The Largest Platform to Find Cybersecurity Tools

NAXSI is a third-party nginx module that prevents XSS and SQL injection attacks by filtering HTTP traffic based on predefined security rules.

SWFTools is a collection of utilities for working with Adobe Flash files, including tools for converting PDFs, images, audio, and video files to SWF format.

This tutorial describes how to set up two-factor authentication for an SSH server by integrating Google Authenticator with OpenSSH.

A Microsoft Word template library for implementing industrial information security management systems with documentation for policy, risk management, business continuity, and incident handling.

A tool for hacking and security testing of JWT

Libnids is an implementation of an E-component of Network Intrusion Detection System that emulates the IP stack of Linux 2.0.x and offers IP defragmentation, TCP stream assembly, and TCP port scan detection.

Patch-level verification tool for bundler to check for vulnerable gems and insecure sources.

Dissect is a digital forensics & incident response framework that simplifies the analysis of forensic artefacts from various disk and file formats.

Hashcat is a fast and advanced password recovery utility that supports various attack modes and hashing algorithms, and is open-source and community-driven.

A lightweight Command and Control (C2) implant written in Nim that provides remote access capabilities for penetration testing and red team operations.

Exiv2 is a C++ library and command-line utility for reading, writing, deleting, and modifying Exif, IPTC, XMP, and ICC metadata in image files.

CSRF crumb generation and validation tool for hapi framework.

A Python-based tool for detecting XSS vulnerabilities

A dynamic multi-cloud infrastructure framework that enables rapid deployment of disposable instances pre-loaded with security tools for distributed offensive and defensive security operations.

A collection of hands-on workshops and educational content focused on AWS security services, techniques, and best practices through practical scenarios.

A set of tools for securing JavaScript projects against software supply chain attacks.

Python module for fast packet parsing with TCP/IP protocol definitions.

Dufflebag searches through public AWS EBS snapshots to identify accidentally exposed secrets and sensitive information.

An annual jeopardy-style capture-the-flag contest with challenges related to cybersecurity.

Automate OSINT for threat intelligence and attack surface mapping with SpiderFoot.

DetectionLab is a pre-configured Windows domain environment with security tooling and logging designed for cybersecurity training and detection capability development.

A collection of automation workflows for the Shuffle security orchestration platform that covers common cybersecurity use-cases and can be customized for organizational needs.

A deliberately vulnerable Java web application designed for educational purposes to teach web application security concepts and common vulnerabilities.

Haaukins is an automated virtualization platform that provides hands-on cybersecurity education through capture the flag exercises in controlled vulnerable environments.