Security Operations
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
Explore 1420 curated cybersecurity tools, with 17,495+ visitors searching for solutions
FEATURED
Cybercrime intelligence tools for searching compromised credentials from infostealers
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
Lists of sources and utilities to hunt, detect, and prevent evildoers.
Lists of sources and utilities to hunt, detect, and prevent evildoers.
A digital forensics tool that extracts and analyzes Windows AppCompat and AmCache registry data for enterprise-scale forensic investigations.
A digital forensics tool that extracts and analyzes Windows AppCompat and AmCache registry data for enterprise-scale forensic investigations.
An easy to set up SSH honeypot for logging SSH connections and activity.
An easy to set up SSH honeypot for logging SSH connections and activity.
A tool to verify the integrity of PNG, JNG, and MNG files and extract detailed information about the image.
A tool to verify the integrity of PNG, JNG, and MNG files and extract detailed information about the image.
Yabin creates Yara signatures from malware to find similar samples.
Yabin creates Yara signatures from malware to find similar samples.
Interactive online malware sandbox for real-time analysis and threat intelligence
Interactive online malware sandbox for real-time analysis and threat intelligence
Detect users' operating systems and perform redirection with Apache mod_rewrite.
Detect users' operating systems and perform redirection with Apache mod_rewrite.
TCPFLOW is a tool for capturing data transmitted over TCP connections.
TCPFLOW is a tool for capturing data transmitted over TCP connections.
A set of rules for detecting threats in various formats, including Snort, Yara, ClamAV, and HXIOC.
A set of rules for detecting threats in various formats, including Snort, Yara, ClamAV, and HXIOC.
A low interaction honeypot for detecting CVE-2018-0101 vulnerability in Cisco ASA component.
A low interaction honeypot for detecting CVE-2018-0101 vulnerability in Cisco ASA component.
A fake Django admin login screen to detect and notify admins of attempted unauthorized access
A fake Django admin login screen to detect and notify admins of attempted unauthorized access
A powerful tool for analyzing and visualizing system activity timelines.
A powerful tool for analyzing and visualizing system activity timelines.
BeEF is a penetration testing framework that exploits web browsers to assess client-side security vulnerabilities and launch attacks from within the browser context.
BeEF is a penetration testing framework that exploits web browsers to assess client-side security vulnerabilities and launch attacks from within the browser context.
A .NET wrapper for libyara that provides a simplified API for developing tools in C# and PowerShell.
A .NET wrapper for libyara that provides a simplified API for developing tools in C# and PowerShell.
AutoTTP automates complex attack sequences and testing scenarios for regression tests and research using frameworks like Empire, Metasploit, and Cobalt Strike.
AutoTTP automates complex attack sequences and testing scenarios for regression tests and research using frameworks like Empire, Metasploit, and Cobalt Strike.
A digital archive of the internet, allowing users to capture and browse archived web pages.
A digital archive of the internet, allowing users to capture and browse archived web pages.
A collection of public YARA signatures for various malware families.
A collection of public YARA signatures for various malware families.
A Java-based Bluetooth honeypot that captures and analyzes malware and attacks targeting Bluetooth-enabled devices.
A Java-based Bluetooth honeypot that captures and analyzes malware and attacks targeting Bluetooth-enabled devices.
A combination of honeypot, monitoring tool, and alerting system for detecting insecure configurations.
A combination of honeypot, monitoring tool, and alerting system for detecting insecure configurations.
A free online wargame for practicing hacking skills and learning security concepts.
A free online wargame for practicing hacking skills and learning security concepts.
A 32-bit assembler level analyzing debugger for Microsoft Windows.
A 32-bit assembler level analyzing debugger for Microsoft Windows.
FingerprintX is a standalone utility for service discovery on open ports.
FingerprintX is a standalone utility for service discovery on open ports.
A cross-platform post-exploitation HTTP/2 Command & Control framework designed specifically for testing and exploiting containerized environments including Docker and Kubernetes.
A cross-platform post-exploitation HTTP/2 Command & Control framework designed specifically for testing and exploiting containerized environments including Docker and Kubernetes.
A Linux-based environment for penetration testing and vulnerability exploitation
A Linux-based environment for penetration testing and vulnerability exploitation
Security Operations Tools - FAQ
Common questions about Security Operations tools including selection guides, pricing, and comparisons.
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
