The Largest Platform to Find Cybersecurity Tools

A Docker-based honeypot network implementation featuring cowrie and dionaea honeypots with centralized event collection, geolocation enrichment, and real-time attack visualization.

A comprehensive dashboard for managing and monitoring honeypots with detailed information on attack attempts and connections.

PowerUp aims to be a clearinghouse of common Windows privilege escalation vectors that rely on misconfigurations.

Lambda-Proxy is a utility that enables SQL injection testing of AWS Lambda functions by converting SQLMap HTTP attacks into Lambda invoke calls through a local proxy.

Open-source security automation platform for automating security alerts and building AI-assisted workflows.

A TCP-based traceroute implementation that bypasses firewall filters to trace the path to a destination.

CimSweep is a suite of CIM/WMI-based tools for incident response and hunting operations on Windows systems without the need to deploy an agent.

In-depth threat intelligence reports and services providing insights into real-world intrusions, malware analysis, and threat briefs.

Custom built application for asynchronous forensic data presentation on an Elasticsearch backend, with upcoming features like Docker-based installation and new UI rewrite in React.

Network Access Analyzer is an AWS VPC feature that identifies unintended network access to cloud resources by analyzing internet gateways, route tables, ACLs, and security groups.

An endpoint monitoring tool for Linux and macOS that reports file, socket, and process events to Zeek.

A collaborative repository of CTF write-ups and source files from 2014 competitions that allows community contributions to address scattered documentation issues.

Endpoint security platform using Moving Target Defense to prevent cyber attacks and provide adaptive exposure management and threat prevention.

A tool for fetching and visualizing cyber threat intelligence data with Elasticsearch and Kibana integration.

Yaraprocessor allows for scanning data streams in unique ways and dynamic scanning of payloads from network packet captures.

Cloud Inquisitor is an AWS security tool that monitors resource ownership, detects domain hijacking, verifies security services, and manages IAM policies across multiple accounts.

Automates SQL injection detection and exploitation

A collection of automation scripts that quickly enable essential AWS security and compliance features that are not activated by default in AWS accounts.

Pwndrop is a self-deployable file hosting service for red teamers, allowing easy upload and sharing of payloads over HTTP and WebDAV.

A comprehensive guide to Android Security

Detects and prevents SSRF attacks

iOS application for testing iOS penetration testing skills in a legal environment.

A Linux command-line tool that allows you to kill in-progress TCP connections based on a filter expression, useful for libnids-based applications that require a full TCP 3-way handshake for TCB creation.

Powerful tool for searching and hunting through Windows forensic artefacts with support for Sigma detection rules and custom Chainsaw detection rules.