1. ThreatMapper
Primary flagship: CTI-to-detection workbench, actor/TTP library, ATT&CK comparison, hunting guidance, and report workflow.
Review Path
Fastest route2. AIDebug
AI-assisted malware reverse-engineering debugger with ATT&CK candidates, YARA seeds, IOC extraction, JSON, and HTML reports.
3. CTI as a Code
Version-controlled CTI methodology and training lab with OpenCTI, TheHive, Elastic SIEM, evidence registers, and detection outputs.
4. Operation Desert Hydra
MuddyWater CTI-to-detection pipeline with OpenCTI graph, detection atlas, Kibana validation, and reproducible lab evidence.
Installable Packages
PyPI| Package | Install | Purpose | Links |
|---|---|---|---|
| AIDebug | pip install 1200km-aidebug |
Malware debugger and reverse-engineering assistant. | PyPI · Repo |
| AuditAI | pip install 1200km-auditai |
Linux host vulnerability assessment with optional AI analysis. | PyPI · Repo |
| String Analyzer | pip install string-analyzer |
Extract strings, URLs, IPs, registry keys, APIs, and analyst prompts from binaries. | PyPI · Repo |
| Unpacker | pip install 1200km-unpacker |
Packer detection and unpacking workflow for malware triage. | PyPI target · Repo |
| PE Import Analyzer | pip install pe-import-analyzer |
PE import-table capability triage for malware analysts. | PyPI target · Repo |
| FileInfo | pip install 1200km-fileinfo |
First-pass file metadata, hashes, strings, entropy, YARA, and static triage. | PyPI target · Repo |
Project Inventory
Public non-fork reposCTI & Detection
ThreatMapper, CTI Analyst Field Manual, CTI as a Code, Operation Desert Hydra, Israel Government Threat Actors CTI, CTI Detection Pack, threat-hunting hypotheses.
ATT&CKOpenCTISigma/YARAhunting
Malware & Reverse Engineering
AIDebug, String Analyzer, Unpacker, PE Import Analyzer, Android Malware Analysis, Static Malware Analysis Orchestrator, Basic File Information Gathering Script.
malware triageYARAIOCPyPI
AI Security & Offensive Labs
HexStrike AI Guide, AI Offensive research, AI-PT-Lab, StratusAI, Vulnerable Cloud Lab, Vulnerable APK, DragonRx Lab, RTSP and password tooling.
authorized labsMCPcloudAD
Professional & Portfolio
Main site, start-here, Medium Blog Navigator, CV, About, project landing pages, and reading paths for different reviewer roles.
portfolioreading pathsGitHub profile
External Submission Status
Community discovery| Project | Status | Submitted To | Links |
|---|---|---|---|
| ThreatMapper | Submitted | awesome-threat-intelligence, awesome-mitre-attack, awesome-detection-engineering, awesome_Threat-Hunting | PR · PR · PR · PR |
| AIDebug | Submitted | awesome-reversing, awesome-yara, awesome-python-security, awesome-malware-analysis, REMnux, BlackArch | PR · PR · REMnux · BlackArch |
| StratusAI | Submitted | awesome-gpt-security, Kali packaging tracker | PR · Tracker |
| AuditAI | Submitted | awesome-gpt-security, OWASP/Kali evaluation path | PR · Tracker |
| CTI Field Manual / MCP / Detections | Submitted | awesome-threat-intelligence, SigmaHQ, MISP Galaxy | Field Manual · CTI MCP · Sigma · MISP |
| HexStrike Guide | Submitted | Official HexStrike AI repository | PR #187 |
| Lab Portfolio | Submitted | Awesome Vulnerable Labs, vulnerable apps, AI/LLM security, cloud security, mobile security, threat detection, cyber range, blue team, general cybersecurity | Labs · Vulnerable apps · LLM · AI · Cloud · Cloud 2 · Mobile · Mobile 2 · Detection · Range · Blue team · General |
Status is intentionally conservative: items stay marked as submitted until an upstream maintainer merges, accepts, or explicitly rejects the contribution.
Article Clusters
Medium and InfoSec Write-upsCTI-to-Detection
ThreatMapper, CTI as a Code, Customer-Driven AI CTI, attribution methodology, ATT&CK usage, infrastructure pivoting, and detection handoff.
Malware Analysis
AIDebug, Android APK triage, strings, PE imports, unpacking, static orchestrator workflows, and YARA/IOC-ready analyst outputs.
AI Offensive Security
HexStrike MCP, Cursor, Gemini, OpenAI Codex, local Ollama workflows, controlled labs, and defender takeaways.
Cloud, Identity, and Anomaly
StratusAI, vulnerable cloud labs, Kubernetes security, ITDR, UEBA, insider threat, anomaly detection, and CVSS prioritization.