Security Operations
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
Browse 2,060 security operations tools
FEATURED
RELATED TASKS
A framework for testing and exploiting race condition vulnerabilities through concurrent request analysis and timing attack automation.
A framework for testing and exploiting race condition vulnerabilities through concurrent request analysis and timing attack automation.
A wordlist to bruteforce for Local File Inclusion (LFI) vulnerabilities
A collection of three tools for extracting, dumping, and scanning exposed .git repositories on websites to identify sensitive information and security vulnerabilities.
A collection of three tools for extracting, dumping, and scanning exposed .git repositories on websites to identify sensitive information and security vulnerabilities.
A command-line tool for capturing automated screenshots of websites and mobile applications with support for multiple browsers and device emulations.
A command-line tool for capturing automated screenshots of websites and mobile applications with support for multiple browsers and device emulations.
A DNS rebinding attack framework for security researchers and penetration testers.
A DNS rebinding attack framework for security researchers and penetration testers.
A malicious DNS server that executes DNS Rebinding attacks on-demand to bypass same-origin policy restrictions and access internal network resources.
A malicious DNS server that executes DNS Rebinding attacks on-demand to bypass same-origin policy restrictions and access internal network resources.
A Python library that simplifies testing and exploiting race conditions in web applications using concurrent HTTP requests.
A Python library that simplifies testing and exploiting race conditions in web applications using concurrent HTTP requests.
A simple Python script to test for a hypothetical JWT vulnerability
A simple Python script to test for a hypothetical JWT vulnerability
An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.
An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.
A command line utility for searching and downloading exploits from multiple exploit databases including Exploit-DB and Packet Storm.
A command line utility for searching and downloading exploits from multiple exploit databases including Exploit-DB and Packet Storm.
A comprehensive malware-analysis tool that utilizes external AV scanners to identify malicious elements in binary files.
A comprehensive malware-analysis tool that utilizes external AV scanners to identify malicious elements in binary files.
mXtract is a Linux-based tool for memory analysis and dumping with regex pattern search capabilities.
mXtract is a Linux-based tool for memory analysis and dumping with regex pattern search capabilities.
A tool that generates .NET serialized gadgets for triggering assembly load and execution through BinaryFormatter deserialization in JavaScript, VBScript, and VBA scripts.
A tool that generates .NET serialized gadgets for triggering assembly load and execution through BinaryFormatter deserialization in JavaScript, VBScript, and VBA scripts.
A comprehensive resource for threat hunting in Active Directory environments, covering tracking command-line/PowerShell activity, Kerberoasting detection, auditing attacker activity, and monitoring enterprise command-line activity.
A comprehensive resource for threat hunting in Active Directory environments, covering tracking command-line/PowerShell activity, Kerberoasting detection, auditing attacker activity, and monitoring enterprise command-line activity.
Dorothy is a tool to test monitoring and detection capabilities for Okta environments, with modules mapped to MITRE ATT&CK® tactics.
Dorothy is a tool to test monitoring and detection capabilities for Okta environments, with modules mapped to MITRE ATT&CK® tactics.
VMCloak is a tool for creating and preparing Virtual Machines for Cuckoo Sandbox.
VMCloak is a tool for creating and preparing Virtual Machines for Cuckoo Sandbox.
Yar is a reconnaissance tool for scanning organizations, users, and repositories to identify vulnerabilities and security risks during security assessments.
Yar is a reconnaissance tool for scanning organizations, users, and repositories to identify vulnerabilities and security risks during security assessments.
A collection of YARA rules for Windows, Linux, and Other threats.
A collection of YARA rules for Windows, Linux, and Other threats.
Interactive malware hunting service with live access to the heart of an incident.
Interactive malware hunting service with live access to the heart of an incident.
Tool for live forensics acquisition on Windows systems, collecting artefacts for early compromise detection.
Tool for live forensics acquisition on Windows systems, collecting artefacts for early compromise detection.
InternalBlue is a Bluetooth experimentation framework that enables low-level firmware interaction with Broadcom chips for security research and attack prototype development.
InternalBlue is a Bluetooth experimentation framework that enables low-level firmware interaction with Broadcom chips for security research and attack prototype development.
C3 is a framework by WithSecureLabs for rapid prototyping of custom command and control channels that integrates with existing offensive security toolkits.
C3 is a framework by WithSecureLabs for rapid prototyping of custom command and control channels that integrates with existing offensive security toolkits.
An open-source OSINT honeypot that monitors threat actor reconnaissance attempts and generates early-warning intelligence for blue teams during the pre-attack phase.
An open-source OSINT honeypot that monitors threat actor reconnaissance attempts and generates early-warning intelligence for blue teams during the pre-attack phase.
Security Operations Tools - FAQ
Common questions about Security Operations tools including selection guides, pricing, and comparisons.
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
