Security Operations
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
Explore 1403 curated cybersecurity tools, with 14,626+ visitors searching for solutions
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
A console program for file recovery through data carving.
A console program for file recovery through data carving.
A Python script for scanning data within an IDB using Yara
A Python script for scanning data within an IDB using Yara
Accessing databases stored on a machine by the Chrome browser and dumping URLs found.
Accessing databases stored on a machine by the Chrome browser and dumping URLs found.
Python 3 tool for parsing Yara rules with ongoing development.
Python 3 tool for parsing Yara rules with ongoing development.
cowrie2neo parses Cowrie honeypot logs and imports the data into Neo4j databases for graph-based analysis and visualization of honeypot interactions.
cowrie2neo parses Cowrie honeypot logs and imports the data into Neo4j databases for graph-based analysis and visualization of honeypot interactions.
Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.
Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.
A library of event-based analytics written in EQL to detect adversary behaviors identified in MITRE ATT&CK, providing detection rules for the Elastic Stack.
A library of event-based analytics written in EQL to detect adversary behaviors identified in MITRE ATT&CK, providing detection rules for the Elastic Stack.
A low interaction honeypot to detect CVE-2018-2636 in Oracle Hospitality Applications.
A low interaction honeypot to detect CVE-2018-2636 in Oracle Hospitality Applications.
A process scanning tool that detects and dumps malicious implants, shellcodes, hooks, and memory patches in running processes.
A process scanning tool that detects and dumps malicious implants, shellcodes, hooks, and memory patches in running processes.
A Python utility that identifies and exploits domains vulnerable to AWS name server takeover attacks by detecting misconfigured DNS settings.
A Python utility that identifies and exploits domains vulnerable to AWS name server takeover attacks by detecting misconfigured DNS settings.
Investigate malicious logons by visualizing and analyzing Windows Active Directory event logs with LogonTracer.
Investigate malicious logons by visualizing and analyzing Windows Active Directory event logs with LogonTracer.
A library for read-only access to QEMU Copy-On-Write (QCOW) image files, supporting multiple versions and compression formats for digital forensics analysis.
A library for read-only access to QEMU Copy-On-Write (QCOW) image files, supporting multiple versions and compression formats for digital forensics analysis.
Automated Mac Forensic Triage Collector
A repository of Yara signatures under the GNU-GPLv2 license for the cybersecurity community.
A repository of Yara signatures under the GNU-GPLv2 license for the cybersecurity community.
RetDec is an LLVM-based decompiler that converts machine code from various architectures and file formats back into readable C-like source code for reverse engineering and malware analysis.
RetDec is an LLVM-based decompiler that converts machine code from various architectures and file formats back into readable C-like source code for reverse engineering and malware analysis.
Assembler/disassembler for the dex format used by Dalvik, Android's Java VM implementation.
Assembler/disassembler for the dex format used by Dalvik, Android's Java VM implementation.
A reliable end-to-end DFIR solution for boosting cyber incident response and forensics capacity.
A reliable end-to-end DFIR solution for boosting cyber incident response and forensics capacity.
A fast and flexible HTTP enumerator for content discovery and credential bruteforcing
A fast and flexible HTTP enumerator for content discovery and credential bruteforcing
Check if an IP address was used as a Tor relay on a given date.
Check if an IP address was used as a Tor relay on a given date.
A logging proxy tool created in response to the 'MongoDB Apocalypse', with Docker support.
A logging proxy tool created in response to the 'MongoDB Apocalypse', with Docker support.
Advanced threat prevention and detection platform leveraging Deep CDR, Multiscanning, and Sandbox technologies to protect against data breaches and ransom attacks.
Advanced threat prevention and detection platform leveraging Deep CDR, Multiscanning, and Sandbox technologies to protect against data breaches and ransom attacks.
Serverless, real-time data analysis framework for incident detection and response.
Serverless, real-time data analysis framework for incident detection and response.
A library to access the Expert Witness Compression Format (EWF) for digital forensics and incident response.
A library to access the Expert Witness Compression Format (EWF) for digital forensics and incident response.
A library and tools for accessing and analyzing Linux Logical Volume Manager (LVM) volume system format.
A library and tools for accessing and analyzing Linux Logical Volume Manager (LVM) volume system format.
