Security Operations
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
Browse 2,055 security operations tools
FEATURED
RELATED TASKS
TCPFLOW is a tool for capturing data transmitted over TCP connections.
TCPFLOW is a tool for capturing data transmitted over TCP connections.
A set of rules for detecting threats in various formats, including Snort, Yara, ClamAV, and HXIOC.
A set of rules for detecting threats in various formats, including Snort, Yara, ClamAV, and HXIOC.
A low interaction honeypot for detecting CVE-2018-0101 vulnerability in Cisco ASA component.
A low interaction honeypot for detecting CVE-2018-0101 vulnerability in Cisco ASA component.
A fake Django admin login screen to detect and notify admins of attempted unauthorized access
A fake Django admin login screen to detect and notify admins of attempted unauthorized access
A powerful tool for analyzing and visualizing system activity timelines.
A powerful tool for analyzing and visualizing system activity timelines.
BeEF is a penetration testing framework that exploits web browsers to assess client-side security vulnerabilities and launch attacks from within the browser context.
BeEF is a penetration testing framework that exploits web browsers to assess client-side security vulnerabilities and launch attacks from within the browser context.
A .NET wrapper for libyara that provides a simplified API for developing tools in C# and PowerShell.
A .NET wrapper for libyara that provides a simplified API for developing tools in C# and PowerShell.
AutoTTP automates complex attack sequences and testing scenarios for regression tests and research using frameworks like Empire, Metasploit, and Cobalt Strike.
AutoTTP automates complex attack sequences and testing scenarios for regression tests and research using frameworks like Empire, Metasploit, and Cobalt Strike.
A digital archive of the internet, allowing users to capture and browse archived web pages.
A digital archive of the internet, allowing users to capture and browse archived web pages.
A collection of public YARA signatures for various malware families.
A collection of public YARA signatures for various malware families.
A Java-based Bluetooth honeypot that captures and analyzes malware and attacks targeting Bluetooth-enabled devices.
A Java-based Bluetooth honeypot that captures and analyzes malware and attacks targeting Bluetooth-enabled devices.
A combination of honeypot, monitoring tool, and alerting system for detecting insecure configurations.
A combination of honeypot, monitoring tool, and alerting system for detecting insecure configurations.
A free online wargame for practicing hacking skills and learning security concepts.
A free online wargame for practicing hacking skills and learning security concepts.
A 32-bit assembler level analyzing debugger for Microsoft Windows.
A 32-bit assembler level analyzing debugger for Microsoft Windows.
FingerprintX is a standalone utility for service discovery on open ports.
FingerprintX is a standalone utility for service discovery on open ports.
A cross-platform post-exploitation HTTP/2 Command & Control framework designed specifically for testing and exploiting containerized environments including Docker and Kubernetes.
A cross-platform post-exploitation HTTP/2 Command & Control framework designed specifically for testing and exploiting containerized environments including Docker and Kubernetes.
A Linux-based environment for penetration testing and vulnerability exploitation
A Linux-based environment for penetration testing and vulnerability exploitation
Tool to identify and understand code-injection vulnerabilities in Windows 7 UAC whitelist system.
Tool to identify and understand code-injection vulnerabilities in Windows 7 UAC whitelist system.
A reference guide listing 44 advanced Google search operators for enhanced search filtering and precision in information gathering activities.
A reference guide listing 44 advanced Google search operators for enhanced search filtering and precision in information gathering activities.
A parsing tool for Yara Scan Service's JSON output file to help maximize benefits and automate parsing of Yara Scan Service results.
A parsing tool for Yara Scan Service's JSON output file to help maximize benefits and automate parsing of Yara Scan Service results.
Code injection library for OS X with cross-architecture support.
Scan files with Yara, match findings to VirusTotal comments.
Scan files with Yara, match findings to VirusTotal comments.
A honeypot daemon project for processing, filtering, and redirecting incoming traffic to a sandbox environment.
A honeypot daemon project for processing, filtering, and redirecting incoming traffic to a sandbox environment.
Highlighter is a FireEye Market app that integrates with FireEye products to provide enhanced cybersecurity capabilities.
Highlighter is a FireEye Market app that integrates with FireEye products to provide enhanced cybersecurity capabilities.
Security Operations Tools - FAQ
Common questions about Security Operations tools including selection guides, pricing, and comparisons.
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
