The Largest Collection of Cybersecurity Tools

A collection of 20 cross-site scripting challenges covering various XSS attack vectors and filtering bypass techniques for educational purposes.

Inspeckage is a dynamic analysis tool for Android applications that provides runtime behavior monitoring through API hooking and real-time system interaction tracking.

A deliberately vulnerable web application that uses WebSocket communication to provide a training environment for learning about WebSocket-related security vulnerabilities.

An observation camera honeypot for proof-of-concept purposes

In-depth analysis of real-world attacks and threat tactics

A practical guide to developing a comprehensive security monitoring and incident response strategy, covering incident response fundamentals, threat analysis, and data analysis.

Falcon Sandbox is a malware analysis framework that provides in-depth static and dynamic analysis of files, offering hybrid analysis, behavior indicators, and integrations with various security tools.

A simple SSH honeypot written in Golang with a Persian-inspired name.

A comprehensive cheatsheet for XSS filter evasion techniques.

A curated list documenting open-source projects that incorporate political protests in their software, ranging from messages to conditional malware.

A tool for extracting files from network traffic based on file signatures with support for various file formats and scalable search algorithm.

A free endpoint security tool for host investigative capabilities to find signs of malicious activity through memory and file analysis.

CIFv3 is the next version of the Cyber Intelligence Framework, developed against Ubuntu16, encouraging users to transition from CIFv2.

ASH is an automated security scanning tool that integrates multiple open-source security scanners to perform preliminary security checks on code, infrastructure, and IAM configurations during development.

Stixview is a JS library for embeddable interactive STIX2 graphs, aiming to bridge the gap between CTI stories and structured CTI snapshots.

Valkyrie is a sophisticated file verdict system that enhances malware detection through behavioral analysis and extensive file feature examination.

An easy-to-use and lightweight API wrapper for Censys APIs with support for Python 3.8+.

A multi-cloud asset enumeration tool that helps blue teams centralize and inventory assets across multiple cloud providers with minimal configuration.

A community-led project focused on standardizing security event logs.

A suite for man in the middle attacks, featuring sniffing of live connections, content filtering, and protocol dissection.

Rspamd is an advanced spam filtering system and email processing framework that evaluates messages using multiple analysis methods and integrates with MTAs for high-volume email processing.

Migrated Splunk SOAR Connectors to new GitHub organization for better organization and management.

Exploiting a vulnerability in HID iClass system to retrieve master authentication key for cloning cards and changing reader settings.

Advanced vulnerability assessment tool for gaining visibility and preventing cyber attacks.