Security Operations for Security Research
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management. Task: Security Research
Browse 47 security tools
FEATURED
USE CASES
AI agent for in-depth binary analysis and reverse engineering assistance.
R&D firm providing cyber defense & operational tech for DoD and DHS.
Deception-based breach detection tools including honeypots & canary tokens.
AI-assisted vulnerability research and advanced offensive cyber tooling firm.
Open-source nonprofit org developing honeypot tools & threat research.
Threat hunting platform with free hunt packages and educational resources.
Whole-system emulation environment for software dev, debugging, testing & security
A list of services and how to claim (sub)domains with dangling DNS records.
A tool that recovers passwords from pixelized screenshots
A subdomain enumeration tool for penetration testers and security researchers.
A scalable python framework for security research and development teams.
cowrie2neo parses Cowrie honeypot logs and imports the data into Neo4j databases for graph-based analysis and visualization of honeypot interactions.
InvalidSign is a security research tool that bypasses endpoint solutions by obtaining valid signed files with different hashes to evade signature-based detection mechanisms.
Open source security auditing tool to search and dump system configuration.
A framework for creating XNU based rootkits for OS X and iOS security research
GridPot is a honeypot framework that combines GridLAB-D, Conpot, and libiec61850 to simulate industrial control systems and detect attacks on power grid infrastructure.
MagSpoof is a hardware device that emulates magnetic stripe cards using electromagnetic fields for security research and educational purposes.
HoneyFS is an LLM-powered honeypot tool that generates realistic fake file systems using GPT-3.5 to deceive attackers and enhance security analysis.
CapTipper is a python tool to analyze, explore, and revive HTTP malicious traffic.
A collection of public YARA signatures for various malware families.