Security Operations
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
Browse 2,060 security operations tools
FEATURED
RELATED TASKS
Platform offering cybersecurity courses for Red, Blue, and Purple Teamers by Picus.
Platform offering cybersecurity courses for Red, Blue, and Purple Teamers by Picus.
A CLI program that simplifies cybersecurity solution management through automated deployment, configuration, monitoring, and lifecycle operations across multiple hosts.
A CLI program that simplifies cybersecurity solution management through automated deployment, configuration, monitoring, and lifecycle operations across multiple hosts.
A command line steganography tool that uses LSB technique to hide files within images without visible alteration.
A command line steganography tool that uses LSB technique to hide files within images without visible alteration.
Dynamic binary analysis library with various analysis and emulation capabilities.
Dynamic binary analysis library with various analysis and emulation capabilities.
Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.
Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.
Intercepts and examines mobile app connections by stripping SSL/TLS layer.
Intercepts and examines mobile app connections by stripping SSL/TLS layer.
Deliberately vulnerable web application for security professionals to practice attack techniques.
Deliberately vulnerable web application for security professionals to practice attack techniques.
Copy executables with execute, but no read permission on Unix systems.
A Python tool that mines URLs from web archives to assist security researchers in discovering potential attack surfaces for bug hunting and vulnerability assessment.
A Python tool that mines URLs from web archives to assist security researchers in discovering potential attack surfaces for bug hunting and vulnerability assessment.
An AWS incident response framework that uses Athena to analyze CloudTrail events and EventBridge for notifications to investigate API activity and detect security misconfigurations.
An AWS incident response framework that uses Athena to analyze CloudTrail events and EventBridge for notifications to investigate API activity and detect security misconfigurations.
Scripts to automate the process of enumerating a Linux system through a Local File Inclusion (LFI) vulnerability.
Scripts to automate the process of enumerating a Linux system through a Local File Inclusion (LFI) vulnerability.
Log management appliance for collecting, storing, searching, and auditing logs
Log management appliance for collecting, storing, searching, and auditing logs
A mature SIEM environment is critical for successful SOAR implementation.
A mature SIEM environment is critical for successful SOAR implementation.
A tool that generates pseudo-malicious files to trigger YARA rules.
A tool that generates pseudo-malicious files to trigger YARA rules.
ALEAPP is a Python-based forensic tool for parsing Android logs, events, and protobuf data with both CLI and GUI interfaces.
ALEAPP is a Python-based forensic tool for parsing Android logs, events, and protobuf data with both CLI and GUI interfaces.
A powerful OSINT tool for creating custom templates for data extraction and analysis
A powerful OSINT tool for creating custom templates for data extraction and analysis
SSH Honeypot written in Go that records commands and IP addresses of attempted logins.
SSH Honeypot written in Go that records commands and IP addresses of attempted logins.
An active and aggressive honeypot tool for network security.
An active and aggressive honeypot tool for network security.
An intentionally vulnerable web application containing multiple web service security flaws designed for educational purposes and security testing practice.
An intentionally vulnerable web application containing multiple web service security flaws designed for educational purposes and security testing practice.
Steampipe is a zero-ETL solution for getting data directly from APIs and services.
Steampipe is a zero-ETL solution for getting data directly from APIs and services.
A portable version of XSSHunter.com for finding and exploiting Cross-Site Scripting (XSS) vulnerabilities.
A portable version of XSSHunter.com for finding and exploiting Cross-Site Scripting (XSS) vulnerabilities.
OneFuzz is a self-hosted Fuzzing-As-A-Service platform developed by Microsoft that enables continuous developer-driven security testing through automated fuzzing capabilities.
OneFuzz is a self-hosted Fuzzing-As-A-Service platform developed by Microsoft that enables continuous developer-driven security testing through automated fuzzing capabilities.
Steganographic Swiss army knife for encoding and decoding data into images.
Steganographic Swiss army knife for encoding and decoding data into images.
Security Operations Tools - FAQ
Common questions about Security Operations tools including selection guides, pricing, and comparisons.
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
