Security Operations
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
Explore 1420 curated cybersecurity tools, with 17,495+ visitors searching for solutions
FEATURED
Cybercrime intelligence tools for searching compromised credentials from infostealers
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
A yara module for searching strings inside zip files
A yara module for searching strings inside zip files
SHIVA: Spam Honeypot with Intelligent Virtual Analyzer for capturing and analyzing spam data.
SHIVA: Spam Honeypot with Intelligent Virtual Analyzer for capturing and analyzing spam data.
A forensics toolkit for collecting digital evidence from Google Cloud Platform, Microsoft Azure, and Amazon Web Services during incident response investigations.
A forensics toolkit for collecting digital evidence from Google Cloud Platform, Microsoft Azure, and Amazon Web Services during incident response investigations.
A low-interaction honeypot for detecting and analyzing potential attacks on Android devices via ADB over TCP/IP
A low-interaction honeypot for detecting and analyzing potential attacks on Android devices via ADB over TCP/IP
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.
Exploiting simple stack overflow vulnerabilities using return oriented programming (ROP) to defeat data execution prevention - DEP.
Exploiting simple stack overflow vulnerabilities using return oriented programming (ROP) to defeat data execution prevention - DEP.
YARA is a tool for identifying and classifying malware samples based on textual or binary patterns.
YARA is a tool for identifying and classifying malware samples based on textual or binary patterns.
Frontpage of the IO wargame with various versions and connection details.
Frontpage of the IO wargame with various versions and connection details.
Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.
Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.
Docker-based honeypot setup with detailed installation and configuration instructions.
Docker-based honeypot setup with detailed installation and configuration instructions.
Unified repository for Microsoft Sentinel and Microsoft 365 Defender containing security content, detections, queries, playbooks, and resources to secure environments and hunt for threats.
Unified repository for Microsoft Sentinel and Microsoft 365 Defender containing security content, detections, queries, playbooks, and resources to secure environments and hunt for threats.
EvilClippy is a cross-platform tool that creates malicious MS Office documents with hidden VBA macros and evasion techniques for penetration testing and red team operations.
EvilClippy is a cross-platform tool that creates malicious MS Office documents with hidden VBA macros and evasion techniques for penetration testing and red team operations.
A simple Docker-based honeypot to detect port scanning
A honeypot system that simulates RDP services on port 3389, automatically assigns virtual machines to incoming connections, and captures comprehensive forensic data including packet captures and disk images.
A honeypot system that simulates RDP services on port 3389, automatically assigns virtual machines to incoming connections, and captures comprehensive forensic data including packet captures and disk images.
pcapfex is a forensic tool that extracts files from packet capture data by analyzing network traffic and identifying embedded file content.
pcapfex is a forensic tool that extracts files from packet capture data by analyzing network traffic and identifying embedded file content.
Andrew Case's personal page for research, software projects, and speaking events
Andrew Case's personal page for research, software projects, and speaking events
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Abusing SCF files to gather user hashes from an unauthenticated writable Windows-based file share.
Abusing SCF files to gather user hashes from an unauthenticated writable Windows-based file share.
DVTA is a Vulnerable Thick Client Application with various security vulnerabilities.
DVTA is a Vulnerable Thick Client Application with various security vulnerabilities.
Maltego transform pack for analyzing and graphing Honeypots using MySQL data.
Maltego transform pack for analyzing and graphing Honeypots using MySQL data.
Dispatch helps manage security incidents by integrating with existing tools and automating incident response tasks.
Dispatch helps manage security incidents by integrating with existing tools and automating incident response tasks.
IBM QRadar is a SIEM solution for real-time threat detection.
IBM QRadar is a SIEM solution for real-time threat detection.
Customize Empire's GET request URIs, user agent, and headers for evading detection and masquerading as other applications.
Customize Empire's GET request URIs, user agent, and headers for evading detection and masquerading as other applications.
A digital forensics tool that extracts and exports location database contents from iOS and macOS devices in KML or CSV formats.
A digital forensics tool that extracts and exports location database contents from iOS and macOS devices in KML or CSV formats.
Security Operations Tools - FAQ
Common questions about Security Operations tools including selection guides, pricing, and comparisons.
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
