Security Operations
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
Explore 1420 curated cybersecurity tools, with 17,495+ visitors searching for solutions
FEATURED
Cybercrime intelligence tools for searching compromised credentials from infostealers
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
FSF is a modular, recursive file scanning solution that enables analysts to extend the utility of Yara signatures and define actionable intelligence within a file.
FSF is a modular, recursive file scanning solution that enables analysts to extend the utility of Yara signatures and define actionable intelligence within a file.
A comprehensive collection of wordlists for bruteforcing and password cracking, covering various hashing algorithms and sizes.
A comprehensive collection of wordlists for bruteforcing and password cracking, covering various hashing algorithms and sizes.
A pre-indexed Splunk security dataset and CTF platform that provides realistic security data for training, research, and educational purposes for cybersecurity professionals and students.
A pre-indexed Splunk security dataset and CTF platform that provides realistic security data for training, research, and educational purposes for cybersecurity professionals and students.
A blog post about abusing exported functions and exposed DCOM interfaces for pass-thru command execution and lateral movement
A blog post about abusing exported functions and exposed DCOM interfaces for pass-thru command execution and lateral movement
Pentest active directory LAB project for practicing attack techniques.
AWS IR is a Python command line utility for automated incident response and mitigation of instance and key compromises in Amazon Web Services environments.
AWS IR is a Python command line utility for automated incident response and mitigation of instance and key compromises in Amazon Web Services environments.
High interaction honeypot solution for Linux systems with data control and integrity features.
High interaction honeypot solution for Linux systems with data control and integrity features.
A practical guide to enhancing digital investigations with cutting-edge memory forensics techniques, covering fundamental concepts, tools, and techniques for memory forensics.
A practical guide to enhancing digital investigations with cutting-edge memory forensics techniques, covering fundamental concepts, tools, and techniques for memory forensics.
SILENTTRINITY is a Python-based, asynchronous C2 framework that uses .NET scripting languages for post-exploitation activities without relying on PowerShell.
SILENTTRINITY is a Python-based, asynchronous C2 framework that uses .NET scripting languages for post-exploitation activities without relying on PowerShell.
Kippo is a medium interaction SSH honeypot with fake filesystem and session logging capabilities.
Kippo is a medium interaction SSH honeypot with fake filesystem and session logging capabilities.
A command-line tool that fetches known URLs from various sources to identify potential security threats and vulnerabilities.
A command-line tool that fetches known URLs from various sources to identify potential security threats and vulnerabilities.
Companion repository for deploying osquery in a production environment with tailored query packs.
Companion repository for deploying osquery in a production environment with tailored query packs.
CyLR is a Live Response Collection tool for quickly and securely collecting forensic artifacts from hosts with NTFS file systems.
CyLR is a Live Response Collection tool for quickly and securely collecting forensic artifacts from hosts with NTFS file systems.
A cloud-native, event-driven data pipeline toolkit for security teams that processes and routes data across AWS services with custom formatting and API enrichment capabilities.
A cloud-native, event-driven data pipeline toolkit for security teams that processes and routes data across AWS services with custom formatting and API enrichment capabilities.
A guide on using Apache mod_rewrite to strengthen phishing attacks and bypass mobile device restrictions
A guide on using Apache mod_rewrite to strengthen phishing attacks and bypass mobile device restrictions
PhoneyC is a client-side honeypot that emulates vulnerable web browsers to detect and analyze malicious web content and browser-based exploits.
PhoneyC is a client-side honeypot that emulates vulnerable web browsers to detect and analyze malicious web content and browser-based exploits.
A command-line tool that allows SQL queries to be executed directly on PCAP files for network traffic analysis with support for multiple output formats.
A command-line tool that allows SQL queries to be executed directly on PCAP files for network traffic analysis with support for multiple output formats.
A VMware image for penetration testing purposes
A VMware image for penetration testing purposes
A method for log volume reduction without losing analytical capability.
A method for log volume reduction without losing analytical capability.
Cross-platform HTTP honeypot that traps bots with infinite data streams
Cross-platform HTTP honeypot that traps bots with infinite data streams
Visualize and analyze network relationships with AfterGlow
Collection of URLs for vulnerable web applications and systems for cybersecurity practice.
Collection of URLs for vulnerable web applications and systems for cybersecurity practice.
Windows event log fast forensics timeline generator and threat hunting tool.
Windows event log fast forensics timeline generator and threat hunting tool.
Security Operations Tools - FAQ
Common questions about Security Operations tools including selection guides, pricing, and comparisons.
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
