Matt Burdan's Projects
Transparently tunnel your IP traffic through ICMP echo and reply packets.
Public version of PagerDuty's Incident Response Documentation.
Script to install the latest versions of some fine GNOME 3 themes
Data Exfiltration and Command Execution via AAAA Records
Reboot in seconds, not minutes
A Go standard library for Kolide projects
Twitch/Discord boterator
Distribute different AWS IAM credentials to different pods in Kubernetes via secrets.
Production-Grade Container Scheduling and Management
LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android. The tool supports acquiring memory either to the file system of the device or over the network. LiME is unique in that it is the first tool that allows full memory captures from Android devices. It also minimizes its interaction between user and kernel space processes during acquisition, which allows it to produce memory captures that are more forensically sound than those of other tools designed for Linux memory acquisition.
A post-exploitation powershell tool for extracting juicy info from memory.
Leaked Mirai Source Code for Research/IoC Development Purposes
Moloch is a open source large scale full PCAP capturing, indexing and database system.
Real-time performance monitoring, done right!
Linux networking examples and tutorials
Incident Response Forensic Framework
Noriben - Portable, Simple, Malware Analysis Sandbox
Code to accompany the "Namespaces in Go" series of articles.
Tools for streamz
SQL powered operating system instrumentation, monitoring, and analytics.
An osquery extension that allows for the retrieval of AWS tags
A repository for using osquery for incident detection and response
An osquery config plugin to read from a configuration file stored in an AWS s3 bucket
An osquery table to read the contents from a zip file
A forensic evidence collection & analysis toolkit for OS X
Filters that process and transform the output of osxcollector
OS X Strata builds upon Yelps OSXCollector, providing a user interface to analyze data collected from a potentially compromised system.
PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, powerful BYOD management options, 802.1X support, layer-2 isolation of problematic devices; PacketFence can be used to effectively secure networks small to very large heterogeneous networks.