication-bypass

A threat actor may gain access to data and functionalities by bypassing the target authentication mechanism
2
star
47

credential-stuffing

A threat actor may guess the target credentials using a known username and password pairs gathered from previous brute-force attacks
2
star
48

horizontal-privilege-escalation

A threat actor may perform unauthorized functions belonging to another user with a similar privileges level
2
star
49

icterid-template

Icterid Webapp Template
HTML
2
star
50

threat-actors

A threat actor is any person, group, or entity that could harm to the cyber realm
2
star
51

session-hijacking

A threat actor may access the user's account using a stolen or leaked valid (existing) session identifier
2
star
52

xslt-injection

A threat actor may interfere with an application's processing of extensible stylesheet language transformations (XSLT) for extensible markup language (XML) to read or modify data on the target
2
star
53

default-credential

A threat actor may gain unauthorized access using the default username and password
2
star
54

private-ip-metadata

JSON file contains all private ip ranges with description
2
star
55

authorization-bypass

A threat actor may access the user's account using a stolen or leaked valid (existing) session identifier
2
star
56

proxy-firewall

HTTPS Proxy Firewall for testing
Python
2
star
57

two-factor-authentication-brute-force

A threat actor may lunch brute force to the two-factor authentication (2FA) logic causing unauthorized access to the target
2
star
58

session-fixation

A threat actor may trick a user into using a known session identifier to log in. after logging in, the session identifier is used to gain access to the user's account
2
star
59

xxe-injection

A threat actor may interfere with an application's processing of extensible markup language (XML) data to view the content of a target's files
2
star
60

data-security

Safeguarding your personal information (How your info is protected)
1
star
61

cross-site-request-forgery

A threat actor may trick an authenticated or trusted victim into executing unauthorized actions on their behalf
1
star
62

os-command-injection

A threat actor may inject arbitrary operating system (OS) commands on target
1
star
63

asynico-websockets-redis-server

asynico websockets redis server (Needed for internal testing)
Python
1
star
64

.github

Github Settings
1
star
65

global-scripts

Some scripts for workflows (Moved from Macaw)
Shell
1
star
66

xpath-injection

A threat actor may alter the XML path language (XPath) query to read data on the target
1
star
67

password-spraying

A threat actor may guess the target credentials using a single password with a large set of usernames against the target
1
star
68

data-classification

Data classification defines and categorizes data according to its type, sensitivity, and value
1
star
69

remote-file-inclusion

A threat actor may cause a vulnerable target to include/retrieve remote file
1
star
70

session-replay

A threat actor may re-use a stolen or leaked session identifier to access the user's account
1
star
71

security-controls

Countermeasures or safeguards for detecting, preventing, and mitigating cyber threats and attacks (Protect assets)
1
star
72

access-control

Access Control is using security techniques to protect a system against unauthorized access
1
star
73

sql-injection

A threat actor may alter structured query language (SQL) query to read, modify and write to the database or execute administrative commands for further chained attacks
1
star
74

social-engineering-methods

1
star
75

cryptography

1
star
76

malware-and-indicators-of-compromise

1
star
77

local-file-inclusion

A threat actor may cause a vulnerable target to include/retrieve local file
1
star
78

security-tools-and-technologies

1
star
79

data-states

Data states refer to structured and unstructured data divided into three categories (At Rest, In Use, and In Transit)
1
star
80

insecure-deserialization

A threat actor may tamper with a stream that gets deserialized on the target, causing the target to access data or perform non-intended actions
1
star
81

data-privacy-and-security

1
star
82

application-service-attacks

1
star
83

data-lifecycle-management

Data Lifecycle Management (DLM) is a policy-based model for managing data in an organization
1
star
84

tornado-websockets-redis-server

tornado websockets redis server (Needed for internal testing)
Python
1
star
85

identity-and-access-management

The practice of ensuring that people or objects have the right level of access to assets
1
star
86

server-side-template-injection

A threat actor may alter the template syntax on the vulnerable target to execute commands
1
star
87

captcha-bypass

captcha bypass vulnerability
1
star