There are no reviews yet. Be the first to send feedback to the community and the maintainers!
cloudmapper
CloudMapper helps you analyze your Amazon Web Services (AWS) environments.parliament
AWS IAM linting librarywebauthn
WebAuthn (FIDO2) server library written in Gocloudtracker
CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.py_webauthn
Pythonic WebAuthn ๐webauthn.io
The source code for webauthn.io, a demonstration of WebAuthn.EFIgy
A small client application that uses the Duo Labs EFIgy API to inform you about the state of your Mac EFI firmwaredlint
Dlint is a tool for encouraging best coding practices and helping ensure we're writing secure Python code.markdown-to-confluence
Syncs Markdown files to Confluenceisthislegit
Dashboard to collect, analyze, and respond to reported phishing emails.idapython
A collection of IDAPython modules made with ๐ by Duo Labschrome-extension-boilerplate
Boilerplate code for a Chrome extension using TypeScript, React, and Webpack.secret-bridge
Monitors Github for leaked secretsapple-t2-xpc
Tools to explore the XPC interface of Apple's T2 chiptwitterbots
The code used in the "Don't @ Me: Hunting Twitter Bots at Scale" Black Hat presentationcloudtrail-partitioner
phish-collect
Python script to hunt phishing kitsphinn
A toolkit to generate an offline Chrome extension to detect phishing attacks using a bespoke convolutional neural network.xray
X-Ray allows you to scan your Android device for security vulnerabilities that put your device at risk.android-webauthn-authenticator
A WebAuthn Authenticator for Android leveraging hardware-backed key storage and biometric user verification.appsec-education
Presentations, training modules, and other education materials from Duo Security's Application Security team.mysslstrip
CVE-2015-3152 PoClookalike-domains
generate lookalike domains using a few simple techniques (homoglyphs, alt TLDs, prefix/suffix)apk2java
Automatically decompile APK's using Dockerjournal
The boilerplate for a new Journal sitesrtgen
Automatic '.srt' subtitle generatormarkflow
Make your Markdown sparkle!neustar2mmdb
Tool to convert Neustar's GeoPoint data to Maxmind's GeoIP database format for ease of use.narrow
Low-effort reachability analysis for third-party code vulnerabilities.datasci-ctf
A capture-the-flag exercise based on data analysis challengesduo-blog-going-passwordless-with-py-webauthn
tutorials
sharedsignals
Python tools for using OpenID's Shared Signals Framework (including CAEP)chain-of-fools
A set of tools that allow researchers to experiment with certificate chain validation issuesjournal-cli
The command-line client for Journalunmasking_data_leaks
The code from the talk "Unmasking Data Leaks: A Guide to Finding, Fixing, and Prevention" given at BSides SATX 2019.journal-theme
The Hugo theme that powers Journalgolang-workshop
Source files for a Golang Workshopvimes
A local DNS proxy based on CoreDNS.journal-docs
The documentation for Journaldlint-plugin-example
An example plugin for dlinttwitterbots-wallpapers
Wallpapers created from the crawlers in our "Don't @ Me" technical research paperholidayhack-2019
Scripts and artifacts used to solve the 2019 SANS Holiday Hack ChallengeLove Open Source and this site? Check out how you can help us