Login
As a small MCP research project, Iβve built a MCP server to interact with Elasticsearch where Sysmon logs are shipped. This allows LLM to perform log analysis to identify potential threats and malicious activities π€
EDR Blocker - A simple tool which performs Person-in-the-Middle attack using ARP spoofing, sniffs the TLS handshakes, create iptables DROP rules based on the Server Name Indicator (SNI) in TLS Client Hello packets.
FreshRSS 