Open Security Resources

Security Resources & Tools

Access our complete library of open-source security tools, research papers, documentation, and training materials. Everything we build is available to the security community.

GitHub Repository Explore Resources
Tools
Research
Documentation
Advisories
Training
Open-Source Security Tools

Security Engineering Portfolio

All our tools are open-source, peer-reviewed, and built for production environments. Used by security teams worldwide.

Active Directory

ADPath

Privilege escalation path enumerator for Active Directory environments. Identifies attack vectors and misconfigurations with precision.

Rust
284
47
Zero-Knowledge

RZIP

Zero-knowledge proofs for AD group membership verification. RFC-compliant identity verification without information leakage.

Rust
312
62
Endpoint Security

RustAV

Lightweight EDR agent with 0.8ms scan latency. Asynchronous Rust implementation for maximum performance in enterprise environments.

Rust
427
89
Hardening

AD Hardening Kit

Complete Active Directory hardening with GPOs, detection rules, and monitoring configurations. Production-ready security baselines.

PowerShell
198
34
Network Security

NetWatch

Network traffic analyzer for detecting lateral movement and command & control communications in enterprise networks.

Rust
156
28
Red Team

RedKit

Collection of red team tools for security assessments, including custom payload generators and persistence mechanisms.

Python
89
21
Security Research

Research Papers & Publications

Peer-reviewed research papers and technical publications from our security research team.

Conference Paper

Zero-Knowledge Proofs for Active Directory Group Membership

Dr. Sofia Rivera, Alexandra Chen

We present a novel zero-knowledge proof system for verifying Active Directory group membership without revealing user identities or group structures.

February 2026
Download PDF
Journal Article

Sub-Millisecond Malware Detection with Asynchronous Rust

Marcus Thorne, James K. Park

Analysis of performance optimizations in RustAV achieving sub-millisecond scan latency while maintaining comprehensive detection capabilities.

January 2026
Download PDF
Technical Report

Analysis of Modern AD Attack Techniques

James K. Park, Security Research Team

Comprehensive analysis of 50+ Active Directory attack techniques observed in real-world engagements, with detection and mitigation strategies.

December 2025
Download PDF
Technical Documentation

Comprehensive Documentation

Detailed documentation, installation guides, and API references for all our tools and solutions.

ADPath Documentation

Complete guide to installing, configuring, and using ADPath for Active Directory privilege escalation analysis.

View Documentation

RZIP API Reference

Technical API documentation for integrating zero-knowledge proof verification into your applications.

View Documentation

RustAV Deployment Guide

Step-by-step deployment guide for RustAV across enterprise environments with thousands of endpoints.

View Documentation

AD Hardening Kit

Complete documentation for implementing and customizing Active Directory hardening configurations.

View Documentation

Architecture Guides

Technical architecture documentation for implementing zero-trust security in enterprise environments.

View Documentation

API Integration Guide

Comprehensive guide for integrating Sunderland Security tools with existing security infrastructure.

View Documentation
Security Advisories

Security Advisories & Vulnerability Reports

Security advisories for vulnerabilities discovered by our research team, along with patches and mitigation guidance.

Critical

Windows Kerberos Delegation Privilege Escalation

CVE-2026-0427

Critical vulnerability in Windows Kerberos delegation that allows privilege escalation from standard users to domain administrators.

March 15, 2026
View Advisory
High

Active Directory Certificate Services Information Disclosure

CVE-2026-0389

Information disclosure vulnerability in AD CS that exposes certificate templates and enrollment policies to unauthorized users.

February 28, 2026
View Advisory
Medium

Group Policy Preference Password Exposure

CVE-2026-0352

Residual exposure of cPassword values in Group Policy Preferences affecting environments with legacy configurations.

February 12, 2026
View Advisory
Training Resources

Educational Materials & Training

Free training materials, workshops, and educational resources for security professionals.

Active Directory Security Workshop

Comprehensive workshop covering AD security fundamentals, attack techniques, and defensive strategies.

4 hours
Intermediate
Access Workshop

Zero-Trust Implementation Guide

Step-by-step guide to implementing zero-trust architectures in enterprise environments.

6 hours
Advanced
Access Guide

Security Engineering with Rust

Learn how to build high-performance security tools using Rust and asynchronous programming.

8 hours
Intermediate
Access Course

Contribute to Open Security

Join our community of security researchers and engineers. Contribute to our open-source projects, report issues, or suggest new features.

Contribute on GitHub Report a Security Issue