Security Operations
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
Browse 2,055 security operations tools
FEATURED
RELATED TASKS
A library for accessing and parsing Microsoft Internet Explorer cache files (index.dat) to extract URLs, timestamps, and cached content for digital forensic analysis.
A library for accessing and parsing Microsoft Internet Explorer cache files (index.dat) to extract URLs, timestamps, and cached content for digital forensic analysis.
A crawler-based low-interaction client honeypot for exposing website threats.
A crawler-based low-interaction client honeypot for exposing website threats.
A suite of console tools for working with timestamps in Windows with 100-nanosecond precision.
A suite of console tools for working with timestamps in Windows with 100-nanosecond precision.
A medium-interaction PostgreSQL honeypot with configurable settings
A medium-interaction PostgreSQL honeypot with configurable settings
Incident response and case management solution for efficient incident response and management.
Incident response and case management solution for efficient incident response and management.
dc3dd is a patch to the GNU dd program, tailored for forensic acquisition with features like hashing and file verification.
dc3dd is a patch to the GNU dd program, tailored for forensic acquisition with features like hashing and file verification.
SSHoney is an SSH honeypot for logging SSH connection attempts.
AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.
AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.
A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.
A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.
Network Forensic Analysis Tool for deep network traffic inspection and analysis.
Network Forensic Analysis Tool for deep network traffic inspection and analysis.
A collection of scripts for debugging SSRF, blind XSS, and XXE vulnerabilities
A collection of scripts for debugging SSRF, blind XSS, and XXE vulnerabilities
A tool that reads IP packets from the network or a tcpdump save file and writes an ASCII summary of the packet data.
A tool that reads IP packets from the network or a tcpdump save file and writes an ASCII summary of the packet data.
A program to manage yara ruleset in a database with support for different databases and configuration options.
A program to manage yara ruleset in a database with support for different databases and configuration options.
A tool for restoring defocused and blurred images with various deconvolution techniques and fast processing capabilities.
A tool for restoring defocused and blurred images with various deconvolution techniques and fast processing capabilities.
Web-based tool for incident response with easy local installation using Docker.
Web-based tool for incident response with easy local installation using Docker.
An alternative to the auditd daemon with goals of safety, speed, JSON output, and pluggable pipelines connecting to the Linux kernel via netlink.
An alternative to the auditd daemon with goals of safety, speed, JSON output, and pluggable pipelines connecting to the Linux kernel via netlink.
PEDA is a Python extension for GDB that enhances debugging with colorized displays and specialized commands for exploit development and binary security analysis.
PEDA is a Python extension for GDB that enhances debugging with colorized displays and specialized commands for exploit development and binary security analysis.
A Security Orchestration, Automation and Response (SOAR) platform for incident response and threat hunting.
A Security Orchestration, Automation and Response (SOAR) platform for incident response and threat hunting.
Request Tracker for Incident Response (RTIR) is a tool for incident response teams to manage incident reports, correlate data, and facilitate communication.
Request Tracker for Incident Response (RTIR) is a tool for incident response teams to manage incident reports, correlate data, and facilitate communication.
Solve password-riddles on a website without logins or ads.
An open source honeypot for NoSQL databases with support for Redis and additional features for detecting attackers and logging attack incidents.
An open source honeypot for NoSQL databases with support for Redis and additional features for detecting attackers and logging attack incidents.
A simple maturity model for enterprise detection and response
A simple maturity model for enterprise detection and response
SharpShares efficiently enumerates and maps network shares and resolves names within a domain.
SharpShares efficiently enumerates and maps network shares and resolves names within a domain.
Security Operations Tools - FAQ
Common questions about Security Operations tools including selection guides, pricing, and comparisons.
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
