Security Operations
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
Browse 2,055 security operations tools
FEATURED
RELATED TASKS
Binkit is a binary analysis tool that merged with DarunGrim and incorporates its analysis algorithms, currently in internal testing before official release.
Binkit is a binary analysis tool that merged with DarunGrim and incorporates its analysis algorithms, currently in internal testing before official release.
Create a vulnerable active directory for testing various Active Directory attacks.
Create a vulnerable active directory for testing various Active Directory attacks.
An SDN honeypot tool for detecting and analyzing malicious activities in Software-Defined Networking environments.
An SDN honeypot tool for detecting and analyzing malicious activities in Software-Defined Networking environments.
An open source format for storing digital evidence and data, with a C/C++ library for creating, reading, and manipulating AFF4 images.
An open source format for storing digital evidence and data, with a C/C++ library for creating, reading, and manipulating AFF4 images.
A vulnerable web site in NodeJS for testing security source code analyzers.
A vulnerable web site in NodeJS for testing security source code analyzers.
BinaryAlert is an open-source serverless AWS pipeline that automatically scans files uploaded to S3 buckets with YARA rules and generates immediate alerts when malware is detected.
BinaryAlert is an open-source serverless AWS pipeline that automatically scans files uploaded to S3 buckets with YARA rules and generates immediate alerts when malware is detected.
A script for extracting common Windows artifacts from source images and VSCs with detailed dependencies and usage instructions.
A script for extracting common Windows artifacts from source images and VSCs with detailed dependencies and usage instructions.
An OpenFlow honeypot that detects unused IP addresses and simulates network traffic to attract and analyze potential threats
An OpenFlow honeypot that detects unused IP addresses and simulates network traffic to attract and analyze potential threats
An open source digital forensic tool for processing and analyzing digital evidence with high performance and multiplatform support.
An open source digital forensic tool for processing and analyzing digital evidence with high performance and multiplatform support.
A Python-based forensic tool for extracting and analyzing browser artifacts from Firefox, Iceweasel, and Seamonkey browsers on Unix and Windows systems.
A Python-based forensic tool for extracting and analyzing browser artifacts from Firefox, Iceweasel, and Seamonkey browsers on Unix and Windows systems.
Android Loadable Kernel Modules for reversing and debugging on controlled systems/emulators.
Android Loadable Kernel Modules for reversing and debugging on controlled systems/emulators.
A high-interaction honeypot system supporting the Redis protocol.
A Security Information and Event Management (SIEM) system with a focus on security and minimalism.
A Security Information and Event Management (SIEM) system with a focus on security and minimalism.
HoneyDrive is the premier honeypot Linux distro with over 10 pre-installed honeypot software packages and numerous analysis tools.
HoneyDrive is the premier honeypot Linux distro with over 10 pre-installed honeypot software packages and numerous analysis tools.
A Python-based network hacking toolkit that implements various attack and reconnaissance techniques for educational purposes and network security learning.
A Python-based network hacking toolkit that implements various attack and reconnaissance techniques for educational purposes and network security learning.
A set of commands for exploit developers and reverse-engineers to enhance GDB functionality.
A set of commands for exploit developers and reverse-engineers to enhance GDB functionality.
Curated datasets for developing and testing detections in SIEM installations.
Curated datasets for developing and testing detections in SIEM installations.
Deliberately vulnerable CI/CD environment with 11 challenges to practice security.
Deliberately vulnerable CI/CD environment with 11 challenges to practice security.
Parse YARA rules into a dictionary representation.
A library and tools to access and manipulate VMware Virtual Disk (VMDK) files.
A library and tools to access and manipulate VMware Virtual Disk (VMDK) files.
Dump iOS Frequent Locations from StateModel#.archive files.
Dump iOS Frequent Locations from StateModel#.archive files.
Binary Ninja is an interactive decompiler, disassembler, debugger, and binary analysis platform with a focus on automation and a clean GUI.
Binary Ninja is an interactive decompiler, disassembler, debugger, and binary analysis platform with a focus on automation and a clean GUI.
A honeypot tool to detect and log CVE-2019-19781 scan and exploitation attempts.
A honeypot tool to detect and log CVE-2019-19781 scan and exploitation attempts.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Security Operations Tools - FAQ
Common questions about Security Operations tools including selection guides, pricing, and comparisons.
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
