Security Operations
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
Browse 2,060 security operations tools
FEATURED
RELATED TASKS
Pwndbg is a GDB plug-in that enhances the debugging experience for low-level software developers, hardware hackers, reverse-engineers, and exploit developers.
Pwndbg is a GDB plug-in that enhances the debugging experience for low-level software developers, hardware hackers, reverse-engineers, and exploit developers.
Open-source honeypot tool for detecting and analyzing malicious activities in the Apache Struts exploit.
Open-source honeypot tool for detecting and analyzing malicious activities in the Apache Struts exploit.
A repository of officially managed detection rules for the Falco runtime security monitoring system that identifies threats, abnormal behaviors, and compliance violations through syscall and container event analysis.
A repository of officially managed detection rules for the Falco runtime security monitoring system that identifies threats, abnormal behaviors, and compliance violations through syscall and container event analysis.
A tool for enumerating and attacking GitHub Actions pipelines
An open-source, drag-and-drop security workflow builder with integrated case management for automating security workflows and tackling alert fatigue.
An open-source, drag-and-drop security workflow builder with integrated case management for automating security workflows and tackling alert fatigue.
YaraHunter scans container images, running Docker containers, and filesystems using YARA rules to detect malware indicators and signs of compromise.
YaraHunter scans container images, running Docker containers, and filesystems using YARA rules to detect malware indicators and signs of compromise.
YLS Language Server for YARA Language with comprehensive features and Python 3.8 support.
YLS Language Server for YARA Language with comprehensive features and Python 3.8 support.
SecLists is a comprehensive repository of security testing lists including usernames, passwords, URLs, fuzzing payloads, and web shells used during penetration testing and security assessments.
SecLists is a comprehensive repository of security testing lists including usernames, passwords, URLs, fuzzing payloads, and web shells used during penetration testing and security assessments.
A Splunk application that processes honeypot data from hpfeeds channels to generate clustered meta-events and visualizations for security analysis.
A Splunk application that processes honeypot data from hpfeeds channels to generate clustered meta-events and visualizations for security analysis.
A project providing honeypots for embedded device vulnerabilities with support for AWS integration and JSON output.
A project providing honeypots for embedded device vulnerabilities with support for AWS integration and JSON output.
A PHP port of Rack::Honeypot, a spam trap that detects and blocks spambots
A PHP port of Rack::Honeypot, a spam trap that detects and blocks spambots
Open-source Java application for creating proxies for traffic analysis & modification.
Open-source Java application for creating proxies for traffic analysis & modification.
Orochi is a collaborative forensic memory dump analysis framework.
Orochi is a collaborative forensic memory dump analysis framework.
RegRippy is a modern Python 3 alternative to RegRipper for extracting data from Windows registry hives.
RegRippy is a modern Python 3 alternative to RegRipper for extracting data from Windows registry hives.
mac_apt is a versatile DFIR tool for processing Mac and iOS images, offering extensive artifact extraction capabilities and cross-platform support.
mac_apt is a versatile DFIR tool for processing Mac and iOS images, offering extensive artifact extraction capabilities and cross-platform support.
A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.
A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.
Hack with JavaScript XSS'OR tool for encoding/decoding and various XSS related functionalities.
Hack with JavaScript XSS'OR tool for encoding/decoding and various XSS related functionalities.
A specification/framework for extending default C2 communication channels in Cobalt Strike
A specification/framework for extending default C2 communication channels in Cobalt Strike
A non-commercial wargame site offering pwn challenges related to system exploitation with different difficulty levels.
A non-commercial wargame site offering pwn challenges related to system exploitation with different difficulty levels.
A workshop on hacking Bluetooth Smart locks, covering architecture, vulnerabilities, and exploitation techniques.
A workshop on hacking Bluetooth Smart locks, covering architecture, vulnerabilities, and exploitation techniques.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
An IDAPython script that generates YARA rules for basic blocks of the current function in IDA Pro, with automatic masking of relocation bytes and optional validation against file segments.
An IDAPython script that generates YARA rules for basic blocks of the current function in IDA Pro, with automatic masking of relocation bytes and optional validation against file segments.
Script to find exploits for vulnerable software packages on Linux systems using an exploit database.
Script to find exploits for vulnerable software packages on Linux systems using an exploit database.
Security Operations Tools - FAQ
Common questions about Security Operations tools including selection guides, pricing, and comparisons.
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
