The Largest Collection of Cybersecurity Tools

A subdomain enumeration tool for penetration testers and security researchers.

IronBee is an open source web application security sensor framework that provides detection and prevention capabilities for web application vulnerabilities.

HoneyFS is an LLM-powered honeypot tool that generates realistic fake file systems using GPT-3.5 to deceive attackers and enhance security analysis.

Platform offering cybersecurity courses for Red, Blue, and Purple Teamers by Picus.

A CLI program that simplifies cybersecurity solution management through automated deployment, configuration, monitoring, and lifecycle operations across multiple hosts.

A command line steganography tool that uses LSB technique to hide files within images without visible alteration.

Dynamic binary analysis library with various analysis and emulation capabilities.

Audio file steganography tool

A Docker-based utility that monitors TLS certificate expiration dates and exposes the data as Prometheus metrics with support for Kubernetes ingress discovery and configurable domain filtering.

kube-hunter is a security scanning tool that identifies vulnerabilities and security weaknesses in Kubernetes clusters through automated assessment and provides detailed reporting with remediation guidance.

Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.

A tool that finds more information about a given URL or domain by querying multiple data sources.

Intercepts and examines mobile app connections by stripping SSL/TLS layer.

Deliberately vulnerable web application for security professionals to practice attack techniques.

Copy executables with execute, but no read permission on Unix systems.

Scan the internet for publicly exposed network components

A Python tool that mines URLs from web archives to assist security researchers in discovering potential attack surfaces for bug hunting and vulnerability assessment.

A Python-based tool for external attack surface discovery and reconnaissance across large-scale networks, focusing on IP address and subdomain enumeration.

An AWS incident response framework that uses Athena to analyze CloudTrail events and EventBridge for notifications to investigate API activity and detect security misconfigurations.

Load-balancing solution by Microsoft Azure with global infrastructure and financial guidance.

Access Undenied on AWS analyzes CloudTrail AccessDenied events to explain access denial reasons and provide least-privilege remediation suggestions.

Scripts to automate the process of enumerating a Linux system through a Local File Inclusion (LFI) vulnerability.

A log management solution that optimizes SIEM performance, provides rapid search and troubleshooting, and meets compliance requirements.

A PHP library that provides secure data encryption capabilities using keys or passwords, designed to minimize implementation errors.