capa is a static analysis tool that scans executable files to identify what a program can do, detecting capabilities such as API calls, byte sequences, and structural patterns without executing the code. It supports multiple file formats including PE, ELF, .NET, and shellcode, and can also process runtime behavior traces from sandbox reports generated by CAPE, DRAKVUF, or VMRay. The tool integrates directly with reverse engineering environments through plugins for IDA Pro and Ghidra, allowing analysts to view capability matches and author detection rules within their disassembler of choice. C
Osmedeus is a security workflow orchestration engine that coordinates AI agents, shell commands, and scanning tools through declarative YAML pipelines. It functions as a distributed security scanner, a declarative workflow automator, and an AI agent framework for security, enabling automated multi-step security analysis with conditional branching, parallel execution, and distributed workers. The engine distinguishes itself through a hybrid runner model that executes workflow steps on the local host, inside Docker containers, or over SSH to remote machines, selected per step or module. It supp
Arnis is a web-based world builder and geographic data converter that translates open mapping and topographic data into three-dimensional digital maps. It functions as an OpenStreetMap terrain generator, converting real-world elevation and geographic data into playable 3D worlds. The project distinguishes itself by providing a browser-based interface for world generation, allowing users to select geographic areas and generate terrain without installing local software. It includes a cross-platform map exporter capable of producing world files compatible with various software versions and opera