The Largest Collection of Cybersecurity Tools

Apache Spot is an open source big data platform that analyzes network flows and packet data to identify security threats and provide visibility into enterprise computing environments.

Technique used to forward one URL to another.

Java decompiler for modern Java features up to Java 14.

A bash-based framework for discovering and extracting exposed .git repositories from web servers during penetration testing and bug bounty activities.

A utility for splitting packet traces along TCP connection boundaries.

A dynamic GUI for advanced log analysis, allowing users to execute SQL queries on structured log data.

Docker image with essential tools for Kubernetes penetration testing.

A tool that uses Plaso to parse forensic artifacts and disk images, creating custom reports for easier analysis.

A collection of mobile security resources and tools

GUI-based memory forensic capture tool for cyber forensics and cyber crime investigation.

CorsMe is a specialized scanner that identifies Cross-Origin Resource Sharing (CORS) misconfigurations in web applications and provides remediation recommendations.

Email collection point designed to trap spammers and blacklist IPs.

A Python library that provides an interface to query ThreatCrowd's API for threat intelligence data including email, IP, domain, and antivirus reports with built-in caching capabilities.

WebGoat is an OWASP-maintained deliberately insecure web application designed to teach web application security through hands-on exercises with intentional vulnerabilities.

Unfurl is a URL analysis tool that extracts and visualizes data from URLs, breaking them down into components and presenting the information visually.

SeaSponge is an accessible web-based threat modeling tool with a focus on accessibility, aesthetics, and intuitive user experience.

Stay informed with Rapid7's cybersecurity blog and vulnerability news updates.

A honeypot for remote file inclusion (RFI) and local file inclusion (LFI) using fake URLs to catch scanning bots and malwares.

GridPot is a honeypot framework that combines GridLAB-D, Conpot, and libiec61850 to simulate industrial control systems and detect attacks on power grid infrastructure.

Tcpreplay is a suite of Open Source utilities for editing and replaying captured network traffic.

IMAP-Honey is a honeypot tool for IMAP and SMTP protocols with support for logging to console or syslog.

An unofficial Python API that enables programmatic searching, browsing, and downloading of Android apps from Google Play Store.

Cloud-based virus scan APIs for securing files, URLs, and content uploads with advanced anti-virus and malware scanning capabilities.

WiGLE.net is a platform that collects and provides data on WiFi networks and cell towers, with over 1.3 billion networks collected.