Security Tools

calendar Oct 12, 2025 · 7 min read ·
Share: linkedin copy

A collection of security tools, automation scripts, and utilities I’ve developed and use regularly. All tools are cross-platform where possible and focus on defensive security, monitoring, and automation.

OSINT Intelligence Framework

Comprehensive OSINT Collection Suite

Language: Python

Purpose: All-in-one Open Source Intelligence gathering framework for security research

cd scripts/osint-framework
python3 osint.py --domain example.com
python3 osint.py --email user@example.com
python3 osint.py --username johndoe
python3 osint.py --ip 8.8.8.8

Features:

  • Domain Intelligence - DNS enumeration, WHOIS, subdomain discovery, certificate transparency
  • Email Intelligence - Validation, breach checking (EmailRep.io), reputation analysis
  • IP Intelligence - Geolocation, ASN lookup, reputation checks, cloud provider detection
  • Username Search - Cross-platform enumeration (20+ platforms: GitHub, Twitter, LinkedIn, etc.)
  • Website Analysis - Headers, tech stack detection, SSL inspection, security compliance
  • Metadata Extraction - EXIF data, PDF metadata, document analysis

API Requirements: Works with free APIs (no keys needed). Optional API keys for extended features.

Documentation: View on GitHub →

Network Security

License: MIT License (view) Usage Terms: Subject to Terms of Service

Port Scanner (Basic)

Language: Python

Purpose: Fast multi-threaded port scanner with service detection

GitHub: View Source →

python3 port_scanner.py target.com -p 1-1000 -t 100

Features:

  • Multi-threaded scanning
  • Service detection
  • Banner grabbing
  • Customizable timeout and thread count

Port Scanner (Enhanced)

Language: Python

Purpose: Advanced port scanner with colored output and filtering options

GitHub: View Source →

# Scan with colored output
python3 port_scanner_enhanced.py example.com -p 1-1000

# Show only open ports
python3 port_scanner_enhanced.py example.com -p 1-65535 --open-only

Features:

  • All features from basic port scanner
  • Color-coded output (green for open, red for closed)
  • --open-only flag for cleaner output
  • Better error handling and reporting
  • Summary statistics

SSL/TLS Certificate Analyzer

Language: Python

Purpose: Analyze SSL/TLS certificates and security configurations

GitHub: View Source →

python3 ssl_analyzer.py example.com

Checks:

  • Certificate validity and expiration
  • TLS version in use
  • Cipher suite details
  • Subject and issuer information
  • Subject Alternative Names (SAN)

Network Diagnostics Tool

Language: Python

Purpose: Comprehensive network diagnostics and troubleshooting

GitHub: View Source →

python3 network_diagnostics.py example.com --all

Features:

  • DNS lookup
  • Ping test
  • Port connectivity checks
  • Traceroute with cross-platform support
  • Detects local vs. remote networks
  • Smart timeouts

Security Monitoring

License: MIT License (view) Usage Terms: Subject to Terms of Service

Security Header Checker

Language: Python

Purpose: Validate HTTP security headers for web applications

GitHub: View Source →

python3 header_check.py https://example.com

Validates:

  • Content-Security-Policy (CSP)
  • Strict-Transport-Security (HSTS)
  • X-Frame-Options
  • X-Content-Type-Options
  • Referrer-Policy
  • Permissions-Policy
  • X-XSS-Protection

Output: Security score (0-100%) with detailed findings

File Integrity Monitor

Language: Python

Purpose: Detect unauthorized file changes by comparing hashes to a baseline

GitHub: View Source →

# Create baseline
python3 file_integrity_monitor.py /var/www --create-baseline

# Check for changes
python3 file_integrity_monitor.py /var/www --check

Features:

  • SHA-256 hash comparison
  • Detects new, modified, and deleted files
  • Pattern-based file exclusions
  • Baseline storage in JSON format
  • Color-coded change reporting

Threat Intelligence Checker

Language: Python

Purpose: Check IP addresses against AbuseIPDB threat intelligence feed

GitHub: View Source →

# Check single IP
python3 threat_intel_checker.py -i 192.168.1.1

# Check multiple IPs
python3 threat_intel_checker.py -i 8.8.8.8 1.1.1.1

# Check IPs from file
python3 threat_intel_checker.py -f suspicious_ips.txt

Features:

  • AbuseIPDB API integration
  • Abuse confidence scoring
  • Malicious IP detection
  • Batch IP checking
  • Detailed threat reports (country, ISP, last reported)

Requirements: Free AbuseIPDB API key

Log Analyzer

Language: Python

Purpose: Parse and analyze security logs for suspicious activity

GitHub: View Source →

# Analyze SSH logs
python3 log_analyzer.py -f /var/log/auth.log -t ssh

# Analyze Apache logs
python3 log_analyzer.py -f /var/log/apache2/access.log -t apache

Features:

  • SSH Log Analysis: Failed login attempts, suspicious patterns, IP frequency
  • Apache Log Analysis: 4xx/5xx errors, attack patterns, sensitive file access
  • Pattern-based threat detection
  • IP-based attack tracking
  • Color-coded findings

Detects:

  • Brute force attempts
  • SQL injection patterns
  • Path traversal attempts
  • Sensitive file access (/.env, /config, /admin)

AWS S3 Security Checker

Language: Python

Purpose: Audit AWS S3 buckets for security misconfigurations

GitHub: View Source →

# Check single bucket
python3 s3_security_checker.py my-bucket

# Check with specific AWS profile
python3 s3_security_checker.py my-bucket --profile production

Validates:

  • Public access block configuration
  • Bucket ACL settings
  • Bucket policy analysis
  • Encryption at rest
  • Versioning status
  • Logging configuration
  • MFA delete protection

Features:

  • Automatic website hosting detection
  • Context-aware recommendations
  • Color-coded security status
  • AWS profile support

Requirements: AWS credentials configured, boto3 Python library

Linux Security Audit

Language: Bash

Purpose: Generate security audit report from Linux system logs

GitHub: View Source →

./audit_security.sh -t 24 -o /var/reports/security-audit.html

Detects:

  • Failed SSH login attempts
  • Successful root logins
  • Sudo command usage
  • New user accounts created
  • Failed sudo attempts
  • Unauthorized SSH keys
  • Open network ports

Export: HTML report with color-coded warnings

Windows Security Audit

Language: PowerShell

Purpose: Comprehensive Windows Event Log security analysis

GitHub: View Source →

.\Get-SecurityAuditReport.ps1 -ComputerName "SERVER01" -Hours 48 -ExportPath "C:\Reports\security.html"

Monitors:

  • Failed login attempts (Event ID 4625)
  • Account lockouts (Event ID 4740)
  • New account creation (Event ID 4720)
  • Account deletion (Event ID 4726)
  • Privilege escalation (Event ID 4672)
  • Policy changes

Output: Terminal output + optional HTML report

System Monitoring & Reporting

License: MIT License (view) Usage Terms: Subject to Terms of Service

System Health Check

Language: Python

Purpose: Cross-platform system health monitoring (Windows, Linux, macOS)

GitHub: View Source →

python3 system_health_check.py --cpu-warn 80 --mem-warn 80 --export-json /tmp/health.json

Monitors:

  • CPU usage with configurable thresholds
  • Memory usage and availability
  • Disk space across all partitions
  • Network connectivity (internet check)
  • System uptime

Export: JSON or CSV format Exit Codes: 0 (healthy), 1 (warning), 2 (critical)

System Inventory

Language: Python

Purpose: Generate comprehensive system inventory reports

GitHub: View Source →

python3 system_inventory.py --json inventory.json --csv inventory.csv

Collects:

  • System information (OS, architecture, processor)
  • CPU details (cores, frequency)
  • Memory statistics
  • Disk information (all partitions)
  • Network interfaces and IP addresses
  • Boot time and uptime

Export: JSON and/or CSV format

Automation & Infrastructure

License: MIT License (view) Usage Terms: Subject to Terms of Service

Backup Automation Suite

Language: Bash

Purpose: Automated backup solution with compression and rotation

GitHub: View Source →

./backup_automation.sh /etc/backup.conf

Features:

  • Incremental and full tar backups
  • Gzip compression
  • Configurable retention policy
  • Pattern-based exclusions
  • Size reporting
  • Error handling

Configuration:

  • Source/destination directories
  • Retention period (days)
  • Compression settings
  • Exclude patterns

Microsoft 365 Health Monitor

Language: PowerShell

Purpose: Monitor Microsoft 365 service health and generate reports

GitHub: View Source →

.\m365_health_monitor.ps1 -TenantId "your-tenant-id" -ReportPath "C:\Reports"

Monitors:

  • Service health status (all M365 services)
  • Active incidents
  • Service degradation
  • HTML report generation

Requires: Microsoft.Graph PowerShell module

Development & Testing

API Endpoint Testing

Purpose: Test and validate API endpoint behavior Status: Coming soon

Usage Requirements

Python Tools

Most Python tools require:

  • Python 3.7+
  • Standard library (included)
  • Optional dependencies (install as needed):
    • psutil - System monitoring tools
    • colorama - Colored terminal output
    • requests - HTTP/API tools (OSINT, threat intel, header checker)
    • boto3 - AWS S3 security checker
# Install all optional dependencies
pip install psutil colorama requests boto3

# Or install individually as needed
pip install psutil colorama requests
pip install boto3  # For AWS tools only

Bash Tools

  • Bash 4.0+ (macOS ships with Bash 3.2, use Homebrew for newer version)
  • Standard Unix utilities (grep, awk, sed, tar, gzip)

PowerShell Tools

  • PowerShell 5.1+ (Windows)
  • PowerShell 7+ (Cross-platform)
  • Appropriate Windows event log permissions

Available on GitHub

All tools listed on this page are available in this website’s repository: GitHub Repository: github.com/Glyph-SH/website

Browse the scripts directly:

Note: Some enterprise tools are private or under NDA

Security Notice

All tools are designed for defensive security purposes only:

  • Security auditing your own systems
  • Monitoring authorized infrastructure
  • Compliance and vulnerability scanning
  • Unauthorized access or exploitation is prohibited
  • Attacking third-party systems is prohibited

Always obtain proper authorization before scanning or testing any systems.

Legal & Compliance: Before using any tools, review our legal documentation:

Contributing

Found a bug or have a feature request? Feel free to:

  • Open an issue on GitHub
  • Submit a pull request
  • Contact me via email

License

Unless otherwise specified, tools are released under MIT License.

See the Software License page for complete license text and third-party license information, or check individual tool repositories for specific licensing details.

Last Updated: October 31, 2025