The Largest Collection of Cybersecurity Tools

A serverless application that demonstrates common serverless security flaws and weaknesses

dc3dd is a patch to the GNU dd program, tailored for forensic acquisition with features like hashing and file verification.

Collection of cybersecurity conference videos from GreHack 2018 covering various cutting-edge topics.

SSHoney is an SSH honeypot for logging SSH connection attempts.

Free online ethical hacking course covering penetration testing, web app assessments, exploit development, and security operations.

AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.

Catch possible phishing domains in near real time by looking for suspicious TLS certificate issuances reported to the Certificate Transparency Log (CTL) via the CertStream API.

A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.

Network Forensic Analysis Tool for deep network traffic inspection and analysis.

A collection of scripts for debugging SSRF, blind XSS, and XXE vulnerabilities

A blog about various cybersecurity-related topics, including home networking, compiler development, and security vulnerabilities.

minikube is a local Kubernetes cluster management tool that enables developers to run and test Kubernetes applications on their local machines across multiple operating systems.

CPO Magazine is a cybersecurity news and information website providing articles, news, and insights on cybersecurity, privacy, and technology.

Forager is a threat intelligence tool that simplifies the retrieval, storage, and maintenance of threat data with a user-friendly interface and support for various data sources.

A tool that reads IP packets from the network or a tcpdump save file and writes an ASCII summary of the packet data.

A distributed AWS security auditing tool that continuously enumerates and scans internet-facing AWS services to identify potentially misconfigured resources.

A collection of CTF challenge write-ups and solutions from the SababaSec cybersecurity team covering competitions from 2019 to 2022.

A program to manage yara ruleset in a database with support for different databases and configuration options.

A tool for restoring defocused and blurred images with various deconvolution techniques and fast processing capabilities.

Web-based tool for incident response with easy local installation using Docker.

A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.

An alternative to the auditd daemon with goals of safety, speed, JSON output, and pluggable pipelines connecting to the Linux kernel via netlink.

Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.

PEDA is a Python extension for GDB that enhances debugging with colorized displays and specialized commands for exploit development and binary security analysis.