The Largest Collection of Cybersecurity Tools

Free tools for the CrowdStrike customer community to support their use of the Falcon platform.

A collection of structured incident response playbook battle cards providing prescriptive guidance and countermeasures for cybersecurity incident response operations.

Search OpenBSD manual pages by keyword, section, or manual page name

XVWA is an intentionally vulnerable PHP/MySQL web application designed for security education, containing multiple common web vulnerabilities for hands-on learning and practice.

A Python tool that analyzes AWS CloudTrail data to summarize IAM principal activities, API calls, regions, IP addresses, and user agents with configurable timeframes and visualization options.

WordPress security scanner for identifying vulnerabilities in WordPress websites.

No More Ransom is a collaborative project to combat ransomware attacks by providing decryption tools and prevention advice.

PINT is a PIN tool that enables Lua scripting for Intel's PIN dynamic instrumentation framework, allowing researchers to inject custom code during binary analysis processes.

A Python script that scans Nexus Repository Manager for artifacts with identical names across repositories to identify dependency confusion attack vulnerabilities.

A collection of AWS-native scripts and automation tools for DevSecOps, incident response, and security remediation in cloud environments.

A package for hiding data inside jpeg files using steganography techniques.

ELFcrypt encrypts ELF binaries with obfuscation and anti-debugging features to protect against reverse engineering.

A Fastify plugin that implements HTTP security headers through a wrapper around the helmet library to protect web applications from common vulnerabilities.

A standard README template file that provides basic structure for documenting Ruby applications and software projects.

A tool that checks for hijackable packages in NPM and Python Pypi registries

A Linux exploit suggestion tool that identifies potential privilege escalation vulnerabilities by analyzing kernel versions and matching them against a database of known exploits.

SecGen is an open-source framework that automatically generates vulnerable virtual machines and hacking challenges for cybersecurity education and penetration testing training.

Open-source set of libraries and drivers to accelerate network performance.

A command-line tool that extracts manifest and configuration data from Docker registry images for security analysis and reconnaissance purposes.

A blog post explaining the concept of Active Directory Trusts and their enumeration and exploitation

A Windows Registry hive extraction library that provides C API access for reading and writing registry binary files with XML export capabilities.

A bash script for automating Linux swap analysis for post-exploitation or forensics purposes.

AndroBugs Framework is an Android vulnerability analysis system that scans mobile applications for security vulnerabilities, missing best practices, and dangerous shell commands.

A .Net wrapper library for the native Yara library with interoperability and portability features.