Skip to content
@qeeqbox

QeeqBox

State-of-the-art opensource projects and services for red, purple, and blue teams
README.md

Pinned

  1. social-analyzer Public

    API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

    JavaScript 9.6k 742

  2. analyzer Public

    Analyze, extract and visualize features, artifacts and IoCs of files and memory dumps (Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more)

    Python 195 56

  3. honeypots Public

    25 different honeypots in a single pypi package! (dns, ftp, httpproxy, http, https, imap, mysql, pop3, postgres, redis, smb, smtp, socks5, ssh, telnet, vnc, mssql, elastic, ldap, ntp, memcache, snm…

    Python 255 59

  4. url-sandbox Public

    Scalable URL Sandbox for analyzing URLs and Domains from phishing attacks

    Python 118 41

  5. raven Public

    Advanced Cyber Threat Map (Simplified, customizable, responsive and optimized)

    JavaScript 111 36

  6. chameleon Public

    19 Customizable honeypots for monitoring network traffic, bots activities and username\password credentials (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNE…

    Dockerfile 521 106

Repositories

  • cross-site-request-forgery Public

    A threat actor may trick an authenticated or trusted victim into transmitting unauthorized actions on their behalf

    1 0 0 0 Updated Dec 23, 2022
  • captcha-bypass Public

    A threat actor may bypass the Completely Automated Public Turing test to tell Computers and Humans Apart (captcha) by breaking the solving logic, human-assisted solving services, or utilizing automated technology

    1 0 0 0 Updated Dec 23, 2022
  • horizontal-privilege-escalation Public

    A threat actor may perform unauthorized functions belonging to another user with a similar privileges level

    2 1 0 0 Updated Dec 23, 2022
  • vertical-privilege-escalation Public

    A threat actor may perform unauthorized functions belonging to another user with a higher privileges level

    3 1 0 0 Updated Dec 23, 2022
  • reflected-cross-site-scripting Public

    A threat actor may inject malicious content into HTTP requests. The content will be reflected in the HTTP response and executed in the victim's browser

    3 1 0 0 Updated Dec 23, 2022
  • stored-cross-site-scripting Public

    An adversary may inject malicious content into a vulnerable target

    3 1 0 0 Updated Dec 23, 2022
  • directory-listing Public

    A threat actor may list files on a misconfigured server

    3 0 0 0 Updated Dec 23, 2022
  • dom-based-cross-site-scripting Public

    A threat actor may inject malicious content into HTTP requests. The content is not reflected in the HTTP response and executed in the victim's browser.

    3 1 0 0 Updated Dec 23, 2022
  • credential-stuffing Public

    A threat actor may guess the target credentials using a known username and password pairs gathered from previous brute-force attacks

    2 0 0 0 Updated Dec 23, 2022
  • password-spraying Public

    A threat actor may guess the target credentials using a single password with a large set of usernames against the target

    1 0 0 0 Updated Dec 23, 2022
View all repositories
Developer Program Member