The Largest Platform to Find Cybersecurity Tools

JSON.parse() drop-in replacement with prototype poisoning protection.

WordPress plugin to reduce comment spam with a smarter honeypot.

Tools for working with Android .dex and Java .class files, including dex-reader/writer, d2j-dex2jar, and smali/baksmali.

Performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques.

A comprehensive AWS security automation toolkit that provides event monitoring, data protection, resource management, and security configuration validation across AWS environments.

A network protocol analyzer for capturing and analyzing network traffic with a focus on TCP/IP flow reconstruction and response time tracking.

A library for integrating communication channels with the Cobalt Strike External C2 server.

Generate Yara rules from function basic blocks in x64dbg.

TerraGoat is a deliberately vulnerable Terraform repository that demonstrates common cloud infrastructure misconfigurations for training and testing security tools.

A free, open-source network protocol analyzer for capturing and displaying packet-level data.

A Splunk app mapped to MITRE ATT&CK to guide threat hunts.

A multi-account AWS security tool that identifies misconfigurations, provides real-time reporting, and performs automated remediation to establish secure cloud guardrails.

IAM Zero detects identity and access management issues and automatically suggests least-privilege policies by analyzing application errors and access patterns in cloud environments.

The OWASP AppSec Europe '16 Conference is a leading gathering in web application security, featuring keynote speakers and in-depth trainings in application security topics.

A vulnerability scanner that helps you identify and fix vulnerabilities in your code

A security checklist based on OWASP standards that provides comprehensive guidelines for designing, testing, and releasing secure Android applications.

An open-source dynamic analysis framework that intercepts and monitors API calls in Android applications using the Android Substrate framework.

A standalone man-in-the-middle attack framework used for phishing login credentials and bypassing 2-factor authentication.

Fail2ban is a daemon that automatically bans IP addresses showing malicious behavior by monitoring log files and updating firewall rules to prevent brute-force attacks.

Threat intelligence and digital risk protection platform

TANNER is a remote data analysis service that evaluates HTTP requests and generates responses for SNARE honeypots while emulating application vulnerabilities.

A tool for creating custom detection rules from YAML input

Binwalk is a firmware analysis tool that enables reverse engineering and extraction of embedded file systems and archives from firmware images.

A command-line forensics tool for tracking and analyzing USB device artifacts and connection history on Linux systems.