The Largest Collection of Cybersecurity Tools

QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.

A tool for managing multiple reverse shell sessions/clients via terminal with a RESTful API.

Bastille-Linux is a system hardening program that proactively configures the system for increased security and educates users about security settings.

Fridump is an open source memory dumping tool that uses the Frida framework to extract accessible memory addresses from iOS, Android, and Windows applications for security testing and analysis.

Facilitating exchange of information and knowledge to collectively protect against cyberattacks.

A customizable offensive security reporting solution for pentesters and red teamers to generate detailed reports of their findings and vulnerabilities.

A Python-based tool for subdomain enumeration and analysis

A PowerShell-based DFIR automation tool that streamlines artifact and evidence collection from Windows machines for digital forensic investigations.

AFE Android Framework for Exploitation is a framework that provides tools and techniques for exploiting vulnerabilities in Android devices and applications.

The best security training environment for Developers and AppSec Professionals.

A security dataset and CTF platform available in full (16.4GB) and attack-only (3.2GB) versions, pre-indexed for Splunk to help security professionals practice analysis skills.

A book that helps improve Docker security by covering risks and countermeasures

MagSpoof is a hardware device that emulates magnetic stripe cards using electromagnetic fields for security research and educational purposes.

A comprehensive guide to digital forensics and incident response, covering incident response frameworks, digital forensic techniques, and threat intelligence.

Online platform for image steganography analysis

Betterscan is an orchestration toolchain that coordinates multiple security tools to scan source code and infrastructure as code for security vulnerabilities, compliance risks, secrets, and misconfigurations.

Magnet ACQUIRE offers robust data extraction capabilities for digital forensics investigations, supporting a wide range of devices.

A serverless application that creates and monitors fake HTTP endpoints as honeytokens to detect attackers, malicious insiders, and automated threats.

A Windows kernel driver intentionally designed with various vulnerabilities to help security researchers practice kernel exploitation techniques.

CRITs is an open source malware and threat repository for collaborative threat defense and analysis.

Ropper is a multi-architecture binary analysis tool that searches for ROP gadgets and displays information about executable files for exploit development.

Intezer is a cloud-based malware analysis platform that detects and classifies malware using genetic code analysis.

A Python tool that uses AWS Cloud Control API to enumerate and catalog AWS resources across specified accounts and regions, outputting results in JSON format.

Digital investigation tool for extracting forensic data from computers and managing investigations.