Security Operations
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
Browse 2,055 security operations tools
FEATURED
RELATED TASKS
An open source machine code decompiler that converts binary executables into readable C source code across multiple architectures and file formats.
An open source machine code decompiler that converts binary executables into readable C source code across multiple architectures and file formats.
FLARE-VM is a Windows virtual machine setup tool that automates the installation and configuration of reverse engineering and malware analysis software using Chocolatey and Boxstarter technologies.
FLARE-VM is a Windows virtual machine setup tool that automates the installation and configuration of reverse engineering and malware analysis software using Chocolatey and Boxstarter technologies.
Automatic YARA rule generation for malware repositories.
Automatic YARA rule generation for malware repositories.
PINCE is a front-end/reverse engineering tool for the GNU Project Debugger (GDB), focused on games, with CheatEngine-like value type support and memory searching capabilities.
PINCE is a front-end/reverse engineering tool for the GNU Project Debugger (GDB), focused on games, with CheatEngine-like value type support and memory searching capabilities.
Automatic YARA rule generator based on Koodous reports with limited false positives.
Automatic YARA rule generator based on Koodous reports with limited false positives.
SOARCA is an open-source SOAR platform that automates security incident response workflows using standardized CACAOv2 playbooks and multiple integration interfaces.
SOARCA is an open-source SOAR platform that automates security incident response workflows using standardized CACAOv2 playbooks and multiple integration interfaces.
A Linux process injection tool that uses ptrace() to inject assembly-based shellcode into running processes without NULL byte restrictions.
A Linux process injection tool that uses ptrace() to inject assembly-based shellcode into running processes without NULL byte restrictions.
FeatherDuster is a cryptanalysis tool that automatically identifies and exploits weaknesses in cryptographic systems by analyzing ciphertext files.
FeatherDuster is a cryptanalysis tool that automatically identifies and exploits weaknesses in cryptographic systems by analyzing ciphertext files.
A comprehensive repository of payloads and bypass techniques for web application security testing and penetration testing across multiple platforms and attack vectors.
A comprehensive repository of payloads and bypass techniques for web application security testing and penetration testing across multiple platforms and attack vectors.
A tool for recovering files by scanning block devices and extracting them based on 'magic bytes' in file contents.
A tool for recovering files by scanning block devices and extracting them based on 'magic bytes' in file contents.
XMLStarlet offers a suite of command line utilities for manipulating and querying XML documents.
XMLStarlet offers a suite of command line utilities for manipulating and querying XML documents.
Using Apache mod_rewrite as a redirector to filter C2 traffic for Cobalt Strike servers.
Using Apache mod_rewrite as a redirector to filter C2 traffic for Cobalt Strike servers.
Charlotte is an undetected C++ shellcode launcher for executing shellcode with stealth.
Charlotte is an undetected C++ shellcode launcher for executing shellcode with stealth.
A multiplatform C++ library for capturing, parsing, and crafting network packets with support for various network protocols.
A multiplatform C++ library for capturing, parsing, and crafting network packets with support for various network protocols.
Unified cybersecurity platform with XDR, EDR, PAM, email security, and compliance
Unified cybersecurity platform with XDR, EDR, PAM, email security, and compliance
OneGadget is a CTF-focused tool that uses symbolic execution to find RCE gadgets in binaries that can execute shell commands through execve('/bin/sh', NULL, NULL).
OneGadget is a CTF-focused tool that uses symbolic execution to find RCE gadgets in binaries that can execute shell commands through execve('/bin/sh', NULL, NULL).
A tool that enables Yara rule execution against compressed malware samples, supporting GZip, BZip2, and LZMA formats without manual decompression.
A tool that enables Yara rule execution against compressed malware samples, supporting GZip, BZip2, and LZMA formats without manual decompression.
A Forensic Framework for Skype with various investigative options.
A Forensic Framework for Skype with various investigative options.
Rip web accessible (distributed) version control systems: SVN, GIT, Mercurial/hg, bzr, ...
Rip web accessible (distributed) version control systems: SVN, GIT, Mercurial/hg, bzr, ...
A tool for exploiting HTTP/2 cleartext smuggling vulnerabilities
A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.
A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.
A scalable python framework for security research and development teams.
A scalable python framework for security research and development teams.
Sysreptor offers a customizable reporting solution for offensive security assessments.
Sysreptor offers a customizable reporting solution for offensive security assessments.
A platform offering hacking missions to test and enhance skills.
Security Operations Tools - FAQ
Common questions about Security Operations tools including selection guides, pricing, and comparisons.
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
