This is a central metadata index of all of the data available in IMPACT from our federation of Providers.
If you were hoping to find specific data, but didn't please contact us at Contact@ImpactCyberTrust.org and we will see if we can make it available to you.
Note: You must log in to request data.
Map of US long-haul infrastructure ... Materials in this archive relate to the paper by Durairajan et al. entitled "InterTubes: A Study of the US Long-haul F...
Synthesized traffic presenting twelve potential insider threat scenarios, six true and six false positives. ... The Insider Threat Data Corpus consists o...
Firewall/IDS logs from 1700+ networks ... DSHIELD.ORG is research effort funded by SANS Institute as part of its Internet Storm Center. DSHIELD??s objective...
Network maps shapefile archive ... This data set consists of an gzip archive of shapefiles for maps of a selection of 50 network service provider networks fr...
BGP Updates and Tables ... The University of Wisconsin maintains an external BGP peering session with the campus border router. Updates from this session ar...
US coastal network infrastructure map shapefile ... This data set is a shapefile for coastal network infrastructure in the US. This data set was used to con...
Network Time Protocol (NTP) packet traces ... This dataset is comprised of NTP log data collected from the NTP server infrastructure at the Wisconsin. Each ...
US metro fiber network maps ... This data set consists of an gzip archive of shapefiles for maps of a selection of 48 metro fiber network maps in the US. ...
Web Cookies ... The cookies in this data set were gathered from crawls of the top 100K Alexa web sites conducted in November, 2013 and April, 2015. Due to pa...
Internet outage/attack/congestion event log ... This dataset contains details about the events detected by the BigBen internet-wide event monitoring system d...
Acra is a database security suite for data-driven apps: database proxy with strong selective encryption, search through encrypted data, SQL injections preven...
Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !) ... Androguard is a full python tool to play with Android f...
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs. ... Supported data sources for Beagle include ...
BoNeSi, the DDoS Botnet Simulator, is a Tool to simulate Botnet Traffic in a testbed environment on the wire. It is designed to study the effect of DDoS atta...
BriarIDS is an All-In-One home intrusion detection system (IDS) solution for the Raspberry PI. ... A simple yet effective IDS for the Raspberry PI. BriarIDS ...
Complete Mandiant Offensive VM (Commando VM), the first full Windows-based penetration testing virtual machine distribution. ... Born from our popular FLARE ...
Conpot is an ICS honeypot with the goal to collect intelligence about the motives and methods of adversaries targeting industrial control systems ... ConpotF...
Cowrie is a medium interaction SSH and Telnet honeypot designed to log brute force attacks and the shell interaction performed by the attacker. Cowrie also f...
Cuckoo Sandbox is an automated dynamic malware analysis system ... Cuckoo Sandbox is the leading open sourceautomated malware analysis system. You can throw ...
The Cyberprobe project is an open-source distributed architecture for real-time monitoring of networks against attack. ... The probe, cyberprobe has the foll...
The CyberVAN testbed provides a testing and experimentation environment to support cyber security research. ... CyberVAN provides the highest fidelity repres...
Darknet is an open source neural network framework written in C and CUDA. ... Darknet apply a single neural network to the full image. This network divides t...
Dawnscanner is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks. ... Dawnscann...
Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious...
dnstwist is a domain name permutation engine for detecting typo squatting, phishing and corporate espionage. ... dnstwist takes in your domain name as a seed...
A malware/botnet analysis framework written in Ruby. ... Dorothy2 is a framework created for suspicious binary analysis. Its main strengths are a very flexib...
A framework based on the Fiddler web debugger to study Exploit Kits, malvertising and malicious traffic in general. ...
Expose is an Intrusion Detection System for PHP loosely based on the PHPIDS project (and using its ruleset for detecting potential threats). ... Expose allow...
Automatically extract obfuscated strings from malware. ... Rather than heavily protecting backdoors with hardcore packers, many malware authors evade heurist...
This tool evaluates various methods for scheduling the fuzzing of program pairs. The key feature of the system is that comprehensive data on fuzzing all pair...
GEF - GDB Enhanced Features for exploit devs & reversers ... GEF is a set of commands for x86/64, ARM, MIPS, PowerPC and SPARC to assist exploit developers a...
Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute p...
Hale is a botnet command & control monitor/spy with a modular design to easily develop new modules that monitor new protocols used by C&C servers ... The mai...
Honeytrap is an extensible and opensource system for running, monitoring and managing honeypots. ... Features of HoneyTrap: Combine multiple services to one...
This is a free malware analysis service for the community that detects and analyzes unknown threats using a unique Hybrid Analysis technology. ... The Hybrid...
Infection Monkey is an open source Breach and Attack Simulation tool to evaluate the security posture of your network. ... The Infection Monkey is an attack ...
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol. ... IntelMQ is a solution for IT s...
Justniffer is a network protocol analyzer that captures network traffic and produces logs in a customized way. ... Justniffer can emulate Apache web server l...
King Phisher is a tool for testing and promoting user awareness by simulating real world phishing attacks. ... King Phisher features an easy to use, yet very...
Kippo is a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker....
Libnet provides a portable framework for low-level network packet construction. ... Libnet is an API to help with the construction and handling of network pa...
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, networ...
Malicious traffic detection system ... Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/o...
Mozilla's real-time digital forensics and investigation platform. ... MIG is a platform to perform investigative surgery on remote endpoints. It enables inve...
MISP (core software) - Open Source Threat Intelligence Platform (formely known as Malware Information Sharing Platform) ... MISP is an open source software s...
Mobile Security Framework is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static analysis, d...
Modlishka is a powerful and flexible HTTP reverse proxy. ... Modlishka implements an entirely new and interesting approach of handling browser-based HTTP tra...
Moloch is a large scale, open source, indexed packet capture and search system. ... Moloch augments your current security infrastructure to store and index n...
NetWorkPacketCapture is a tool used to capture network packet via Android VPN. ... NetWorkPacketCapture has the ability to: It can display every network conn...
Nishang - Offensive PowerShell for red team, penetration testing and offensive security. ... Nishang is a framework and collection of scripts and payloads w...
Nmap ("Network Mapper") is a free and open source utility for network discovery and security auditing. ... Nmap uses raw IP packets in novel ways to determin...
Stop denial of service attacks, configurable allowable burst rate. ... Configurable Denial-Of-Service prevention for http services.
OpenCTI is an open source platform allowing organizations to manage its cyber threat intelligence knowledge and observables. ... OpenCTI has been created in ...
OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also ...
OpenVAS is a full-featured vulnerability scanner. ... The capabilities of OpenVAS include unauthenticated testing, authenticated testing, various high level ...
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real...
PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It provides C++ wrappers for packet processing engines su...
A Network Forensics Tool to visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and fi...
PhishTank is a community site that houses user-submitted phishing data ... PhishTank is a collaborative clearing house for data and information about phishin...
PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application ... ...
OpenWrt package for copying network packets without IPtables. ... A package that sends copies of network packets from your OpenWrt router to another device o...
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. ... A detailed overview of system activity w...
Psad is an Intrusion Detection and Log Analysis with iptables ... The Port Scan Attack Detector psad is a lightweight system daemon written in is designed to...
Exploit Development and Reverse Engineering with GDB Made Easy ... pwndbg is a GDB plug-in that improves debugging with GDB, with a focus on features needed ...
pythem is a multi-purpose pentest framework written in Python. ... pythem can test multiple different types of attacks and phishing instances such as: ARP s...
A tool for detecting regular expression denial-of-service vulnerabilities in Android apps. ... The tool requires a regular expression analyzer.Currently, the...
RegEx Denial of Service (ReDos) Scanner ... Helps find regular expressions susceptible to denial of service attacks.
Santa is a binary whitelisting/blacklisting system ... Santa consists of a kernel extension that monitors for executions, a userland daemon that makes execu...
Security Onion is a Linux distro for intrusion detection, enterprise security monitoring, and log management. ... Security Onion is a free and open source Li...
Generic Android Deobfuscator. Simplify virtually executes an app to understand its behavior and then tries to optimize the code so that it behaves identicall...
Sparta is a network infrastructure penetration testing tool ... SPARTA is a python GUI application which simplifies network infrastructure penetration testin...
SubFinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe ...
tcpdump is a tool for network monitoring and data acquisition. ... Tcpdump uses libpcap, a system-independent interface for user-level packet capture. The pr...
Python telnet honeypot for catching botnet binaries ... This project implements a python telnet server trying to act as a honeypot for IoT Malware which spre...
The Sleuth Kit (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The libra...
A repository of LIVE malware for your own joy and pleasure. theZoo's objective is to offer a fast and easy way of retrieving malware samples and source code ...
Turbinia is an open-source framework for deploying, managing, and running distributed forensic workloads. ... Turbinia is intended to automate running of com...
The Ultimate Hosts Blacklist is a curated Unified Hosts file for protecting your computer or device against over several hundred thousand bad web sites ... T...
Modern web applications make frequent use of third-party scripts, often in ways that allow scripts loaded from external servers to make unrestricted changes ...
USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use polici...
Volatility is an advanced memory forensics framework. ... The Volatility Framework is a completely open collection of tools,implemented in Python under the G...
Waidps is a wireless Auditing, Intrusion Detection & Prevention System ... WAIDPS is an open source wireless swissknife written in Python and work on Linux e...
Tor is a tool that is susceptible to website fingerprinting ... When browsing the web, many users would prefer to have privacy. Clients who wish to avoid beh...
Wireshark is the world's foremost and widely-used network protocol analyzer. ... Wireshark lets you see what's happening on your network at a microscopic lev...
Xplico is an open source network forensic analysis tool ... The goal of Xplico is extract from an internet traffic capture the applications data contained. F...