The Largest Collection of Cybersecurity Tools

A PowerShell obfuscation detection framework designed to highlight the limitations of signature-based detection and provide a scalable means of detecting known and unknown obfuscation techniques.

Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.

A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

A Python-based command-line tool that scans websites for CORS misconfigurations by analyzing HTTP response headers to identify potential security vulnerabilities.

App-Ray offers comprehensive security analysis and compliance solutions for mobile applications.

Hackazon is a vulnerable web application storefront designed for security professionals to practice testing modern web technologies and identifying common vulnerabilities.

A honeypot designed to detect and analyze malicious activities in instant messaging platforms.

Tor Browser is a free and open-source software that allows users to browse the internet anonymously and privately.

A comprehensive incident response and threat hunting tool for Google Cloud Platform, providing logs and forensic data for effective incident response and threat hunting.

MIDAS (Mac Intrusion Detection Analysis System) - archived and no longer supported.

A curated list of resources for learning about deploying, managing, and hunting with Microsoft Sysmon.

A tool for extracting static and dynamic features from Android APKs.

Automate security incident handling and facilitate real-time activities of incident handlers.

Sysreptor offers a customizable reporting solution for penetration testing and red teaming.

A free software that calculates the security ranking of Internet Service Providers to detect malicious activities.

SentinelOne's Singularity Platform is an AI-powered enterprise security platform providing autonomous endpoint, cloud, identity, and data protection through its integrated XDR solution.

A reference guide providing Docker commands and concepts for containerized application development and deployment.

Coursera offers free online learning resources and courses during the COVID-19 pandemic.

An open source repository of plugins for Rapid7 InsightConnect that enables security orchestration and automation through integrations with various security tools and services.

A tool for identifying and analyzing Java serialized objects in network traffic

MCIR is a unified framework for building code injection vulnerability testbeds that combines SQL, XML, shell, and XSS injection testing tools with shared functionality and template-based extensibility.

Ghidra is an NSA-developed software reverse engineering framework that provides disassembly, decompilation, and analysis tools for examining compiled code across multiple platforms and processor architectures.

Turbinia is an open-source framework for automating the running of common forensic processing tools to help with processing evidence in the Cloud.

Hash Extender is a command-line tool that automates length extension attacks against various hashing algorithms including MD5, SHA-1, SHA-256, and others.